GDPR Compliance
Last updated: January 14, 2025
Overview
SecureVault is committed to protecting the privacy of our users in the European Union and European Economic Area in accordance with the General Data Protection Regulation (GDPR).
Data Controller
SecureVault, Inc. acts as the Data Controller for personal data processed through our Service.
Contact: dpo@securevault.com
Address: 548 Market St, Suite 35000, San Francisco, CA 94104, USA
Your Rights Under GDPR
As an EU/EEA resident, you have the following rights:
Right to Access (Article 15)
You can request a copy of all personal data we hold about you. We will provide this within 30 days of your request.
Right to Rectification (Article 16)
You can request correction of inaccurate personal data. Update your account information in Settings or contact us for assistance.
Right to Erasure (Article 17)
You can request deletion of your personal data. Delete your account in Settings, and all associated data will be removed within 30 days.
Right to Restriction (Article 18)
You can request we limit how we process your data in certain circumstances.
Right to Data Portability (Article 20)
You can export your data in a machine-readable format. Use the Export feature in Settings to download your memos.
Right to Object (Article 21)
You can object to processing of your personal data for direct marketing or other purposes.
Legal Basis for Processing
We process your data based on:
- Contract: To provide the Service you signed up for
- Legitimate Interest: To improve and secure our Service
- Legal Obligation: To comply with applicable laws
- Consent: For optional features like marketing communications
Data We Collect
| Data Type | Purpose | Retention |
|---|---|---|
| Email address | Account identification | Until account deletion |
| Encrypted memos | Service provision | Until user deletion |
| Usage logs | Security & debugging | 90 days |
| IP addresses | Security & fraud prevention | 30 days |
International Data Transfers
Data may be transferred to servers in the United States. We ensure appropriate safeguards through Standard Contractual Clauses (SCCs) with our service providers.
Data Protection Officer
Our Data Protection Officer can be contacted at:
Email: dpo@securevault.com
Supervisory Authority
You have the right to lodge a complaint with your local data protection authority if you believe we have violated your rights under GDPR.
Exercising Your Rights
To exercise any of your GDPR rights, please contact us at:
- Email: privacy@securevault.com
- Subject line: "GDPR Request - [Your Right]"
We will respond to all requests within 30 days. We may need to verify your identity before processing your request.