Home / Privacy Policy

Privacy Policy

Last updated: January 2026

DebtVault (“we”, “us”, “our”, or the “Service”) is committed to maintaining the privacy and security of your personal and financial information. This Privacy Policy explains the data we collect, how we use it, how we protect it, and your rights as a user.

1. Information We Collect

We collect only the data necessary to operate and improve DebtVault:

• Account Information: Name, email, password (encrypted), and profile details.
• Financial Data: Vault balances, deposits, withdrawals, goals, automation settings, payout preferences.
• Banking & Payments: Plaid connection status, Stripe payment & payout identifiers, subscription billing status.
• Technical Data: IP address, device type, browser, usage logs.
• Optional Data: Notes, goals, creditor details, Vault Coach messages.

2. How We Use Your Information

Your information is used strictly to deliver, maintain, and improve the Service:

• To create and manage your account
• To process deposits, withdrawals, and automated creditor payouts
• To track vault performance, streaks, and daily progress
• To send important communications (security alerts, billing notices)
• To detect and prevent fraud or unauthorized access
• To analyze anonymized usage to improve the app

We do NOT sell your data or share it with advertisers.

3. How We Protect Your Data

We apply industry-leading security standards to protect your information:

• Data encrypted in transit (HTTPS/TLS 1.2+) and at rest
• Passwords hashed using secure one-way hashing (bcrypt)
• No storage of bank credentials or full financial account numbers
• Strict internal access controls and audit logging
• Regular monitoring for suspicious activity and fraud

4. Data Sharing

We share limited data only with trusted partners essential to operating the platform:

• Plaid: Bank verification & secure account linking
• Stripe: Deposits, payouts, subscriptions, billing
• Supabase: Encrypted authentication & database storage
• Analytics Tools: Non-identifying performance insights

All partners maintain strict privacy and security standards. We never sell your personal information.

5. Data Retention

We retain your data only as long as necessary:

• Your profile data remains active while your account is active
• You can request full deletion at any time
• Financial logs may be kept as required by law or regulators

6. Your Privacy Rights

You may exercise any of the following rights at any time:

• Access the data we store about you
• Update or correct inaccurate information
• Request account deletion
• Download an export of your data
• Disconnect Plaid or Stripe
• Opt out of non-essential emails

If you live in a region with privacy laws (GDPR, CCPA, etc.), you may have additional rights, which we will honor upon request.

7. Cookies & Tracking

We use cookies to provide a smoother experience, maintain login sessions, and analyze anonymized behavior. We do not use advertising cookies.

8. Children's Privacy

DebtVault is not intended for children under 13, and we do not knowingly collect information from minors.

9. Policy Updates

We may update this Privacy Policy periodically. If changes are significant, we will notify you via email or in-app message.

10. Contact Us

For any questions about this Privacy Policy or your data:
Email: support@debtvault.co