Privacy Policy

Vault Forensics LLC is a digital asset recovery consulting firm. We are committed to protecting your privacy and handling your personal information with the highest standards of care, confidentiality, and transparency.

By using our website at vaultforensics.com or engaging our services, you agree to the collection and use of information as described in this Privacy Policy. If you do not agree with any part of this policy, please do not use our services.

For questions about this policy or your data, please contact us at privacy@vaultforensics.com.

Information you provide directly: When you contact us, submit a case, or communicate with our team, you may provide:

• Contact information: name, email address, phone number, country of residence
• Case information: description of the asset lost, platform, circumstances of loss
• Authentication information: partial passwords, seed phrase fragments, account usernames (only as necessary for recovery)
• Identity verification: government-issued ID where required for account recovery processes
• Financial information: asset type and approximate value (used for case assessment and fee quoting only)
• Communications: emails, messages, and call notes from your interactions with our team

Information collected automatically: When you visit our website, we may automatically collect:

• IP address and approximate geographic location (country/city level)
• Browser type and version, operating system
• Pages visited, time spent on pages, referring URLs
• Device type and screen resolution
• Cookies and similar tracking technologies (see Section 7)

We do NOT collect: We do not collect complete private keys, seed phrases, or wallet credentials directly through our website. Any such information shared during case work is transmitted only via secure, encrypted channels and is handled exclusively by the assigned forensic specialist.

We use your information for the following purposes:

• Case Assessment: To evaluate whether and how we can help recover your digital assets
• Service Delivery: To perform the recovery services you have engaged us for
• Communication: To respond to your enquiries and provide case updates
• Invoicing & Payments: To issue invoices and process payments for services rendered
• Legal Compliance: To comply with applicable laws, regulations, and legal processes
• Fraud Prevention: To verify ownership of assets and prevent misuse of our services
• Service Improvement: To analyse how our website and services are used (in aggregated, anonymised form)
• Marketing (optional): To send you relevant updates or resources if you have opted in to receive them

We will never use your case information, sensitive credentials, or personal details for any purpose beyond those listed above. We do not use your data to train AI models, sell it to data brokers, or share it with advertisers.

We do not sell your personal information. We may share your information only in the following limited circumstances:

• With your explicit consent: We will ask before sharing your information with any third party not described below
• Service providers: Trusted vendors who assist us with IT infrastructure, email, payment processing, and similar functions — bound by confidentiality agreements and permitted to use data only for the specified purpose
• Platform teams: Where necessary to attempt account recovery, we may communicate with official platform security or trust teams on your behalf — only with your prior authorisation
• Legal requirements: If required by law, court order, or governmental authority, we will disclose the minimum information legally required
• Protection of rights: Where necessary to protect the safety, rights, or property of Vault Forensics, our clients, or the public
• Business transfers: In the event of a merger, acquisition, or sale of assets, your data would transfer with appropriate protections — we would notify you before this occurred

In all cases of third-party sharing, we contractually require that recipients maintain appropriate security standards and use the data only as directed.

We implement industry-standard security measures to protect your personal information:

• TLS/SSL encryption for all data in transit
• AES-256 encryption for sensitive data at rest
• Role-based access controls limiting case data to assigned specialists
• Multi-factor authentication on all internal systems
• Regular security audits and penetration testing
• Secure deletion protocols for case data after closure
• Physical security controls for any on-premise systems
• Employee training on data handling and security practices

While we take all reasonable precautions, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security, but we commit to notify you promptly in the event of a data breach that affects your personal information, in accordance with applicable laws.

We retain your personal information only for as long as necessary to fulfil the purposes described in this policy, or as required by law.

• Active case data: Retained for the duration of your case plus a 30-day post-closure period for any follow-up needs
• Sensitive credentials: Securely deleted immediately upon case closure or upon your request
• Contact and communication records: Retained for up to 3 years for legitimate business purposes (responding to future enquiries, dispute resolution)
• Financial records: Retained for up to 7 years as required by applicable accounting and tax laws
• Website analytics: Retained in anonymised/aggregated form for up to 24 months

You may request deletion of your personal information at any time (see Section 8 — Your Rights). We will comply with such requests except where retention is required by law.

Our website uses cookies and similar technologies to improve your experience and analyse site usage. We use:

• Essential cookies: Required for the website to function. Cannot be disabled.
• Analytics cookies: Help us understand how visitors use our site (e.g., Google Analytics). Data is anonymised where possible.
• Marketing cookies: Used for Google Ads conversion tracking where you have arrived from an advertisement. These track whether you completed a contact form or made a call, not your personal identity.

You can control cookies through your browser settings. Disabling cookies may affect the functionality of our website. By continuing to use our site, you consent to our use of cookies as described above.

Depending on your location, you may have the following rights regarding your personal information:

• Right of Access: Request a copy of the personal information we hold about you
• Right to Rectification: Request correction of inaccurate or incomplete information
• Right to Erasure: Request deletion of your personal information (subject to legal retention requirements)
• Right to Restrict Processing: Request that we limit how we use your data in certain circumstances
• Right to Data Portability: Request your data in a structured, commonly used format
• Right to Object: Object to certain types of processing, including direct marketing
• Right to Withdraw Consent: Withdraw consent for processing based on consent at any time
• California Residents (CCPA): Right to know, right to delete, right to opt-out of sale (we do not sell data), and right to non-discrimination

To exercise any of these rights, contact us at privacy@vaultforensics.com. We will respond within 30 days. We may need to verify your identity before processing your request.

Our services are not directed at individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child under 18, please contact us immediately at privacy@vaultforensics.com and we will promptly delete it.

Vault Forensics operates primarily from the United States. If you are accessing our services from outside the United States, please be aware that your information may be transferred to, stored, and processed in the US or other countries where our service providers operate.

For users in the European Economic Area (EEA), United Kingdom, or other jurisdictions with data transfer restrictions, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) where applicable, to protect your personal information in accordance with applicable data protection law.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

• Update the "Last Updated" date at the top of this policy
• Notify active clients by email of significant changes
• Post a notice on our website for a reasonable period

Your continued use of our services after changes become effective constitutes your acceptance of the revised policy. We encourage you to review this policy periodically.

For questions, concerns, or requests related to this Privacy Policy or your personal data, please contact us:

If you are located in the EEA or UK and believe we have not adequately addressed your privacy concerns, you have the right to lodge a complaint with your relevant data protection authority.