Privacy Policy
How we collect, use, and protect personal data when you use Vault PDF. Core PDF tools never upload your files to our servers.
Your Company Ltd("we", "us") operates Vault PDF, a browser-based PDF toolkit with team collaboration features. We are the data controller for personal data described in this policy.
Privacy contact: divya@vault-pdf.com
For GDPR-specific information and Data Processing Agreement (DPA) requests, see our GDPR page.
PDF processing runs entirely in your browser using permissive open-source libraries (pdf-lib, PDF.js, qpdf). We do not use AGPL-licensed processing modules. Your files are never uploaded to our servers for core PDF tools.
The PDF engine runs as a separate static container. It does not receive uploaded PDF bytes for core tools. Optional Slack notifications, when enabled by your team admin, share privacy-safe job metadata only, never file contents or filenames.
- Account information (email, display name) via Supabase Auth
- Team and billing metadata (organization name, subscription status, seat usage, payment provider customer ID)
- Privacy-safe activity metadata (tool used, file count, compression mode, never filenames or PDF content)
- Audit log entries for team administration and security events
- Optional integration data when you connect Slack (encrypted OAuth tokens and channel preferences)
- PDF file contents or filenames from core browser-local tools
- Passwords used to decrypt PDFs in your browser
- Marketing or advertising tracking cookies
| Purpose | Legal basis | Retention |
|---|---|---|
| Account creation and authentication Email, display name, password hash (via Supabase Auth) | Contract (Art. 6(1)(b)) | While account is active, plus up to 90 days after deletion for security and billing reconciliation |
| Team and subscription management Organization name, role, seat usage, subscription status | Contract (Art. 6(1)(b)) | While subscription is active, plus up to 7 years for billing and tax records where required by law |
| Usage and activity metadata Tool ID, file count, timestamps, compression mode (no filenames or PDF content) | Legitimate interests, service operation, team visibility, and compliance receipts (Art. 6(1)(f)) | Typically 90 days for activity logs; deletion receipt metadata retained while the receipt link remains valid |
| Audit and security logging Administrative actions, hashed IP address for security events | Legitimate interests, security, fraud prevention, and accountability (Art. 6(1)(f)) | Typically 90 days; export available to org admins |
| Transactional email Email address, invite tokens, billing notifications | Contract (Art. 6(1)(b)) | Per email provider logs; typically up to 30 days operational retention |
| Optional Slack integration OAuth tokens (encrypted), channel selection, privacy-safe job notifications | Consent / contract, enabled only when an admin connects Slack (Art. 6(1)(a)/(b)) | While integration is connected; tokens removed on disconnect |
We use the following services to operate Vault PDF:
| Provider | Purpose | Location |
|---|---|---|
| Supabase | Authentication, database, row-level security | EU / US |
| Dodo Payments | Subscription billing and payment processing | Varies by processor region |
| Resend | Transactional email (invites, receipts, onboarding) | US |
| Hosting provider | Application hosting, CDN, and operational logs | US / EU (region-dependent) |
Some sub-processors are located outside the European Economic Area (EEA), including in the United States. Where required, we rely on appropriate safeguards such as the EU Standard Contractual Clauses (SCCs) and processor agreements that require equivalent protection.
Contact divya@vault-pdf.com for details on transfer mechanisms applicable to your organization.
We use essential cookies only, no analytics, advertising, or third-party tracking cookies. These are required for authentication and core product functionality:
| Cookie | Purpose | Duration |
|---|---|---|
| Supabase auth session | Keeps you signed in securely | Session / refresh token lifetime |
| pending_invite_token | Completes team invite flow after sign-up | Short-lived; cleared after invite acceptance |
When you complete a job, we store metadata needed to generate a signed deletion receipt. Receipts prove processing happened locally and that we did not retain your PDF. Receipts can be shared via a public verification link without exposing file contents.
Depending on your location, you may have rights to access, correct, delete, restrict, or port your personal data, and to object to certain processing. See our GDPR page for the full list of data subject rights and how to exercise them.
We respond to verified requests within one month, or inform you if an extension is required under applicable law.
Vault PDF is a business service for teams handling confidential client documents. It is not directed at children under 16, and we do not knowingly collect personal data from children.
We may update this policy when our practices or legal requirements change. Material updates will be reflected by the "Last updated" date at the top of this page. For significant changes, we may also notify account owners by email or in-product notice.
Privacy questions: divya@vault-pdf.com
General support: divya@vault-pdf.com
This information is provided for transparency and is not legal advice. Consult qualified counsel for jurisdiction-specific requirements.