Terms of Service

Last updated: 16 March 2026

1. Agreement to Terms

These Terms of Service ("Terms") constitute a legally binding agreement between you and Logical Llama Limited (Company Registration Number: 16803899), trading as keyhold.io ("Company", "we", "us", or "our"), concerning your access to and use of the keyhold.io platform.

By accessing or using our service, you agree to be bound by these Terms. If you disagree with any part of the Terms, you may not access the service.

2. Description of Service

keyhold.io provides a secret management platform that enables organisations to securely store, share, and manage sensitive credentials and secrets. Our service uses a split-key encryption architecture where decryption requires cooperation between our servers and the user's device.

The service includes:

  • Encrypted storage of secret values (passwords, API keys, credentials, etc.)
  • Encrypted file attachments on secrets
  • Secret request and external submission functionality
  • Batch secret collection from multiple external parties
  • Third-party webhook integrations for event notifications
  • Team collaboration with role-based access control
  • Comprehensive audit logging

The service is provided on a subscription basis. Features and pricing are as described on our website and may be updated from time to time.

3. Encryption Scope and Data Access

Important: What is and isn't encrypted

Our zero-knowledge encryption applies only to secret values and file contents (such as passwords, API keys, credential content, and attached files). Other information stored in your account is accessible to us and is not subject to zero-knowledge encryption.

Encrypted with zero-knowledge (we cannot access):

  • Secret values and credential content
  • File attachment contents
  • Any sensitive data you enter into encrypted secret fields

Not encrypted / accessible to us:

  • Account information (email addresses, names, profile data)
  • Organisational structure (client names, project names, secret names/labels)
  • File metadata (file names, sizes, MIME types)
  • Metadata (timestamps, user associations, access patterns)
  • Audit logs and activity records
  • Billing and subscription information
  • Secret request details (requester email, request messages)
  • Integration configuration (webhook URLs, event subscriptions)

This data is necessary for us to provide the service, maintain security, comply with legal obligations, and offer customer support. We handle all data in accordance with our Privacy Policy.

4. Account Registration

To use the service, you must create an account. You agree to:

  • Provide accurate, current, and complete information
  • Maintain and promptly update your account information
  • Maintain the security of your account credentials and private keys
  • Accept responsibility for all activities that occur under your account
  • Notify us immediately of any unauthorised access

You must be at least 18 years old to create an account. By using the service, you represent that you meet this requirement.

5. Key Management and Recovery

Critical: Private Key Responsibility

Your private cryptographic key is generated and stored on your device. We do not have access to your private key. If you lose both your private key and your keyhold.io Secret Key, we cannot recover your encrypted secrets. You are solely responsible for maintaining secure backup of your keyhold.io Secret Key.

Account Recovery: Privileged users within your organisation may be able to restore another member's access to secrets in the event that member loses their credentials. However:

  • Recovery requires action by a privileged user in your organisation
  • If no privileged users exist or are available, recovery may not be possible
  • We cannot unilaterally recover access to your encrypted data
  • You remain responsible for the security of your credentials

6. External Submissions

The service allows you to request secrets from external parties who do not have accounts on our platform. When using this functionality:

  • You are responsible for ensuring you have appropriate authorisation to request credentials from external parties
  • External submitters are bound by our submission terms at the time of submission
  • We do not verify the accuracy, validity, or authenticity of externally submitted secrets
  • You are responsible for validating any credentials received through external submissions
  • External submitters may delete their submitted secrets at any time via their confirmation link

Batch Submissions: The service supports collecting secrets from multiple external parties simultaneously. The same terms apply to batch submissions, and you are responsible for managing the distribution of submission links.

7. File Attachments

The service allows file attachments on secrets, subject to the following:

  • File contents are encrypted using the same zero-knowledge architecture as secret values
  • File size and storage limits apply as specified in your subscription plan
  • You are responsible for ensuring uploaded files do not contain malware or malicious content
  • You must have the legal right to store and share any files you upload
  • We do not scan, inspect, or analyse encrypted file contents

We reserve the right to remove files that violate these Terms or applicable law, to the extent we become aware of such violations.

8. Third-Party Integrations

The service supports webhook integrations with third-party platforms including Microsoft Teams, Slack, and Google Chat. When using integrations:

  • You are responsible for configuring integrations correctly and securely
  • Webhook URLs are stored encrypted, but event notifications are sent to your configured endpoints
  • Event notifications contain metadata about actions (e.g., "secret created", "user invited") but never contain decrypted secret values
  • We are not responsible for the availability, security, or data handling practices of third-party platforms
  • Integration failures due to third-party platform outages or configuration errors do not affect the core functionality of the service
  • You must comply with the terms of service of any third-party platforms you integrate with

Disclaimer: We provide integrations on an "as is" basis. We do not guarantee delivery of webhook notifications and are not liable for any consequences arising from failed, delayed, or missed notifications.

9. Acceptable Use

You agree not to use the service to:

  • Store, transmit, or distribute illegal content
  • Store credentials you are not authorised to possess
  • Violate any applicable laws or regulations
  • Infringe upon the intellectual property rights of others
  • Attempt to gain unauthorised access to our systems
  • Interfere with or disrupt the service or servers
  • Reverse engineer or decompile the software
  • Use the service for any unlawful purpose
  • Circumvent any rate limits or quotas
  • Share account credentials with unauthorised individuals

10. Subscription and Payment

The service is provided on a subscription basis. By subscribing, you agree to pay all fees associated with your chosen plan. Subscriptions renew automatically unless cancelled before the renewal date.

  • All fees are quoted in GBP
  • You authorise us to charge your payment method for recurring fees
  • Price changes will be notified at least 30 days in advance
  • Refunds are provided at our discretion and in accordance with applicable law

Quotas and Limits: Your subscription includes specific quotas for members, clients, projects, secrets, storage, and integrations. Exceeding these limits may require an upgrade or limit increase request.

11. Fair Usage and Intended Purpose

keyhold.io is designed and intended as a credential and secret management platform. The service is purpose-built for securely storing, sharing, and managing sensitive credentials such as passwords, API keys, certificates, and related files that support credential workflows.

Intended Use: The service is not intended to function as a general-purpose file storage or document management system. Using keyhold.io as an alternative to cloud storage services (such as Google Drive, Dropbox, or similar) is outside the intended scope of the platform.

Resource Limits and Pricing: Your subscription includes soft limits on storage, secrets, and other resources. If your Hold requests a significant increase to these soft limits beyond what is typical for your subscription tier, we reserve the right to negotiate adjusted pricing that reflects your usage. If you decline all reasonable pricing adjustments, we reserve the right to decline further increases to your soft limits.

Exceptional Circumstances: These provisions are intended for exceptional circumstances only. Before exercising any rights under this section, we will:

  • Contact you to discuss your usage patterns
  • Assist you in managing and reducing your usage where appropriate (for example, identifying and clearing unused data)
  • Provide reasonable time and guidance to bring your usage in line with the intended purpose of the service

Suspension Rights: If, after our good-faith efforts to assist you, your usage remains materially inconsistent with the intended purpose of the service, we reserve the right to suspend your access to the service. Any such suspension will be communicated with reasonable notice and an explanation of the reasons.

12. Service Availability

We strive to maintain high availability but do not guarantee uninterrupted access to the service. We may:

  • Perform scheduled maintenance with reasonable advance notice
  • Suspend the service temporarily for emergency maintenance
  • Modify or discontinue features with reasonable notice
  • Experience outages due to factors beyond our control

13. Intellectual Property

The service, including its original content, features, and functionality, is owned by Logical Llama Limited and is protected by copyright, trademark, and other intellectual property laws.

You retain ownership of any content you store in the service. By using the service, you grant us a limited licence to process your content solely for the purpose of providing the service.

14. Limitation of Liability

To the maximum extent permitted by law:

  • The service is provided "as is" without warranties of any kind
  • We do not warrant that the service will be error-free or uninterrupted
  • We shall not be liable for any indirect, incidental, special, or consequential damages
  • Our total liability shall not exceed the amount paid by you in the 12 months preceding the claim

Specific Disclaimers: Without limiting the foregoing, we are not liable for:

  • Loss of data due to loss of your private key, password, or keyhold.io Secret Key
  • Inaccurate, invalid, or fraudulent credentials submitted by external parties
  • Security breaches resulting from your failure to maintain credential security
  • Failed, delayed, or missed webhook notifications to third-party platforms
  • Actions taken by third-party platforms based on webhook data
  • Outages or issues with third-party services (AWS, Stripe, integration platforms, etc.)
  • Consequences arising from secrets being revealed to authorised users
  • Business losses resulting from expired or deleted secrets

Nothing in these Terms excludes or limits our liability for death or personal injury caused by negligence, fraud, or any other liability that cannot be excluded by law.

15. Indemnification

You agree to indemnify and hold harmless Logical Llama Limited, its officers, directors, employees, and agents from any claims, damages, losses, or expenses (including reasonable legal fees) arising from:

  • Your use of the service
  • Your violation of these Terms
  • Your violation of any third-party rights
  • Content you store or transmit through the service
  • Your configuration and use of third-party integrations
  • Claims by external parties regarding secrets you requested from them

16. Termination

We may terminate or suspend your account immediately, without prior notice, for conduct that we believe:

  • Violates these Terms
  • Is harmful to other users or third parties
  • Is fraudulent or illegal
  • Negatively impacts the service for other customers

Upon termination, your right to use the service will immediately cease. You may request export of your data before termination, subject to our ability to decrypt such data (which requires your cooperation and valid credentials).

17. Data Deletion and Retention

For your benefit and protection, when you delete records within the application (such as clients, projects, or secrets), we may retain this data in a soft-deleted state for up to 90 days. During this period, the data remains inaccessible through normal use of the service but may be recoverable in the event of accidental deletion.

After 90 days, soft-deleted records are automatically and permanently deleted from our systems, including:

  • Encrypted secret values and file contents
  • Associated encryption key material
  • File storage objects

If you require immediate permanent deletion of any data before the 90-day retention period expires, please and we will process your request.

18. Governing Law

These Terms shall be governed by and construed in accordance with the laws of England and Wales. Any disputes arising from these Terms shall be subject to the exclusive jurisdiction of the courts of England and Wales.

19. Changes to Terms

We reserve the right to modify these Terms at any time. We will provide notice of material changes at least 30 days before they take effect. Your continued use of the service after such modifications constitutes acceptance of the updated Terms.

20. Contact Us

If you have any questions about these Terms, please .