Privacy Policy

Last updated: 26 July 2023

Thank you for choosing to use Vaultree and great to e-meet you ☺ Vaultree is owned and operated by Vaultree Ltd. having a registered business address at 12 South Mall, Centre, Cork, County Cork, T12 RD43, Ireland, and the company registration number 679570 (“we", “us”, and "our"). We are committed to protecting your personal information and your right to privacy. If you have any questions or concerns about this privacy policy or our practices with regards to your personal information, please contact us by using the contact details available at the end of the privacy policy. 

When you use this website or any of our related services (collectively, the "Services"), we collect certain personal information from you. But you can relax: We take your privacy very seriously! In this privacy policy, we seek to explain to you in the clearest way possible what information we collect, how we use it and what rights you have in relation to it. We hope you take some time to read through it carefully, as it is important. If there are any terms in this privacy policy that you do not agree with, please discontinue your use of our Services immediately. 

This privacy policy applies to all information collected through our Services, as well as any related services, sales, marketing or events. 

TABLE OF CONTENTS 

1. WHAT INFORMATION DO WE COLLECT? 
2. WILL YOUR INFORMATION BE SHARED WITH ANYONE? 
3. DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES? 
4. HOW DO WE HANDLE YOUR SOCIAL LOGINS? 
5. IS YOUR INFORMATION TRANSFERRED INTERNATIONALLY? 
6. HOW LONG DO WE KEEP YOUR INFORMATION? 
7. DO WE COLLECT INFORMATION FROM MINORS? 
8. WHAT ARE YOUR PRIVACY RIGHTS? 
9. CONTROLS FOR DO-NOT-TRACK FEATURES 
10. HOW DO WE PROTECT PERSONAL INFORMATION? 
11. DO WE MAKE UPDATES TO THIS PRIVACY POLICY? 
12. HOW CAN YOU CONTACT US? 

Personal information you disclose to us 

In Short: We collect personal information that you provide to us. 

We respect data minimisation principles. This means that we collect only a minimal amount of personal information that is necessary to ensure the proper provision of the Services as described below. We use your personal information for limited, specified and legitimate purposes explicitly mentioned in this privacy policy. We do not use your personal information for any purposes that are different from the purposes for which it was provided. When processing personal information, we make sure that we do so by relying on one of the available legal bases. You can find more information about the legal bases below. 

We collect personal information that you voluntarily provide to us when: 

• You join our waitlist. When you join our waitlist, we collect your first name, last name, work e-mail, and optionally your role, company name, industry, and country. We use such data to send you product launch updates. If you provide your opt-in consent, we will send you information about the industry, cybersecurity, cryptography, and special product offers. The legal basis on which we rely is ‘your consent’. We keep such data until you unsubscribe from our mailing list.
• You contact us by e-mail. When you contact us by e-mail, we collect your name, e-mail address, and any information that you decide to include in your message. We use such data to respond to your enquiries. The legal bases on which we rely are ‘pursuing our legitimate business interests’ (grow and promote our business) and ‘your consent’ (for optional personal data). We store such data until you stop communicating with us.

All personal information that you provide to us must be true, complete and accurate, and you must notify us of any changes to such personal information. 

Information automatically collected 

In Short: Some information — such as your Internet Protocol (IP) address and/or browser and device characteristics — are collected automatically when you visit our website. 

We automatically collect certain information when you visit, use or navigate the website. This information does not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our and other technical information. This information is primarily needed to maintain the security and operation of our website, and for our internal analytics and reporting purposes. The legal basis on which we rely is ‘pursuing our legitimate business interests’ (i.e. to operate, analyse and protect our website). We store such data until it is necessary for analysing and protecting our website. 

Sensitive data 

We do not directly collect from you or have access to any special categories of your personal information, unless you decide, at your own discretion, to provide such information to us. Sensitive data is information that relates to, for example, your finances, health, genetics, biometrics, religious and political beliefs, racial origins, membership of a professional or trade association, sex life, or sexual orientation. 

Refusal to provide personal information 

If you refuse to provide us with your personal information when we ask to, we may not be able to perform the requested operation and you may not be able to use the full functionality of our website or get our updates. Please contact us immediately if you think that any personal information that we collect is excessive or not necessary for the intended purpose. 

In Short: We only share information with your consent, to comply with laws, to provide you with services, or to fulfil business obligations. 

We may need to process your personal information in the following situations: 

Disclosure to data processors. From time to time, your personal information is disclosed to our service providers with whom we cooperate (our data processors). For example, we share your personal and non-personal information with entities that provide certain technical support services to us, such as hosting and e-mail distribution services. We do not sell your personal information to third parties. The disclosure is limited to the situations when your personal information is required for the following purposes: 

• Ensuring the proper operation of the Services;
• Ensuring the delivery of the Services ordered by you;
• Providing you with the requested information;
• Pursuing our legitimate business interests;
• Enforcing our rights, preventing fraud, and security purposes;
• Carrying out our contractual obligations; or
• If you provide your prior consent to such a disclosure.

List of our data processors. We use a limited number of data processors. We choose them only if they agree to ensure an adequate level of protection of your personal information that is consistent with this privacy policy and the applicable data protection laws. The data processors that have access to your personal information are: 

• Our hosting and cloud storage service provide Amazon Web Services (AWS) located in the United States of America;
• Our analytics service provider Piwik Pro located in Germany;
• Our web infrastructure service provider Cloudflare located in the United States of America;
• Our e-mail service provider Google located in the United States of America; and
• Our independent contractors and consultants.

Business Transfers. We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company. 

Affiliates. We may share your information with our affiliates, in which case we will require those affiliates to honour this privacy notice. Affiliates include our parent company and any subsidiaries, joint venture partners or other companies that we control or that are under common control with us. 

Other Users. When you share personal information or otherwise interact with public areas of the website, such personal information may be viewed by all users and may be publicly made available outside the website in perpetuity. If you interact with other users of our website and register for our Services through a social network (such as Facebook), your contacts on the social network will see your name, profile photo, and descriptions of your activity. Similarly, other users will be able to view descriptions of your activity, communicate with you within our website, and view your profile. 

In Short: We may use cookies and other tracking technologies to collect and store your information. 

We may use cookies and similar tracking technologies (like web beacons and pixels) to access or store information. For more information on our use of cookies, please refer to our cookie policy. 

In Short: If you choose to register or log in to our Services using a social media account, we may have access to certain information about you. 

You may have the ability to register and login by using your third-party social media account details (like your Facebook or Twitter logins). Where you choose to do this, we will receive certain profile information about you from your social media provider. The profile information we receive may vary depending on the social media provider concerned, but will often include your name, e-mail address, friends list, profile picture as well as other information you choose to make public on such a social media platform. 

We will use the information we receive only for the purposes that are described in this privacy policy or that are otherwise made clear to you on the relevant page where your personal information is collected. Please note that we do not control and are not responsible for other uses of your personal information by your third-party social media provider. We recommend that you review their privacy notice to understand how they collect, use and share your personal information, and how you can set your privacy preferences on their sites and apps. 

In Short: We may transfer, store, and process your information in countries other than your own. 

Some of our data processors listed above are located outside the country in which you reside. For example, if you reside in a country belonging to the European Economic Area (EEA), your personal information may be transferred outside the EEA (for example, to the United States, where our hosting provider AWS is based). In case it is necessary to make such a transfer, we will make sure that the jurisdiction in which the recipient third party is located, guarantees an adequate level of protection for your personal data or we conclude a data processing agreement with the respective third party that ensures such protection. We will not transfer your personal data internationally if no appropriate level of protection can be granted. 

In Short: We keep your information for as long as necessary to fulfil the purposes outlined in this privacy policy, unless otherwise required by law. 

We will only keep your personal information for as long as it is necessary for the purposes set out in this privacy policy, unless a longer retention period is required or permitted by law (such as tax, accounting or other legal requirements). 

When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymise such information, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible. 

In Short: We do not knowingly collect data from or market our Services to children under 18 years of age. 

The Services are not marketed and should not be used by persons under the age of 18. Therefore, we do not knowingly collect personal information from children under 18 years of age. If we learn that personal information from users less than 18 years of age has been collected, we will take reasonable measures to promptly delete such information from our records. If you become aware of any data we may have collected from children under age 18, please contact us at legal@vaultree.com. 

In Short: You may control how your personal information is processed by us. 

You have the right to exercise the rights listed below (unless, in very limited cases, the applicable law provides otherwise): 

• Right of access: you can get a copy of your personal information that we store in our systems and a list of purposes for which your personal information is processed;
• Right to rectification: you can rectify inaccurate personal information that we hold about you;
• Right to erasure (‘right to be forgotten’): you can ask us to erase your personal information from our systems;
• Right to restriction: you can ask us to restrict the processing of your personal information;
• Right to data portability: you can ask us to provide you with a copy of your personal information in a structured, commonly used and machine-readable format and move that personal information to another processor;
• Right to object: you can ask us to stop processing your personal information;
• Right to withdraw consent: you have the right to withdraw your consent, if you have provided one; or
• Right to complaint: you can submit your complaint regarding our processing of your personal information.

How to exercise your rights? If you would like to exercise any of your rights, please contact us by e-mail at legal@vaultree.com or by post (you can find our postal address at the end of this privacy policy) and explain your request in detail. In order to verify the legitimacy of your request, we may ask you to provide us with an identifying piece of information that allows us to identify you in our system. We will answer your request within a reasonable time frame but no later than 30 days. If we refuse your request, we will provide you with an explanation about the legal basis that allows us to do so. 

Complaints. If you would like to launch a complaint about the way in which we process your personal information, we kindly ask you to contact us first and express your concerns. If we receive your complaint, we will investigate it and provide you with our response as soon as possible. If you are not satisfied with the outcome of your complaint, you have the right to lodge a complaint with your local data protection authority. If you are a resident in the European Economic Area, you can find their contact details here: https://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm. If you are a resident in Switzerland, the contact details for the data protection authorities are available here: https://www.edoeb.admin.ch/edoeb/en/home.html. 

Non-discrimination. We do not discriminate against you if you decide to exercise your rights. It means that we will not (i) deny any goods and services, (ii) charge you different prices, (iii) deny any discounts or benefits, (iv) impose penalties, or (v) provide you with lower quality Services. 

Opting out of e-mail marketing. You can unsubscribe from our marketing e-mail list at any time by clicking on the unsubscribe link in the e-mails that we send or by contacting us using the details provided below. You will then be removed from the marketing e-mail list — however, we may still communicate with you, for example to send you service-related e-mails that are necessary for administration purposes. 

Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track ("DNT") feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. At this stage no uniform technology standard for recognising and implementing DNT signals has been finalised. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this privacy notice. 

We implement organisational and technical information security measures to protect your personal information from loss, misuse, unauthorised access, and disclosure. The security measures taken by us include: access control, secured networks, SSL protocol, strong passwords, anonymisation of personal data (when possible), and carefully selected data processors. 

Although we put our best efforts to protect your personal information, given the nature of communications and information processing technology and the Internet, we cannot be liable for any unlawful destruction, loss, use, copying, modification, leakage, and falsification of your personal information that was caused by circumstances that are beyond our reasonable control. In case a serious breach occurs, we will take reasonable measures to mitigate the breach, as required by the applicable law. Our liability for any security breach will be limited to the highest extent permitted by the applicable law. 

In Short: Yes, we will update this privacy policy as necessary to stay compliant with relevant laws.

We may update this privacy policy from time to time. We will alert you about any changes by updating the “Last updated” date of this privacy policy. If we have your e-mail address, we will/may send you a notice by e-mail as well. The updated version will be effective as soon as it is accessible. We encourage you to review this privacy policy frequently to be informed of how we are protecting your personal information. 

If you have questions or comments about this privacy policy or our data protection practices, you may e-mail us at legal@vaultree.com. Our postal address is Vaultree Ltd., 12 South Mall, Centre, Cork, County Cork, T12 RD43, Ireland.