Plain language summary: ProtectHQ uses zero-knowledge encryption — we cannot read your passwords or vault data. Your data is stored exclusively on Canadian servers. We do not sell your data, share it with advertisers, or use it for any purpose other than operating the service. Our Privacy Officer is Gilled Bourchard-Lafleur (privacy@protecthq.ca). Quebec residents may also escalate concerns to the CAI at www.cai.quebec.
1. Who we are
ProtectHQ is a Canadian zero-knowledge password manager operated by ProtectHQ Inc. (Corporation No. 1782225-1) ("ProtectHQ", "we", "us", "our"), based in Canada. Our service is available at protecthq.ca and app.protecthq.ca.
For privacy inquiries, contact us at: privacy@protecthq.ca
2. Our zero-knowledge architecture
ProtectHQ is built on a zero-knowledge architecture. All cryptography runs locally in your browser before any data leaves your device. This means:
- Your master password is never transmitted to our servers — it exists only on your device. We use Argon2id for secure key derivation
- Your vault data is encrypted on your device using AES-256-GCM encryption before it is sent to our servers
- We store only encrypted ciphertext — we have no technical ability to read your passwords, vault items, or identity profile
- Your Secret Key never leaves your device and is never stored on our servers
- Even in the event of a server breach, your vault data remains protected by your encryption keys
This is not a policy choice — it is a technical guarantee built into the architecture of the product.
3. Information we collect
3.1 Account information
When you create an account, we collect:
- Your email address
- A cryptographic hash derived from your authentication key (not your password)
- Your encrypted vault key (we cannot decrypt this without your master password)
- Account creation timestamp
3.2 Vault data
All vault data is encrypted on your device before being transmitted to our servers. We store only encrypted ciphertext and initialization vectors. We cannot access, read, or decrypt your vault data. Furthermore, even item metadata (such as names, titles, and categories) is strictly encrypted client-side inside the blob and is never visible to the server.
3.3 Usage data
We collect minimal usage data necessary to operate the service:
- Server access logs (IP address, timestamp, request path) — retained for 30 days
- Error logs for debugging — retained for 14 days, never contain vault contents
- Waitlist email addresses if you sign up for early access
No third-party tracking or resources: We do not load any third-party resources (such as Google Fonts, external CDNs, or third-party analytics scripts) on any of our pages. This ensures no usage data leaks to external parties.
3.4 Chrome extension
The ProtectHQ Chrome extension:
- Does not track your browsing history
- Does not collect data about websites you visit beyond what is necessary to detect login forms
- Does not share any data with third parties
- Stores your session token locally in Chrome's session storage
3.5 Have I Been Pwned breach monitoring
When you use our breach monitoring feature to check passwords, we use a k-anonymity technique — only the first 5 characters of a SHA-1 hash of your password are sent to the HaveIBeenPwned API. Your actual password is never transmitted.
When you check your email for breaches, only the email address is sent to our server, which securely proxies the request to HaveIBeenPwned using a server-side API key. The email is never logged or stored by ProtectHQ during this process.
3.6 Chrome Web Store — Limited Use disclosure
ProtectHQ's handling of user data obtained through the ProtectHQ Chrome extension adheres to the Chrome Web Store User Data Policy, including the Limited Use requirements. In particular:
- Allowed use. We use user data only to provide and improve user-facing features of the ProtectHQ password manager and its Chrome extension (credential storage, autofill, breach monitoring, and related security features).
- Allowed transfer. We do not transfer user data to any other app, party, or third party, except as necessary to provide or improve user-facing features; to comply with applicable laws; or as part of a merger, acquisition, or sale of assets with notice to users.
- No advertising use. We do not use or transfer user data to serve advertisements, including personalized or retargeted advertisements.
- No creditworthiness use. We do not use or transfer user data to determine creditworthiness or for lending purposes.
- No human access. We do not allow humans to read user data, except: with the user's affirmative consent for specific messages; where necessary for security purposes (such as investigating abuse or a security incident); to comply with applicable laws; or for internal operations where the data has been aggregated and anonymized.
4. Canadian data residency
All ProtectHQ user data is stored exclusively on servers located in Canada:
| Service | Provider | Location |
|---|
| Application servers | Amazon Web Services | ca-central-1 (Montréal, QC) |
| Database | Amazon RDS | ca-central-1 (Montréal, QC) |
| CDN / Frontend | Amazon CloudFront | ca-central-1 origin |
| Landing page | Netlify | Global CDN (no user data) |
Your data is subject to Canadian law — including PIPEDA and Quebec Law 25. We contractually guarantee your data never crosses the Canadian border.
5. How we use your information
We use your information only to:
- Provide and maintain the ProtectHQ service
- Analyze aggregated, non-identifiable usage patterns to improve reliability and performance of the service
- Authenticate your identity when you log in
- Store and sync your encrypted vault data
- Send transactional emails (account creation, security alerts)
- Comply with legal obligations
We never use your data for advertising, profiling, or sale to third parties.
6. Information sharing
We do not sell, rent, or share your personal information with third parties, except as described below:
| Processor | Purpose | Data shared |
|---|
| AWS Canada Central | Infrastructure hosting | Encrypted vault data, account metadata |
| Stripe | Payment processing | Email address, billing metadata |
| HaveIBeenPwned | Breach monitoring | Anonymized 5-character password hashes only |
| Netlify | Landing page DNS/CDN | IP addresses for routing only (no user account data) |
We may also disclose personal information if required by Canadian law or valid legal process.
7. Your rights under Canadian law
Under PIPEDA and Quebec Law 25, you have the right to:
- Access — request a copy of the personal information we hold about you
- Correction — request correction of inaccurate personal information
- Deletion — request deletion of your account and all associated data
- Portability — export your vault data at any time from the app settings
- Withdraw consent — you may withdraw consent to marketing communications at any time through your account settings or by contacting us. Withdrawal does not affect the lawfulness of processing prior to withdrawal.
To exercise any of these rights, contact our Privacy Officer at privacy@protecthq.ca. We will respond within 30 days.
If you are not satisfied with our response, you may file a complaint with:
- Office of the Privacy Commissioner of Canada (OPC): www.priv.gc.ca
- Commission d'accès à l'information du Québec (CAI): www.cai.quebec (for Quebec residents)
8. Data retention
We retain your personal information only as long as necessary to provide the service:
- Account data — retained for the duration of your account. Upon deletion, all account data is purged within 30 days.
- Encrypted vault data — deleted immediately and irrecoverably upon account deletion. Due to zero-knowledge architecture, we cannot recover deleted vault data.
- Server access logs — retained for 30 days, then automatically purged.
- Error logs — retained for 14 days, then automatically purged.
- Consent records — retained for 7 years to meet legal accountability obligations under PIPEDA and Law 25.
9. Privacy Officer
ProtectHQ has designated a Privacy Officer responsible for overseeing compliance with PIPEDA and Quebec Law 25.
- Privacy Officer: Gilled Bourchard-Lafleur, Founder
- Contact: privacy@protecthq.ca
- Response time: Within 30 days of receiving a request
10. Contact us
For privacy inquiries, to exercise your rights, or to file a complaint:
We are committed to resolving privacy concerns promptly. If you are not satisfied with our response, you may complain to the Office of the Privacy Commissioner of Canada.