Custos Clavium

Privacy Policy

Effective date: April 23, 2026

Overview

Custos Clavium is designed to minimize data collection and keep sensitive material under user control.

This English version is the controlling version of this Privacy Policy. Any translation is provided for convenience only. In the event of any conflict or inconsistency, the English version prevails.

We do not sell personal information. We do not use advertising SDKs. We do not use third-party analytics or cross-app tracking technologies.

As a general rule, Custos Clavium is designed so that private keys do not leave the NFC card.

For users who do not use passkey features, private keys remain on the card and are not transferred to or stored by the app on the device.

Information We Collect

Custos Clavium does not collect personal information from users except where limited data is needed to provide app functionality described in this policy.

The app may store limited data locally on your device, including:

  • App settings
  • Card fingerprint
  • Slot display order
  • App PIN stored securely in the device Keychain
  • Pending passkey registration or authentication state needed to complete a user-initiated flow
  • Temporary passkey-related key material stored for a limited time in protected device storage as described below

Custos Clavium does not intentionally store private keys, seed phrases, wallet secrets, passwords, OTP secrets, or secure note contents as persistent local backups.

No App Data Collection

Custos Clavium does not collect, receive, or store the content that users keep in the app or on the card.

We do not operate a backend service that receives user vault contents, card contents, passwords, notes, OTP secrets, passkey records, private keys, seed phrases, or similar user data from the app.

Data stored by the user in the app or on the card remains local to the user's device and card, except where limited external communication is required for user-requested features described in this policy, such as blockchain lookups, website favicon retrieval from a user-provided URL, passkey flow bridging on iOS, and App Store subscription handling by Apple.

Custos Clavium does not use third-party analytics, advertising SDKs, profiling systems, or telemetry services to collect information about how a particular user uses the app.

Card-Based Storage and Operations

Custos Clavium works with a compatible NFC card that contains the required Custos Clavium applet.

The app can read, create, update, and delete records stored on the card, including wallet records, password records, notes, OTP records, and passkey records.

The app can also perform card-based operations such as key management, public key export, transaction signing, and other NFC-dependent workflows that require card presence.

As a general rule, secret key material remains on the NFC card.

Passkeys

General rule with a narrow iOS exception Private keys are designed to stay on the card. Passkey flows on iOS require a limited temporary bridge between the app and the extension because the extension cannot access NFC directly.

For passkey registration and authentication, Custos Clavium is designed so that the master key material remains associated with the NFC card and is not stored by the app as a persistent local backup.

However, when a user uses passkey features on iOS, a site-specific passkey key may be deterministically derived from master key material associated with the card and temporarily transferred to the app for the sole purpose of completing the user-initiated passkey flow.

This is necessary because iOS extensions do not have direct access to NFC. To bridge communication between the main app and the extension, Custos Clavium may temporarily store site-specific passkey material in the device Keychain or related protected app storage for a limited period.

This temporary material is intended only for short-lived use, is protected using platform security mechanisms, and is deleted after use or expiration. Nevertheless, it may remain stored on the device for a limited time while the passkey flow is in progress.

Passkey records stored on the card may also contain associated metadata such as relying party identifiers, usernames, credential identifiers, and key-slot references.

Internet and Network Requests

When internet access is enabled by the user, Custos Clavium may send requests to third-party services used by the current version of the app to provide blockchain-related functionality requested by the user, such as balance lookup, transaction history, fee estimation, token balance retrieval, and transaction broadcasting.

The current version of the app may contact the following fixed third-party service domains:

  • api.trongrid.io
  • nile.trongrid.io
  • mempool.space
  • blockstream.info
  • eth.blockscout.com
  • eth-sepolia.blockscout.com
  • eth.llamarpc.com
  • ethereum.publicnode.com
  • rpc.ankr.com
  • cloudflare-eth.com
  • ethereum-sepolia-rpc.publicnode.com
  • rpc2.sepolia.org

These requests may expose public blockchain information such as wallet addresses, transaction identifiers, or other public network data needed to provide the requested feature.

In addition, if the user enters a website address or URL in the app, the app may send a request to that address, domain, or related public resource URL in order to retrieve a favicon, metadata, or similar public asset for display. Such requests are initiated only as part of user-facing functionality and depend on the address or URL provided by the user.

Data Sharing

We do not sell or rent user data.

We do not share user data with advertisers.

When internet-based features are used, limited data may be transmitted to external infrastructure providers only to perform the user-requested function.

Subscriptions

Subscription purchases, subscription restoration, and subscription status checks are handled through Apple's StoreKit and App Store systems.

Custos Clavium does not operate its own subscription backend and does not receive in-app vault contents, card contents, or similar user-stored secrets as part of subscription handling.

Apple may provide the developer with subscription-related reporting, status, and financial information through Apple's platforms.

Data Security

Custos Clavium uses platform security features, protected local storage, and secure communication with the NFC card where supported.

Temporary passkey-related material stored on the device is intended to be short-lived and protected by platform security mechanisms such as the iOS Keychain and protected app storage.

No method of electronic storage, transmission, or processing can be guaranteed to be completely secure, and we cannot guarantee absolute security.

Your Choices

  • Use the app without enabling internet-based features
  • Use the app without using passkey features
  • Remove local app data by deleting the app
  • Control local app protection features such as App PIN and biometric access

Children's Privacy

Custos Clavium is not directed to children under 13, and we do not knowingly collect personal information from children under 13.

If we become aware that we have inadvertently collected personal information from a child under 13, we will take steps to delete such information.

Changes to This Policy

We may update this Privacy Policy from time to time. Updates will be reflected on this page with a revised effective date.

Contact Information

If you have any questions or concerns about this Privacy Policy or the Custos Clavium app, you can contact us at https://clavium.the495.workers.dev/Contact.html.