Privacy Policy
Last updated: November 2025
1. Data Controller
VaultScope is the data controller within the meaning of Art. 4(7) GDPR.
- Controller: VaultScope
- Privacy Contact: privacy@vaultscope.dev
- Jurisdiction: European Union
2. Information We Collect
- Account Information: Email address, username, encrypted password
- Service Usage Data: Server configurations, resource usage, and panel activity via Pterodactyl
- Billing Information: Payment preferences and transaction references processed via Stripe (no full card data stored)
- Technical Data: IP addresses, browser type, device information, and access logs
- Communications: Support tickets, emails, and Discord messages
- Analytics: Usage data collected through Google Analytics (consent-based)
VaultScope accepts payments exclusively via Stripe. Full payment credentials remain with Stripe in accordance with Stripe's Privacy Policy.
3. Legal Basis for Processing (Art. 6 GDPR)
- Performance of a contract (Art. 6(1)(b))
- Legal obligations (Art. 6(1)(c))
- Legitimate interests – security, abuse prevention, service improvement (Art. 6(1)(f))
- Consent – cookies and analytics (Art. 6(1)(a))
4. How We Use Your Information
- Providing and maintaining hosting services
- Processing payments and managing billing through Stripe and Paymenter
- Monitoring performance and preventing abuse
- Communicating service updates and support
- Improving services and developing new features
- Complying with legal obligations
5. Data Retention
- Account Data: 7 days after termination
- Billing Data: 1 year after termination
- Logs: 7 days after termination
- Analytics: Governed by Google Analytics retention policies
6. Data Storage & Security
- Encrypted data transmission (TLS/SSL)
- Secure password hashing
- Access controls and monitoring
- Regular security updates
7. Data Sharing & Third Parties
- Stripe: Payment processing – see Stripe Privacy Policy
- Trustpilot: Review invitations based on legitimate interest – Reviewers, Businesses
- Google Analytics: Usage analytics (consent-based)
- Pterodactyl: Server & panel management
8. International Data Transfers
Where data is processed outside the EU/EEA, we rely on appropriate safeguards such as EU Standard Contractual Clauses or adequacy decisions.
9. Cookies & Tracking
We require explicit consent before setting non-essential cookies. You can manage or withdraw consent at any time via our cookie settings.
Stripe may set cookies for fraud prevention and security purposes.
10. Automated Decision-Making
VaultScope does not use automated decision-making or profiling with legal or similarly significant effects.
11. GDPR Rights
- Right of access
- Right to rectification
- Right to erasure
- Right to restriction of processing
- Right to data portability
- Right to object
- Right to withdraw consent
Contact privacy@vaultscope.dev. You also have the right to lodge a complaint with a supervisory authority.
12. Right of Withdrawal & Refunds
Under EU consumer law, the right of withdrawal expires immediately for digital services once service delivery begins with your consent. Refunds are generally not offered.
13. Termination & Liability
- Accounts may be terminated without notice
- Services are provided “as is”
- No liability for data loss or service interruptions
14. Children’s Privacy
Our services are not intended for users under 13 years of age.
15. Changes to This Policy
We may update this Privacy Policy periodically. Continued use of our services constitutes acceptance of the updated policy.
16. Contact
- Email: privacy@vaultscope.dev
- Discord: discord.gg/sRj3uPPpme