Regardless of your answer I think these questions make it clear that you should definitely consider adding some more detailed explanations to your website about how exactly your product works. Especially for a security related product this is pretty important.
I say this as someone who is very interested in paying someone to solve this problem for me.
We actually have a security FAQ up here: https://www.meldium.com/security. The link is currently buried in our TOS, thanks for pointing out that we need to give it more exposure! We're definitely open to feedback as to what's not adequately covered.
It also means employees at Meldium, Heroku, and AWS (and someone who can compromise the security of any of these) has access to your passwords.
It's probably a reasonable trade for a lot of services -- I'd probably use it for an analytics dashboard, etc., but probably not for admin interfaces to do stuff to customer data (which you presumably could set up with individual user accounts and group/role management, anyway). This seems to be aimed at the ~bunch of low security passwords which are either the same across your whole business, or stored in a google docs spreadsheet now, not the most important credentials for your users.
I'm going to take that as a yes. Given all the recent hackings of Google, Apple and Zendesk, I don't think I would feel comfortable storing all my passwords unencrypted with anyone.
