The Vault

Privacy Policy

Last updated: February 7, 2026

1. Introduction

The Vault (β€œwe”, β€œour”, or β€œthe App”) is operated by The Vault, Inc., a Delaware C Corporation based in California. We are committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our personality assessment and self-discovery platform.

We comply with the California Consumer Privacy Act (CCPA), the California Privacy Rights Act (CPRA), and other applicable U.S. privacy laws.

2. Information We Collect

Account Information

  • Email address (for authentication)
  • Display name (optional)
  • Account creation date

Assessment and Profile Data

  • Your responses to personality assessments (Big Five, MBTI, Enneagram, DISC, and others)
  • Intelligence and strengths assessment responses and scores
  • Birth date, time, and location (if you choose to provide them for astrology, numerology, or Human Design features)
  • Calculated personality trait scores and type results
  • AI-generated personality analyses, chat conversations, and journal reflections
  • Voice journal audio recordings (if you use voice journaling)
  • Mood check-in data

Payment Information

  • Payment transactions are processed by Stripe. We do not store your credit card number or full payment details on our servers
  • We receive and store transaction metadata (purchase ID, product purchased, amount, date) for record-keeping

Technical Information

  • IP address (for security and fraud prevention)
  • Browser type and device information
  • Access timestamps and usage patterns

Sensitive Data Notice

Some of the data you provide β€” including personality assessment responses, birth details, journal entries, and voice recordings β€” may be considered sensitive personal information under California law (CCPA/CPRA). We apply additional safeguards to this data, including encryption at rest and in transit. We do not sell this data or share it with third parties for advertising purposes.

3. How We Use Your Information

We use your information to:

  • Generate your personality profiles, analyses, and test results
  • Power the AI Mirror chat companion with personalized context
  • Process and store journal entries (text and voice)
  • Store your results in your personal Vault for future reference
  • Process payments and manage subscriptions
  • Send transactional communications (e.g., purchase confirmations, account notifications)
  • Maintain security, prevent fraud, and comply with legal obligations
  • Improve and maintain the App

4. Data Storage and Security

Your data is stored securely using industry-standard practices:

  • Encryption at rest for all stored data (AES-256)
  • Encryption in transit (TLS/SSL)
  • Row-level security policies ensuring you can only access your own data
  • Regular security monitoring and updates

Our infrastructure is hosted on Vercel and Supabase, both of which maintain SOC 2 compliance and enterprise-grade security measures. Servers are located in the United States.

5. Service Providers

We use the following third-party service providers to operate the App:

  • Supabase β€” database and authentication (United States)
  • Vercel β€” application hosting (United States)
  • OpenAI β€” AI analysis and chat (United States)
  • Clerk β€” user authentication (United States)
  • Stripe β€” payment processing (United States)

Each service provider processes data only as necessary to provide their service and is bound by contractual data protection obligations.

6. Data Sharing

We do not sell, rent, or trade your personal information to third parties. We do not share your personal information for cross-context behavioral advertising.

Your data may be disclosed in the following limited circumstances:

  • Service providers: With the third-party providers listed above, solely to operate and deliver the App
  • Legal requirements: If required by law, subpoena, court order, or governmental request, or to protect our legal rights, safety, or property
  • Business transfers: In connection with a merger, acquisition, or sale of assets, in which case your data would remain subject to this Privacy Policy

7. Data Retention

We retain your data for as long as your account is active. Upon account deletion:

  • All profiles, assessment data, journal entries, and chat history are permanently deleted
  • All voice recordings are deleted
  • Payment transaction records are retained as required by applicable tax and accounting laws
  • Security audit logs are anonymized and retained for up to 1 year

8. Your Rights Under California Law (CCPA / CPRA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act and California Privacy Rights Act:

  • Right to Know: You may request disclosure of the categories and specific pieces of personal information we have collected about you
  • Right to Delete: You may request permanent deletion of your personal information
  • Right to Correct: You may request correction of inaccurate personal information
  • Right to Opt-Out of Sale/Sharing: We do not sell or share your personal information for cross-context behavioral advertising
  • Right to Limit Use of Sensitive Personal Information: You may request that we limit the use and disclosure of your sensitive personal information to what is necessary to provide the service
  • Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights

To exercise your rights: You can delete your account and all associated data directly from the App settings. For other requests, email us at support@thevault.com. We will verify your identity and respond within 45 days as required by law.

Authorized agents: You may designate an authorized agent to make a request on your behalf. We may require verification of the agent's authority and your identity.

9. Categories of Personal Information

As required by the CCPA, here is a summary of the categories of personal information we collect and how they are used:

CategoryExamplesSold?
IdentifiersEmail address, account IDNo
Internet activityApp usage, pages visitedNo
Sensitive personal informationPersonality scores, journal entries, birth details, voice recordingsNo
Commercial informationPurchase history, subscription statusNo
InferencesAI-generated personality analyses, type classificationsNo

10. Cookies and Tracking

We use essential cookies for authentication and session management. These are strictly necessary for the App to function and cannot be disabled.

We do not use advertising cookies, third-party tracking pixels, or cross-site tracking technologies. We do not participate in ad networks or retargeting.

11. Children's Privacy

The App is intended for adults aged 18 and older. We do not knowingly collect personal information from anyone under 18.

In compliance with the Children's Online Privacy Protection Act (COPPA), we do not knowingly collect, use, or disclose personal information from children under 13. If we become aware that we have collected information from a child under 13, we will promptly delete it. If you believe a child has provided us with personal information, please contact us at support@thevault.com.

12. Do Not Track

The App does not track users across third-party websites and therefore does not respond to Do Not Track (DNT) signals. As noted above, we do not engage in cross-site tracking or behavioral advertising.

13. International Users

The App is operated from and hosted in the United States. If you access the App from outside the United States, please be aware that your information will be transferred to, stored, and processed in the United States. By using the App, you consent to this transfer.

14. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting a notice in the App or by sending an email to the address associated with your account. Your continued use of the App after changes are posted constitutes acceptance of the updated policy.

15. Contact Us

If you have questions about this Privacy Policy or wish to exercise your privacy rights, please contact us:

The Vault, Inc.
Email: support@thevault.com

If you are a California resident and believe your privacy rights have been violated, you may also file a complaint with the California Attorney General's Office at oag.ca.gov.