Privacy Policy

Last updated: May 26, 2026

We collect no personal data, and we cannot read your secrets or passwords.

Moat ("the App") is a two-factor authenticator built so your data stays on your device and remains unreadable to anyone else — including us. This policy explains, plainly, what happens to your data.

What we don't collect

We do not collect personal information. Specifically, Moat has:

• No analytics or telemetry — there are no analytics SDKs in the app.
• No tracking and no ads — no advertising identifiers, no cross-app tracking, no web beacons.
• No third-party logo fetches — service icons are rendered on your device, so we never learn which accounts you hold.
• No access to your name, contacts, photos, or location.

We do not sell or share your data — there is nothing to sell.

What stays on your device

Your 2FA secrets and any saved passwords are stored in the iOS Keychain, protected by device encryption and excluded from unencrypted backups. They never leave your device in readable form.

Optional account sync & backup

Sync is off by default. If you turn it on, your data is end-to-end encrypted on your device before it is uploaded — our servers only ever store ciphertext they cannot read.

• Encryption uses AES-256-GCM; the key is derived from your recovery key with PBKDF2-SHA256 at 210,000 iterations and random salts.
• Your encryption keys and recovery key remain on your device and are never sent to us.
• Sync uses Firebase Authentication only for an identifier — anonymous by default, which you may optionally upgrade to an email login. If you choose to add an email, it is used solely to identify your encrypted backup.

Subscriptions

Moat offers an optional premium subscription. Payment is handled entirely by Apple through your App Store account — we never see your name, card, or payment details. To unlock premium features we use RevenueCat to verify your subscription status using a random app identifier and the purchase event. No personal information is attached.

Your control

• Export an encrypted backup at any time.
• Delete items — they're held briefly in Recently Deleted, then permanently erased (including the secret key in the Keychain).
• Delete the App to remove all local data from your device.

Children

Moat is not directed at children under 13 and does not knowingly collect any information from them.

Changes

We may update this policy from time to time. Material changes will be reflected here with a new "last updated" date.

Contact

Questions about this policy? Reach us through our support page or the App's App Store listing.