COMMUNICATION

Mail

Email chiffré

Calendrier

Calendrier privé

Contacts

Carnet d'adresses

Messenger

Chat sécurisé

ESPACE DE TRAVAIL

Docs

Documents

Sheets

Tableurs

Slides

Présentations

FICHIERS & VIE PRIVÉE

Drive

Cloud sécurisé

VPN

Réseau privé

Pass

Gestionnaire de mots de passe

Pour les particuliers

InfoPeak Personal

Pour les équipes

InfoPeak Professional
Privacy Policy

Your data. No one else's.

We built InfoPeak so that your digital life stays exactly that — yours. This page explains what we collect, what we don't, and how we keep it that way.

Last updated: March 2026  ·  Applies to infopeak.io and the InfoPeak Pass browser extension

No Ads. Ever.

We don't track you to sell advertising. You are our member, not a product.

No AI Training.

Your private files, messages, and passwords are never used to train algorithms or AI models.

EU Hosting Only.

Your data lives exclusively on servers in the EU, protected by GDPR — the world's strongest privacy law.

01 Our Philosophy

InfoPeak is built on the belief that a digital service should work for you, not harvest data from you. We practice what we call digital sovereignty — you own your data, you control access to it, and you can take it with you at any time.

Our encryption architecture is zero-knowledge: your master password is never sent to our servers. Every document, file, and saved password is encrypted on your device before it leaves it. Personal emails on @myipk.com are zero-knowledge encrypted — we cannot read them even if compelled. This is not a marketing claim — it is a technical constraint baked into the architecture.

Exception — team custom domain mailboxes: Professional and Business customers who connect their own domain (e.g. @yourdomain.com) receive server-provisioned mailboxes. The credentials for these mailboxes are encrypted at rest using AES-256, but are not zero-knowledge — InfoPeak generates and can access the mailbox password in order to provision the account and deliver background mail sync. If this distinction matters to you, use your personal @myipk.com address for sensitive correspondence.

02 What We Collect

Account information

Your name, email address, and username. Used to identify and manage your account.

Encrypted content

The ciphertext of your files, documents, calendar events, contacts, passwords, and personal emails. We store this, but we cannot read it — your keys never leave your device. Team custom domain mailboxes are encrypted at rest but not zero-knowledge (see architecture note above).

Technical logs

IP addresses and request timestamps, used solely to detect abuse and protect your account. Logs are retained for 30 days.

Payment data

Processed entirely by our payment provider. We never touch or store your full card details.

03 InfoPeak Pass — Browser Extension

The InfoPeak Pass browser extension is available for Chrome, Edge, and Firefox. It uses the same zero-knowledge encryption as the web app: your passwords are encrypted on your device and never readable by us.

What the extension reads

The extension detects login forms on pages you visit in order to offer auto-fill. It reads only the page structure (input field types) — it does not read, store, or transmit page content, browsing history, or form values to our servers.

Authentication

The extension authenticates using a short-lived bearer token (15 minutes) issued when you visit infopeak.io while logged in. This token is stored only in browser session memory and is cleared when the browser closes.

Local storage

The extension stores your decrypted vault data only in chrome.storage.session — memory that is cleared every time the browser closes. Nothing is written to persistent disk storage.

Permissions used

storage session memory · activeTab fill credentials in current tab · scripting inject fill code · alarms periodic cleanup · clipboardWrite copy passwords · tabs open infopeak.io for re-authentication

04 Where Your Data Lives

All data is stored exclusively on servers located within the European Union. We do not transfer your data to third countries. By operating within the EU, every aspect of our data handling is governed by the GDPR.

InfoPeak Enclave (Business)

Business members receive an isolated cloud environment — your organisation's data is physically separated from other tenants and fully exempt from any AI-driven data processing.

05 Your Rights

As the owner of your digital life, you have the following rights under GDPR:

  • Access — Request a full export of all data associated with your account.
  • Correction — Request corrections to your personal information at any time.
  • Deletion — Permanently delete your account and all associated data. When you delete something at InfoPeak, it stays deleted — we run no "soft delete" backups visible to us.
  • Portability — Download your data in an open, portable format at any time.
  • Objection — Object to any processing of your data beyond what is strictly necessary to deliver the service.

06 Cookies

We use a single session cookie to keep you logged in. We do not use tracking cookies, advertising cookies, or third-party analytics. The only third-party requests on infopeak.io are Google Fonts (loaded from your browser) and favicon images loaded client-side by the Pass extension for display purposes.

07 Contact

Questions about this policy or requests to exercise your rights can be sent to:

support@infopeak.io

We aim to respond within 48 hours. For formal GDPR requests, we will respond within 30 days as required by law.