PRIVACY POLICY
Last Updated: July 24, 2025
OVERVIEW
At vlt technology inc. (the “Company”, “we” or “us”), we use our website and other internet-based tools for the following purpose: software package indexing, storage, search & compute infrastructure (the “Services”).
This Policy sets out how we use, protect, collect and preserve information submitted by Users, including User information gathered by our technology. This Policy should be read in conjunction with our Terms of Use. For users subject to GDPR or other data protection laws, this Policy also serves as our Data Processing Agreement, outlining our obligations as a data processor when you act as a data controller.
This Policy will describe the information that we collect about you for and/or through the use of our Services and through our Website, and how we disclose that information.
This Policy applies to our privacy practices on all communications between the Company and Users, including but not limited to communication via:
the Website and any other web domain used by the Company to communicate with users now or in the future); any mobile, computer, or tablet-based application currently offered by Company or developed in the future by the Company; and all other services provided by the Company, as described on the Website. By using any of our Services or the Website, you agree that your information will be handled as described in this Policy, to the extent applicable. Your use of our Services, the Website or cookies, and any dispute over privacy, is subject to this Policy and the possible Agreement we have with you, including its applicable limitations on damages and the resolution of disputes.
If you have any questions about this Policy, please contact us by sending an email with your questions to [email protected] before accessing or entering any information on the Website.
DEFINITIONS
- Agreement: means the service agreement signed between you and Company for the use of the Services.
- GDPR: means the EU General Data Protection Regulation 2016/679 (as amended), and, in the United Kingdom, that regulation as it forms part of English law under the European Union (Withdrawal) Act 2018.
- Policy: means this policy.
- Services: means our software package indexing, storage, search & compute infrastructure services, including our client and serverless registry, as well as any other products and services we provide to you.
- Website: means any Company website, including but not limited to vlt.sh and any other web domain used by the Company to communicate with users now or in the future.
- Visitors: means visitors to our public websites.
- Users: means users of our subscription based Services.
- Data Controller: an individual or organization that determines the purposes and means of processing personal data.
- Data Processor: an individual or organization that processes personal data on behalf of a data controller.
- Customer Personal Data: personal data that you (as a data controller) upload to or process through our Services.
- Subprocessor: third-party service providers we engage to assist in providing our Services.
INFORMATION ABOUT USERS WE COLLECT AND STORE
When you create an account on the Website or when you use the Service, we collect and retain the following personal information submitted to us: name, email address, birth date, and IP address for our Services. Any personal identifying information submitted to us shall only be retained for the duration of the subscription.
We process your personal information to fulfill our contractual obligations to provide you with the Services. We need your personal information to create and maintain your account to access the Services, to create logins for you and to contact you in case you need support. We collect this data directly from you or your employer when you execute our Agreement..
We will not use personal identifying information to contact you for any reason unrelated to your use of the Website or for commercial reasons unrelated to the business of the Company. Except with your consent or where required by law, we will not provide personal identifying information to any third party.
UPLOADING PERSONAL INFORMATION
We collect information from you when you request information from us or otherwise interact with our Website and our Services. The type of information that we collect from you depends on your particular interaction with our Website and may include, without limitation, your name, address, and email address, and any other information that you choose to provide to us.
ADDITIONAL DATA COLLECTED
We and our third party service providers automatically collect, process and use information about you through the use of cookies and other tracking technologies (collectively, “cookies”), including:
Details of your visits to our Website including, but not limited to, traffic data, location data, weblogs and other communication data, search activities as well as the page, content, software or resources that you access. Your IP address, web addresses of the sites you arrive from and go to next and information about your connection, including your device’s browser, operating system, platform type and Internet connection speed. We use this information for operational and performance measurement purposes and to regionalize certain contents of the Website. Details of transactions and orders, your history of correspondence with us, quote requests or inquiries or when you contact customer service or technical support.
COOKIES
To facilitate the collection of information and to enhance the experience of Users of the Website, we use cookies which may be stored on Users’ computers and/or devices so that we can recognize Users when they return. You may set your browser to notify you when you receive a cookie or to not accept certain cookies. However, changing such settings may result in you not being able to use the Website, either in its entirety or certain features.
Using cookies, you may have the option to allow us to save your user ID and login password for future logins to the Website.
Cookies that are stored on your computer and/or device after visiting the Website may be recognized for advertising purposes and to show you targeted advertisements after you visit the Website.
For more information on the cookies we use or to opt-out, please contact us at [email protected].
PERMITTED USES OF DATA
Information about our current and potential customers is an integral part of our business. Our primary goal in collecting personal information is to deliver a smooth, efficient and personalized experience when using our Website and/or Services. This allows us to provide you with the information, services and features that are most likely to meet your needs.
We use your information, including your personal information, for the following purposes:
- To provide our Services to you, to facilitate the features on our Website, to communicate with you about your use of our Website or Services, to respond to your inquiries, to manage your account, to send you information that you have requested, and for other customer service purposes.
- For marketing and advertising purposes. For example, as permitted by applicable law, we may occasionally contact you by e-mail to provide you with information about other Services that might be of interest to you.
- To tailor the content and information that we may send or display to you, to offer location customization, and personalized help and instructions, and to otherwise personalize your experiences while using the Website or our Services.
- To better understand how users access and use the Services, both on an aggregated and individualized basis, in order to improve our Services to you and everyone and respond to user desires and preferences, and for other Service research and analytical purposes.
- We automatically track certain information about you, based upon your behavior on our Website. We use this information to conduct internal research on our user and visitor demographics, interests and behaviors, and to offer more personalized content. The information we collect from you and about you is used as follows:
- To ensure that content from our Website is presented as optimally as possible for you, your computer and your web browser.
- To measure and improve the Website’s performance and usability, its contents, services and features as well as to personalize your overall experience.
- To send you information based on your relationship or transactions with us, notify you about changes to our products or services, provide customer support and respond to your inquiries.
LEGAL BASIS FOR PROCESSING PERSONAL IDENTIFYING INFORMATION
We may process your personal identifying information for a number of reasons, including:
- performing a contract with you relating to the Website and / or Services;
- you have provided us consent to do so;
- fulfilling our legal obligation;
- fulfilling our legitimate interests, which are not overridden by your rights;
- for payment processing purposes.
DATA PROCESSING OBLIGATIONS (GDPR & DATA PROTECTION LAWS)
When you use our Services and upload or process personal data through our platform, you typically act as the Data Controller and we act as the Data Processor. In this capacity, we commit to the following:
PROCESSING OF CUSTOMER PERSONAL DATA
- We comply with all applicable data protection laws, including GDPR
- We only process Customer Personal Data as necessary to provide our Services and in accordance with your instructions
- Processing is limited to providing, maintaining, and improving our hosted services
PERSONNEL AND SECURITY
- Our personnel accessing Customer Personal Data are appropriately trained and bound by confidentiality obligations
- We implement appropriate technical and organizational security measures including encryption, access controls, and regular security assessments
- Access to Customer Personal Data is limited to personnel who need it for service provision
SUBPROCESSORS
We may engage Subprocessors to assist in providing our Services. Our current approach:
- We maintain a list of current Subprocessors (see "THIRD-PARTY APPLICATIONS" section below)
- We notify customers of material changes to Subprocessors via email or service announcements
- Customers may object to new Subprocessors, and if no reasonable alternative exists, either party may terminate the affected Services
- All Subprocessors are bound by data protection obligations equivalent to those in this Policy
DATA SUBJECT RIGHTS ASSISTANCE
- We assist customers in responding to data subject rights requests when technically feasible
- We promptly notify customers if we receive data subject rights requests directly
- We provide reasonable assistance with Data Protection Impact Assessments when our Services are the subject of such assessments
PERSONAL DATA BREACH NOTIFICATION
- We notify customers without undue delay upon becoming aware of a personal data breach affecting Customer Personal Data
- We assist with breach investigation and remediation as reasonably requested
- For security breaches involving your account, see our "SECURITY BREACHES" section below
INTERNATIONAL DATA TRANSFERS
Customer Personal Data may be transferred to and processed in countries outside the EEA as necessary to provide our global Services. We implement appropriate safeguards including Standard Contractual Clauses where required.
ACCESSING, CORRECTING & DELETING YOUR PERSONAL INFORMATION
If you wish to access or amend your personal information or to request that we permanently delete your personal information from our servers, please send an email to [email protected]. We will ensure your personal information is accessible, amended and/or deleted in a reasonable time after receiving that request but in any event, by no later than 6 months from the termination or expiration of your subscription. Deleting such information may require us to terminate any account you may have created in its entirety and prevent you from using the Website.
DATA RETENTION AND DELETION POLICIES
- Active Subscriptions: We preserve your personal information in accordance with this Policy while your subscription remains active
- Service Termination: Upon termination of our Services (as governed by our Terms of Use), we delete Customer Personal Data in accordance with our standard data retention policies
- Account Inactivity: If you have not accessed your account for 2 years, we may terminate your account and associated personal information without notice
- Deletion Methods: We use standard electronic means to remove personal information from our files
- Legal Requirements: We retain information required by applicable laws for the full duration required under those laws
- Deletion Certification: For Customer Personal Data processed under GDPR, we may provide deletion certification upon reasonable request
You may decline to share certain personal information with us, in which case you may not be able to use the Website, either in its entirety or certain features.
KEEPING YOUR DATA SECURE
We will store your information in electronic format on industry-standard servers that we have selected. Except where required to do so by law, we will not store your personal information in any physical or paper-based format.
The servers we select to store information engage security software and generally accepted standards to protect personal information. The software used by these servers is intended to prevent unauthorized access or improper use.
However, no security system is perfect and there is always a risk of unauthorized parties accessing your personal information. Therefore, we make no guarantees or representations as to the technical or legal compliance of the servers we use. We cannot guarantee the complete protection and security of your personal information.
Our servers may be located outside of Canada, and thus are potentially subject to the privacy and security laws in force in other countries. If you have concerns about your personal information being stored electronically in foreign jurisdictions, please contact us before proceeding to use the Website or the Services.
THIRD-PARTY APPLICATIONS & SUBPROCESSORS
To provide an enhanced experience to Users, including to track conversions and analytics, we may engage services and features controlled by third-parties. We cannot control or dictate how any third-party application you use in conjunction with the Website, now or at any point in the future, will treat any personal information you transmit through their servers when using the Website. We advise you to contact these parties directly to review their privacy policies.
CURRENT SUBPROCESSORS
Subprocessor | Purpose | Data Location | Website |
---|---|---|---|
Cloudflare | CDN, Security, Hosting & Compute Infrastructure | Global | cloudflare.com |
Vercel | Hosting & Build Infrastructure | Global | vercel.com |
AWS | Indexing & Compute Infrastructure | Global | aws.amazon.com |
Neon | Data Storage | Global | neon.tech |
WorkOS | Account Management & Authentication | Global | workos.com |
Stripe | Payment Processing | Global | stripe.com |
Cloud Services | Global | cloud.google.com | |
Slack | Support & Communication | Global | slack.com |
Mixpanel | Analytics | Global | mixpanel.com |
Sentry | Error Tracking | Global | sentry.io |
By using any of these third-party applications to interact with the Website or the Services, we will not be given access to your login credentials, password, payment information, or any information you may provide directly to these applications.
USE OF WEBSITE BY MINORS
Neither the Website nor the Services are intended to be accessed by persons under the age of 18. The Company does not engage in any marketing efforts aimed at children or minors.
Persons under the age of 18 are prohibited from using the Website or the Services without the express permission and direct supervision of a parent or guardian. Minors are prohibited from submitting any personal identifying information through the Website or the Services. The Company will immediately delete any personal identifying information submitted in violation of this Policy.
DISCLOSURE OF PERSONAL INFORMATION
In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
We may disclose your personal information to third parties:
In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets. We may share your information with other third party service providers to assist us in providing our Services to you, responding to your requests, and/or to provide you with the partner services you have purchased. If the Company or its assets are acquired by a third party, in which case personal data about Users may be one of the transferred assets. If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our Terms of Use; or to protect the rights, property, or safety of the Company, our Users, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.
USER REFERRAL SERVICE
You can choose to provide us with the names and email addresses of individuals or organizations that you feel would be interested in learning more about our products and services. When you choose to engage this service, we may send a preliminary email to each address provided to us, inviting the contact to visit our website. We continue to store the contact details in order to track the success of our referral service.
AMENDING THIS POLICY
This Policy may be updated and amended from time to time. We reserve the right to change this Policy at any time, and any amended Policy is effective upon posting to the Website. We will make efforts to communicate any changes to this Policy we deem material, in our sole discretion, via email or notifications on the Website or through the Services. Your continued use of the Website or the Services will be deemed acceptance of any amended Policy.
CONTACT US
We encourage you to send us questions and inquiries on this Policy and the steps we take to keep your personal information secure. Please send us an email: [email protected].
We will respond to all inquiries as soon as is reasonably practicable.