PRIVACY POLICY

Digi-Vault is operated by a registered business entity. Full company details are available on request. We are the data controller responsible for personal data processed through digi-vault.co.

For privacy queries, email us at Contact@digi-vault.co.

This policy explains what personal data we collect when you use DigiVault, why we collect it, how we use it, and the rights you have over it.

We collect the following types of personal data:

• Account information — name, email address, and any other details you provide when signing up or completing a purchase.
• Payment information — billing details processed through our payment provider (Stripe). We do not store full card numbers on our servers.
• Token activity — your token balance, top-up history, tool activations, and associated timestamps.
• Tool usage data — when you activate a tool from the Vault, certain account details (typically email and name) are passed to the third-party tool provider so they can set up your account on their platform.
• Technical data — IP address, browser type, device information, and analytics data collected automatically when you visit the site.
• Communications — any messages you send us.

We use your personal data to:

• Process token purchases and credit your balance
• Activate tools and pass necessary information to tool providers
• Send transactional emails (purchase receipts, account notifications)
• Provide customer support
• Comply with our legal and tax obligations
• Improve the platform and detect fraud or abuse

We process personal data on the following legal bases under UK GDPR and equivalent laws:

• Contract — to provide the services you've purchased
• Legitimate interest — to operate, secure, and improve the platform
• Legal obligation — to comply with tax, accounting, and regulatory requirements
• Consent — where required for marketing communications (which you can withdraw at any time)

We share personal data only with the following categories of recipients:

• Tool providers — when you activate a tool, we share the email and name needed to provision your account on the third-party platform. Each provider has their own privacy policy.
• Payment processors — Stripe processes your payment information.
• Hosting and infrastructure providers — we use Cloudflare, Neon Postgres, and Wix to operate the platform.
• Email service providers — for sending transactional and account emails.
• Legal and regulatory authorities — when required by law or to protect our rights.

We do not sell personal data. We do not share data with advertisers.

Digi-Vault works with service providers based in the UK, EU, and US. Where personal data is transferred outside your jurisdiction, we rely on appropriate safeguards (such as Standard Contractual Clauses) to ensure your data remains protected.

• Account and transaction records: retained for the duration of your account plus 6 years for tax and accounting purposes
• Token activity: retained while tokens remain valid plus 12 months after expiry
• Marketing communications: retained until you opt out
• Technical/analytics data: retained for up to 24 months

Under UK GDPR and equivalent laws, you have the right to:

• Access — request a copy of personal data we hold about you
• Rectification — correct inaccurate data
• Erasure — request deletion of your data, subject to legal retention requirements
• Restriction — limit how we process your data
• Portability — request your data in a portable format
• Objection — object to processing based on legitimate interest
• Withdraw consent — for any processing based on consent

To exercise any of these rights, email us at Contact@digi-vault.co. We respond within 30 days.

The DigiVault site uses cookies for essential functionality (login, cart, payment processing) and analytics. You can manage cookie preferences through your browser settings.

We use industry-standard security practices to protect your data, including encrypted connections (TLS), secure database storage, and access controls. No system is completely secure, but we take reasonable steps to prevent unauthorised access.

DigiVault is not intended for users under 18. We do not knowingly collect personal data from children. If you believe we’ve collected data from a minor, email us at Contact@digi-vault.coand we’ll delete it.

We may update this policy from time to time. Material changes will be communicated via email to active customers and posted on the site. The “last updated” date at the top reflects the latest revision.

If you have concerns about how we handle your data and feel we haven’t resolved them, you can contact the UK’s Information Commissioner’s Office (ICO) at ico.org.uk.

For questions about this Privacy Policy, email us at Contact@digi-vault.co.