Privacy Policy

1.1 We are pleased that you are using our application ("Vault"). In the following, we inform you about the handling of your personal data when using our app. Personal data is all data with which you can be personally identified.

1.2 Responsible for data processing regarding this app within the meaning of the General Data Protection Regulation (GDPR) is: Tariq Alshara. Email: support@vault.com. The person responsible for the processing of personal data is the natural or legal person who alone or jointly with others decides on the purposes and means of the processing of personal data.

When contacting us (e.g. via contact form or e-mail), personal data is collected. Which data is collected when using a contact form can be seen from the respective contact form in the app. This data is stored and used exclusively for the purpose of answering your request or for contacting you and the associated technical administration.

The legal basis for the processing of this data is our legitimate interest in answering your request in accordance with Article 6 (1) (f) GDPR. If your contact is aimed at concluding a contract, the additional legal basis for processing is Art. 6 (1) (b) GDPR. Your data will be deleted once your request has been processed.

3.1 For the processing of contracts concluded via the app, we work together with the following service provider(s), who support us in whole or in part in the implementation of concluded contracts. Certain personal data is transmitted to these service providers in accordance with the following information.

In the case of in-app payments, payment is made via RevenueCat Inc., 300 Euclid Avenue, San Francisco, CA 94118, USA, to whom we pass on the information you provided during the ordering process together with the information about your order. Your data will be passed on in accordance with Article 6 Paragraph 1 Letter b GDPR exclusively for the purpose of payment processing and only to the extent that it is necessary for this.

We have concluded an order processing contract with RevenueCat Inc., with which we oblige the provider to protect the data of the app users and not to pass it on to third parties. Further information on data protection by RevenueCat can be found here: https://www.revenuecat.com/privacy

4.1 Your portfolio data (investment holdings, transactions, preferences) is stored locally on your device using Apple's native data storage framework (SwiftData). We do not transmit or store your financial portfolio data on our servers.

4.2 Market data (stock prices, cryptocurrency prices, precious metal spot prices) is fetched from third-party API providers (Massive API, CoinMarketCap, Metals.dev) using encrypted HTTPS connections. These requests contain only the asset identifiers (ticker symbols) and do not include any personal information.

4.3 If you join our waitlist or provide your email address, it will be stored securely and used solely for the purpose of notifying you about product updates and the app launch. You may unsubscribe at any time.

The applicable data protection law grants you comprehensive data subject rights (rights to information and intervention) vis-à-vis the person responsible for the processing of your personal data:

• Right to information in accordance with Art. 15 GDPR: You have a right to information about your personal data processed by us, the processing purposes, the categories of personal data processed, and the recipients to whom your data was or will be disclosed.
• Right to rectification in accordance with Art. 16 GDPR: You have the right to immediate rectification of incorrect data and/or completion of incomplete data stored by us.
• Right to deletion according to Art. 17 GDPR: You have the right to request deletion of your personal data if the requirements of Art. 17 Para. 1 GDPR are met.
• Right to restriction of processing in accordance with Art. 18 GDPR: You have the right to request restriction of the processing of your personal data under certain conditions.
• Right to data portability in accordance with Art. 20 GDPR: You have the right to receive your personal data in a structured, commonly used, and machine-readable format.
• Right to revoke consent in accordance with Art. 7 Para. 3 GDPR: You have the right to revoke your consent at any time with effect for the future.
• Right to lodge a complaint pursuant to Art. 77 GDPR: If you believe the processing of your personal data violates the GDPR, you have the right to lodge a complaint with a supervisory authority.

If we process your personal data on the basis of a balancing of interests, you have the right at any time to object to this processing for reasons resulting from your particular situation with effect for the future.

If you exercise your right to object, we will stop the processing of the data involved. However, further processing remains reserved if we can demonstrate compelling legitimate grounds for processing that override your interests, fundamental rights, and freedoms, or if the processing serves the establishment, exercise, or defense of legal claims.

If your personal data is processed by us for direct advertising purposes, you have the right to object at any time to the processing of your personal data for the purposes of such advertising.