VAULT — The Operating System for Luxury Retail
V
PlatformMissionJournalInquireRequest Access
Volume 01 . Index

Privacy Policy.

Last Updated: February 2026

1. Introduction

VAULT (“we,” “our,” or “us”) is committed to protecting the privacy and security of the personal data we process. This Privacy Policy explains how we collect, use, store, and disclose information when you visit our website at thevaulthq.io, submit an enterprise inquiry, or use our agentic commerce platform (collectively, the “Service”). By accessing or using the Service, you acknowledge that you have read and understood this Privacy Policy.

2. Information We Collect

We collect the following categories of information:

a. Information You Provide Directly

  • Identity Data: your name, job title, and role within your organization, as submitted through our enterprise inquiry form.
  • Contact & Organizational Data: the name of your organization or retail house, and any details provided in your inquiry message.
  • Operational Focus: your area of responsibility (e.g., merchandising, retail operations, clienteling, or executive leadership), as selected during the inquiry process.

b. Information Collected Automatically

  • Technical Data: IP address, browser type and version, device information, operating system, time zone, and general location data.
  • Usage Data: pages visited, time spent on pages, navigation paths, and interaction patterns within the Service.

c. Platform Data (Enterprise Users)

For organizations with active platform access, the Service may process inventory data, client relationship records, merchandising configurations, and operational metrics as necessary to deliver the Service. The scope of such processing is defined by your enterprise agreement.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • To process and respond to enterprise access inquiries submitted through our platform;
  • To deliver, maintain, and improve the Service, including our prioritization dashboard, merchandising tools, curation workflows, and market intelligence features;
  • To communicate with you regarding your account, inquiry status, or Service updates;
  • To generate aggregated, anonymized insights for the purpose of improving platform performance and retail intelligence;
  • To detect, investigate, and prevent fraudulent, unauthorized, or illegal activity; and
  • To comply with applicable legal obligations.

4. How We Share Your Information

We do not sell your personal data. We may share information in the following limited circumstances:

  • Service Providers: we use Resend to process and deliver email communications related to enterprise inquiries. These providers are contractually obligated to use your data only as necessary to perform services on our behalf.
  • Infrastructure Partners: the Service is hosted and delivered through Cloudflare, which may process technical data as part of content delivery and security operations.
  • Legal Compliance: we may disclose information if required to do so by law, regulation, legal process, or governmental request.
  • Business Transfers: in the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction, subject to the same privacy protections described herein.

5. Data Retention

We retain personal data only for as long as reasonably necessary to fulfill the purposes for which it was collected, including to satisfy legal, accounting, or reporting obligations. Inquiry data is retained for the duration of the business relationship and for a reasonable period thereafter. Enterprise platform data is retained in accordance with your enterprise agreement. When data is no longer required, it is securely deleted or anonymized.

6. Data Security

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction. These measures include encryption in transit, access controls, and regular security reviews. However, no method of electronic transmission or storage is completely secure, and we cannot guarantee absolute security.

7. Your Rights

Depending on your jurisdiction, you may have the following rights with respect to your personal data:

  • The right to access the personal data we hold about you;
  • The right to request correction of inaccurate or incomplete data;
  • The right to request deletion of your personal data, subject to legal retention requirements;
  • The right to restrict or object to certain processing activities; and
  • The right to data portability where technically feasible.

To exercise any of these rights, please contact us through the channels described below. We will respond to valid requests within the timeframe required by applicable law.

8. International Data Transfers

Your information may be transferred to and processed in jurisdictions other than your own. Where such transfers occur, we take appropriate steps to ensure that your data receives an adequate level of protection in accordance with applicable data protection laws.

9. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, or legal requirements. Any material changes will be reflected by updating the “Last Updated” date at the top of this page. We encourage you to review this Policy periodically. Your continued use of the Service after any changes constitutes acceptance of the updated Policy.

10. Contact Us

If you have questions about this Privacy Policy, wish to exercise your data rights, or have concerns about how your information is handled, please contact us through our enterprise inquiry portal at thevaulthq.io/inquire or reach out to your designated account representative.