← Back to Home

Trust

Security at GhostVault.

You give us your name and email so we can act as your CCPA agent against 500+ data brokers. Here's exactly how we protect that data, and what we don't do with it.

Last updated: April 21, 2026

Encrypted end-to-end

TLS 1.2+ in transit, AES-256 at rest

Minimum data

We only keep what's needed to send your takedowns

30-day deletion

Cancel and all scan data is purged within 30 days

No third-party sales

We never sell, rent, or share your data for ads

1. Encryption in transit and at rest

Every request between your browser and GhostVault is served over HTTPS using TLS 1.2 or higher, with HSTS enforced (max-age=63072000). Stored data is encrypted at rest using AES-256 on PostgreSQL with managed encryption keys. Passwords are hashed with bcrypt (cost factor 12), we cannot read them even if compelled.

2. What we actually store about you

We collect the minimum needed to send legally-binding CCPA deletion demands on your behalf:

  • Account: Email address, bcrypt-hashed password
  • Scan data: First name, last name, optional city/state, optional email for breach lookup
  • Billing: Handled entirely by Stripe. We never see or store your card number, CVC, or billing address
  • Usage: Login times, feature usage via Vercel Analytics (anonymized)

We do not collect your SSN, date of birth, driver's license, financial account numbers, or health data. We never ask for a phone number unless you explicitly add one for removal.

3. Access controls

Internal access to production data follows the principle of least privilege. Engineering access to the production database is gated behind multi-factor authentication and is logged. We do not export bulk user data to analytics warehouses, BI tools, or marketing platforms.

4. Retention and deletion

Scan results are retained only as long as they're needed to track removal status and respond to data-broker follow-ups (typically 12 months). If you cancel your subscription or delete your account, all scan data and monitored addresses are purged from active systems within 30 days. Backups are retained for 90 days and then cycled out.

5. Sub-processors and vendors

We use a small number of audited vendors to operate the service:

  • Stripe: Payment processing (PCI-DSS Level 1)
  • Vercel: Web hosting (SOC 2 Type II)
  • Railway: Database hosting (SOC 2 Type II)
  • Resend: Transactional email (GDPR-compliant)

We do not use advertising networks, data enrichment services, or third-party trackers that could de-anonymize your visit. Meta Pixel is loaded only for ad conversion measurement and never receives scan data.

6. Incident response

In the event of a security incident that affects your personal information, we will notify you by email within 72 hours of discovery, in line with CCPA and typical state breach-notification statutes. We maintain a documented runbook covering containment, forensic review, customer notification, and regulator disclosure.

7. Compliance posture

  • CCPA / CPRA: Registered to act as an authorized agent under SB 362. We observe the 45-day compliance window on all deletion requests.
  • SOC 2 Type I: In scoping. Target audit window: TBD. We'll update this page with the auditor and timeline as soon as it's signed.
  • GDPR (EU/UK): We do not currently target EU/UK users. If you are outside the US, our scan is available but removal coverage is US-only for now.
  • HIPAA: Not applicable. We do not collect or process protected health information.

8. Responsible disclosure

If you've found a security issue in GhostVault, please email security@ghostvault.live with details. We respond to valid reports within 48 hours, do not pursue legal action against good-faith researchers, and credit reporters who want to be credited.

9. Contact

Questions about this page, or about how we handle your data? Email privacy@ghostvault.live.