Privacy Policy

Last updated: March 24, 2026

1. Who we are

KeyReaper is operated by Side By Tech ("we", "us", "our"). We provide a secret rotation and management tool that works on top of AWS Secrets Manager. Our website is keyreaper.cloud and you can reach us at support@keyreaper.cloud.

2. What we collect

We collect only what is necessary to provide the service:

  • Account information: email address, authentication credentials (managed by AWS Cognito)
  • Secret metadata: secret names, provider types, environments, rotation schedules, and audit logs
  • Usage data: actions performed in the dashboard (rotations, rollbacks, configuration changes)
  • Payment information: processed by Stripe. We do not store credit card numbers.

3. What we do NOT collect or store

  • We do not store your secret values in plaintext
  • We do not log secret values in application logs or error responses
  • We do not share your data with third parties for advertising or marketing
  • We do not sell your data

4. How we use your data

We use your data to provide the KeyReaper service: authenticating your account, managing secret operations, maintaining audit trails, enforcing plan limits, and processing payments. We may also use aggregated, anonymized usage data to improve the product.

5. Data storage and security

Your secrets are stored in AWS Secrets Manager within your AWS environment. KeyReaper application data (metadata, audit logs, account information) is stored in encrypted databases. All data is transmitted over TLS. Authentication is handled by AWS Cognito. See our Security page for more details.

6. Third-party services

We use the following third-party services:

  • AWS (Cognito, Secrets Manager, CloudFront, S3) — infrastructure and authentication
  • Stripe — payment processing

7. Data retention

We retain your account data and audit logs for as long as your account is active. If you cancel your account, we will delete your data within 30 days of cancellation, except where we are required by law to retain it.

8. Your rights

You can request access to, correction of, or deletion of your personal data at any time by emailing support@keyreaper.cloud. We will respond within 30 days.

9. Changes to this policy

We may update this privacy policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date.

10. Contact

If you have questions about this privacy policy or how we handle your data, contact us at support@keyreaper.cloud.