Privacy Policy

Effective date: September 4, 2025

This Privacy Policy describes how Vault ("we", "us", "our") collects, uses, and discloses information in connection with our website and services. By using Vault, you agree to the practices described below.

Information we collect

• Account information. Name, email address, and authentication metadata when you register or sign in (e.g., via OAuth/Passkeys).
• Usage data. Service logs, request metadata, diagnostic data, and device information to improve reliability and security.
• Content you provide. Configuration, policies, and secret metadata you store via the product features. Secret values are encrypted at rest and in transitand are only processed to provide the service.

How we use information

• Provide, operate, secure, and improve the services.
• Authenticate users and enforce policies/permissions.
• Monitor for abuse, fraud, and security incidents.
• Respond to support requests and communicate product updates.
• Comply with legal obligations.

Sharing of information

• Service providers. We may share limited data with trusted vendors who perform services on our behalf (e.g., hosting, monitoring). They are bound by confidentiality and data processing obligations.
• Legal. We may disclose information if required by law or to protect the rights, safety, and security of users and the public.
• Business transfers. In a merger, acquisition, or asset sale, information may be transferred as part of that transaction.

Data retention

We retain information for as long as necessary to provide the services, comply with our legal obligations, resolve disputes, and enforce agreements. Secret materials are designed to be encrypted and removed according to your configured retention policies where applicable.

Security

We implement administrative, technical, and physical safeguards designed to protect information. No method of transmission or storage is 100% secure; we continuously iterate on security controls and best practices.

Your choices

• Access, update, or delete account information in your workspace settings.
• Configure role-based access and key rotation policies per your requirements.
• Contact us to exercise additional rights where applicable under local law.

International transfers

Your information may be processed in jurisdictions different from your own. Where required, we implement appropriate safeguards for cross-border data transfers.

Children's privacy

Our services are not directed to children under 13, and we do not knowingly collect personal information from them.

Changes to this policy

We may update this Policy from time to time. The updated version will be indicated by an updated effective date and will be effective as soon as it is accessible.

Contact us

Business inquiries: business@ajmalshahabudeen.com
Support & developer relations: developer@ajmalshahabudeen.com
Website: ajmalshahabudeen.com

This Privacy Policy is provided for informational purposes only and does not constitute legal advice. For specific guidance, consult a qualified attorney.