VaultSign

Privacy Policy

Privacy Policy — VaultSign

Last updated: March 2026

1. Data Controller

Rocket99 Ventures LLC. Responsible: Giuliano Passalacqua. Email: privacidade@vaultsign.com

2. Data Collected

a) Registration: name, email, password (hash), phone, CPF (optional). b) Signature: IP, date/time, user-agent, geolocation, visual signature. c) Documents: encrypted PDF storage. d) Usage: pages visited, actions (audit trail).

3. Purpose

Service delivery, legal validity (audit trail), document communications, platform improvement.

4. Legal Basis (LGPD Art. 7)

Contract execution (V), legal obligation (II), consent (I).

5. Data Sharing

We do NOT sell data. We share with: Supabase (data), Brevo (emails), Vercel (hosting), FreeTSA.org (hash only, no personal data).

6. Security

Supabase (AWS US), HTTPS/TLS, hashed passwords, Row Level Security (RLS), SHA-256 hash for document integrity.

7. Data Retention

Account: active + 5 years. Signed documents: 10 years. Audit trail: 10 years. Browsing data: 1 year.

8. Data Subject Rights (LGPD Art. 18)

Access, correction, deletion, portability, consent revocation. Request via: privacidade@vaultsign.com

9. Cookies

Essential cookies only (authentication/session). No tracking or marketing cookies.

10. International Transfer

Data processed in the USA (Supabase/AWS, Vercel). Protected by standard contractual clauses.

11. Changes

Changes will be notified by email. Continued use after notification implies acceptance.

12. DPO / Data Protection Officer

privacidade@vaultsign.com. Brazilian Data Protection Authority (ANPD): www.gov.br/anpd

Terms of Use

VaultSign — Secure Electronic Signature