Privacy Policy

The shortest way to summarise our privacy stance: we cannot see your documents.

Last updated: 5 May 2026

In a nutshell

The content you save in your vault is encrypted on your device before it leaves. Our server only receives encrypted data which we cannot read. Your password never leaves the browser.

What we collect

To run the service we collect the minimum required:

  • Email, first and last name (provided by you at registration).
  • Encrypted document data (unreadable by us).
  • Minimal technical access metadata (date, IP address, user agent) for security and abuse prevention.
  • Anonymous application logs for diagnostics.

Why we process them

Your data is used to:

  • Run the service (authentication, sync, account recovery).
  • Send you relevant updates by email (account verification, password reset, legal changes).
  • Detect and prevent fraud and abuse.

Your rights

Under the GDPR you have the right of access, rectification, erasure, portability, restriction of processing and objection. See the dedicated GDPR page for how to exercise them.

See GDPR rights →

Data sharing

We do not sell your data and do not share it with third parties for commercial purposes. We use technical providers (AWS hosting, Neon database, transactional email) under data processing agreements, in EU territory where possible.

Contact

For any privacy enquiry or to exercise your rights: privacy@lifevault.it.