Privacy Policy
Last updated: April 11, 2026
1. Information We Collect
We collect information you provide directly when creating an account and using the Service. This includes: your email address (used for authentication and notifications), your username (chosen at signup), your Discord account ID and username (when you link your Discord account), your Litecoin wallet address (when you provide one for payouts), support ticket content and correspondence, and transaction data related to your escrow deals.
2. How We Use Your Information
We use your information to: provide, operate, and maintain the escrow service; authenticate your identity and secure your account; process escrow transactions and resolve disputes; send transactional emails (OTP codes, ticket updates, deal notifications); prevent fraud, abuse, and violations of our terms; comply with legal obligations; and improve the Service based on aggregated, anonymized usage patterns.
3. Authentication & Security
We use email-based one-time passwords (OTP) for authentication. OTP codes are cryptographically hashed before storage and expire after 10 minutes. We support optional two-factor authentication (TOTP) for additional account security. TOTP secrets are encrypted at rest using AES-256-GCM. Sessions are managed via JSON Web Tokens (JWT) and do not store session data in the database. We re-validate your account status periodically to detect bans or unauthorized changes.
4. Discord Account Linking
When you link a Discord account, we store your Discord user ID to associate your Vaultify account with your Discord identity. We do not access your Discord messages, servers, or contacts. Linking Discord is required to participate in deals.
5. Escrow Transaction Data
When you participate in a deal, we store: the deal terms, status, and history; cryptocurrency amounts and exchange rates at the time of the deal; escrow wallet addresses (generated per deal); transaction hashes for on-chain verification; dispute evidence submitted by either party; and ratings left after deal completion. This data is retained indefinitely to maintain a complete audit trail for dispute resolution and compliance purposes.
6. Data Sharing
We do not sell your personal information. We may share limited information in the following circumstances: with your counterparty in a deal (username and deal-related data only); with Vaultify administrators when resolving disputes; with email service providers (Resend) for transactional emails; and with law enforcement when required by law or to prevent serious harm. All third-party service providers are bound by their own privacy policies and data processing agreements.
7. Data Retention
Account data is retained for as long as your account is active. If you delete your account, we anonymize your personal information (email, Discord ID, wallet address) but retain transaction records with your anonymized user ID for audit purposes. Support tickets and audit logs are retained indefinitely. OTP codes and temporary authentication tokens are automatically cleared after use or expiry.
8. Your Rights
You have the right to: access the personal data we hold about you (visible in your profile and settings); correct inaccurate information (username, wallet address); delete your account and anonymize your personal data; export your deal history; and withdraw consent for optional data processing (such as unlinking your Discord account). To exercise these rights, use the relevant settings page or submit a support ticket.
9. Cookies & Local Storage
We use essential cookies for authentication (session tokens, OAuth state parameters). We use local storage for theme preferences. We do not use tracking cookies, analytics cookies, or advertising cookies. No third-party tracking scripts are loaded on the site.
10. Children's Privacy
Vaultify is not intended for use by anyone under the age of 18. We do not knowingly collect personal information from children. If we learn that we have collected information from a minor, we will take steps to delete that information promptly.
11. Changes to This Policy
We may update this privacy policy from time to time. Changes will be posted on this page with an updated date. For significant changes affecting how we use your data, we will make reasonable efforts to notify you via email or in-app notification.
12. Contact
If you have questions about this privacy policy or how we handle your data, you can reach us through the support ticket system on the Vaultify website or through our Discord server.