Sovereign Agreement

1. Acceptance of Sovereign Bounds

By creating a client database instance and initializing a PassCrypt vault, you agree to enter into this Sovereign Agreement. This contract bounds both parties to strict zero-knowledge security structures. If you disagree with these security invariants, you must not initialize a vault.

2. The Master Password Invariant

Because PassCrypt employs local Argon2id key derivation, we hold no registry of your raw Master Password. There is no reset mechanism, override tool, or recovery flow. You are exclusively responsible for preserving your Master Password. We are mathematically incapable of restoring access to your vault if you lose this key.

3. Acceptable Hashing and Usage Limits

You agree not to utilize PassCrypt vaults to store or distribute links, secrets, or assets that violate Indian Cyber Security regulations. You may not deploy automated brute-forcing queries against our authentication API gates.

4. Subscription, UPI Billing and Cancellations

Access to the Sovereign and Federated levels requires subscription tokens billed in Indian Rupees (₹).

• Billing renewals occur automatically every 30 days for monthly tiers, or 365 days for annual packages.
• UPI payments via Razorpay require active authorization. You can terminate recurring mandates through your banking application or directly inside your PassCrypt settings page.
• Cancellations apply at the termination of the current active cycle. No partial cycle refunds are granted.

5. Total Limitation of Liability

PassCrypt provides key isolation software on an "as-is" basis. We hold no liability for data loss, corrupted hardware registers, or access locks resulting from Master Password loss, browser state corruption, or cryptographic salt changes initiated by the client.