Skip to content
Vault logo Vault
en
Legal

Privacy Policy

Effective Date: June 1, 2025

Vault Studio operates as the Data Controller for the Vault application, committed to protecting user privacy under GDPR and similar regulations.

1. Identity and Contact Information of the Data Controller

Vault Studio SIRET: 83213367200028

Contact: support@vault-application.com or https://vault-application.com/

2. Data Not Collected by the Data Controller

The company does not collect, access, or store user content like photos, videos, or notes. This information resides exclusively on the user’s iCloud account managed by Apple, with the user retaining sole control and the Data Controller having no access capability.

3. Data Collected by the Data Controller and Purposes of Processing

3.1. Diagnostic and Performance Data

Types of Data Collected: Firebase Crashlytics collects non-identifying device information including model, manufacturer, OS version, unique installation identifiers, and application state during incidents.

Purpose of Processing: Diagnosing, analyzing, and resolving technical issues to improve stability and performance.

Legal Basis: Legitimate interest of ensuring proper functioning and security. Data is pseudonymized without direct user identification.

Absence of Data Linking: Diagnostic information remains unconnected to other identifying information.

Access to Camera and Microphone

Video and audio streams enable users to capture and add photos and videos directly to Vault storage. Consent is requested by the operating system and revocable anytime.

Access to Photo/Video Gallery

Visual content stored on devices can be imported into Vault. With specific user agreement, the application may automatically delete imported photos from the device gallery afterward. Consent is revocable through device privacy settings.

Motion Data

Raw accelerometer and gyroscope data activate “emergency shortcuts” based on detected device movements, only when users explicitly enable this feature. Consent is revocable.

4. Data Retention Period

Firebase Crashlytics retains data for a maximum of 90 days per Google Firebase policies. iCloud-stored content retention is managed exclusively by Apple.

5. Data Sharing

The Data Controller does not share personal data for commercial, advertising, or profiling purposes. Limited disclosures include:

  • Diagnostic data shared with Google Firebase Crashlytics in anonymized/pseudonymized form
  • Payment information processed directly by Apple via StoreKit 2, never transmitted to the Data Controller

6. Data Security Measures

Implemented protections include encryption, access controls, secure Google Firebase infrastructure, regular software updates, and privacy-by-design architecture where users maintain full control over sensitive information.

7. User Rights

Users possess GDPR-guaranteed rights including access, rectification, erasure, processing restriction, objection, data portability, and consent withdrawal.

How to Exercise Your Rights

For iCloud content, users must manage rights directly through Apple’s iCloud tools. For diagnostic data, users contact support@vault-application.com. Device access permissions are managed through device privacy settings.

Users may lodge complaints with competent data protection supervisory authorities.

8. Changes to This Privacy Policy

The Data Controller reserves modification rights, with updates published with revised effective dates.