Privacy Policy

Last Updated: June 7, 2025

Disclaimer: This is a template provided for informational purposes only and does not constitute legal advice. You should consult with a qualified attorney to ensure this policy is complete, accurate, and compliant with all applicable laws for your specific circumstances.

1. Introduction

Welcome to SaltVaults ("Company," "we," "our," "us"). We are committed to protecting your personal information and your right to privacy. This Privacy Policy outlines our policies and procedures on the collection, use, and disclosure of your information when you use our service and tells you about your privacy rights and how the law protects you.

Our main office is located in Louisville, KY. We are the Data Controller for the information we process.

2. Information We Collect and How

We collect information that you provide directly to us, information that is collected automatically, and information from third parties.

A. Information You Provide to Us

  • Account and Profile Information: We collect your name, email, password, username, and professional details (such as medical field, NPI number, prefix, etc.) when you register for an account.
  • Payment Information: For services requiring payment, such as organization subscriptions or individual verification, we use Stripe, a third-party payment processor. We do not directly collect or store your payment card details.
  • User Content: We collect the information you post to the Service, such as coverage post details, messages between users, and reviews.

B. Information We Collect Automatically

  • Log and Usage Data: We collect information on how you access and use our Services, including your IP address, browser type, device information, pages viewed, and the dates/times of your visits.
  • Cookies and Similar Technologies: We use cookies to operate and administer our Site and to improve your experience. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent.

3. Lawful Basis for Processing

Under the General Data Protection Regulation (GDPR), we process your personal data under the following lawful bases:

  • Your Consent: Where you have given us clear consent to process your personal data for a specific purpose.
  • Contractual Necessity: Where processing is necessary for the performance of a contract with you (e.g., to provide you with our core services as described in our Terms of Service).
  • Legitimate Interests: Where the processing is necessary for our legitimate interests (e.g., for fraud prevention, network security, or direct marketing), provided these interests are not overridden by your fundamental rights and freedoms.

4. How We Use and Share Your Information

We use your information to provide, maintain, and improve our services. We do not sell your personal data. We may share your information as follows:

  • With Other Users: To facilitate connections, parts of your profile and content you post will be visible to other users of the Service.
  • With Service Providers: We share data with third parties who perform services on our behalf, such as Stripe (payment processing) and Google Cloud/Firebase (hosting, database, cloud functions).
  • For Legal Compliance: We may disclose information where we are legally required to do so in order to comply with applicable law or a valid legal process.

5. Your Data Protection Rights under GDPR

If you are a resident of the European Economic Area (EEA), you have certain data protection rights. We aim to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data.

  • The right to access, update or delete the information we have on you.
  • The right of rectification. You have the right to have your information rectified if that information is inaccurate or incomplete.
  • The right to object. You have the right to object to our processing of your Personal Data.
  • The right of restriction. You have the right to request that we restrict the processing of your personal information.
  • The right to data portability. You have the right to be provided with a copy of the information we have on you in a structured, machine-readable and commonly used format.
  • The right to withdraw consent. You also have the right to withdraw your consent at any time where we relied on your consent to process your personal information.

To exercise these rights, please contact us at legal@codevoyage.io.

6. International Data Transfers

Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ. If you are located outside the United States and choose to provide information to us, please note that we transfer the data to the United States and process it there. We will take all steps reasonably necessary to ensure that your data is treated securely.

7. Data Retention

We will retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your data to the extent necessary to comply with our legal obligations, resolve disputes, and enforce our policies.

8. Contact Us

If you have any questions about this Privacy Policy, please contact us:

  • By email: legal@codevoyage.io