Bastique

Privacy Policy

A product of Eventum Digital Agency · Last updated: 2026-07-01

Bastique is built around a simple, unyielding promise: your secrets stay yours. There is no telemetry, no tracking, and no hidden databases. We believe that true security is only possible when you, and only you, have absolute custody over your keys and secrets.

1. Data Collection

We collect absolutely nothing. Bastique requires no online accounts, no registration, and no emails. We do not integrate any tracking, usage diagnostics, or analytics SDKs. The developers never see, receive, store, or have any access to your passwords, credit cards, files, or master password.

2. Where Your Data Lives

All of your data is stored only on your local device inside an encrypted database. It is protected by military-grade XChaCha20-Poly1305 authenticated encryption and Argon2id key derivation using your master password. Without your master password, your saved secrets are just meaningless, unbreakable digital noise. Your master password and recovery key are never stored on disk and never leave your mind and physical paper.

3. Cloud synchronization & Relaying (Sync & Share)

When you explicitly opt-in to use Sync or Share features, Bastique utilizes secure cloud-based relays to transfer E2E encrypted packages:

The developers do not hold the keys to decrypt these transmissions. All syncing and sharing payloads are 100% zero-knowledge on the server side.

4. Network Use & k-Anonymity Privacy

Bastique runs fully offline and makes no outbound connections by default. The only network connections made by the app are triggered manually and explicitly by your actions:

5. Encrypted Local Attachments

Any PDF, scan, image, or document you attach to your vault entries is encrypted with its own dedicated Data Encryption Key (DEK) and saved locally. When viewed, attachments are temporarily decrypted into a secure temporary directory. On closing the document or once the safety timer (TTL) expires, the app executes a complete cryptographic overwrite (secure wipe) of the decrypted file bytes on disk, preventing recovery by forensics software.

6. Third Parties

There are no third-party advertisements or trackers in the application. The optional breach checking feature queries the HaveIBeenPwned range API, which operates under its own strict privacy protocols (HaveIBeenPwned Privacy).

7. Your Control & Deletion

You are in absolute control of your data. You can delete entries, clear your database, export fully encrypted backups, or delete the app entirely at any moment. Deleting Bastique from your device instantly and permanently destroys its local encrypted storage.

8. Contact & Legal Owner

Bastique is owned and developed by Eventum Digital Agency.
For any privacy-related inquiries, please contact us at Bastique@eventumdigital.com.
Official Website: Bastique.eventumdigital.com