Privacy Policy

When you run a scan, we collect the following:

• Email address — if you provide one. Used to associate your scan with your session and to notify you of service updates if you opt in.
• Employer names and EINs — extracted from your uploaded transcript or entered manually. These are the core inputs used to run your search.
• Scan results — the matches we surface from DOL, PBGC, and state unclaimed property databases, including plan names, confidence scores, and filing years.
• Scan metadata — the timestamp of your scan, the scan type (IRS transcript, W-2, or quick scan), and the URL of the page you scanned from.

If you join our waitlist or use the email capture on the results page, we store your email address in a separate waitlist table.

We have deliberately designed the system to avoid retaining sensitive raw data:

• PDF files — your uploaded transcript or W-2 is read into server memory, parsed by our AI model to extract employer details, and then immediately discarded. The file is never written to disk or stored in any database.
• Social Security Numbers — if you optionally provide your SSN to improve search accuracy, it is used for a single registry cross-reference during your scan and is never inserted into any database, log file, or storage system.
• Raw transcript content — we extract only structured employer data (names and EINs). The full text content of your IRS document is not retained.
• Payment information — VaultTrace is currently free and does not collect any payment or billing data.

We use the data we collect for the following purposes:

• To run your employer search and return results.
• To generate and deliver your downloadable PDF report.
• To notify you when we add new data sources, if you have opted in.
• To understand aggregate usage patterns and improve the service (no personally identifiable data is shared externally for this purpose).

We do not sell your data. We do not share it with advertisers. We do not use it to build marketing profiles.

Scan results (employer names, matches, and email address) are retained in our database indefinitely unless you request deletion. We may introduce automatic retention limits in the future and will update this policy accordingly.

Waitlist email addresses are retained until you request removal.

Server logs, if any, are retained for up to 30 days for debugging and security purposes and then purged.

VaultTrace uses the following third-party services to operate. Each has its own privacy policy:

• Supabase — stores scan results, email addresses, and waitlist entries in a cloud-hosted PostgreSQL database.
• Anthropic— processes your uploaded PDF in memory to extract employer names. Document content is subject to Anthropic’s data usage policies for API customers.
• Resend — sends transactional emails (waitlist confirmation, scan reports) on our behalf.
• DOL EFAST2, PBGC, and state agencies — public APIs queried with only employer names and EINs to look up retirement plan filings. No personal data is sent to these services.

You have the right to:

• Request a copy of the personal data we hold about you.
• Request deletion of your scan history, email address, or any other data we have stored.
• Opt out of any future communications from us.

To exercise any of these rights, email us at privacy@vaulttrace.org with your email address and the specific request. We will respond within 30 days.

All data in transit is protected by TLS 1.2 or higher. Our database is hosted on Supabase with row-level security enabled. We enforce strict HTTP security headers including HSTS, Content Security Policy, and X-Frame-Options on all responses.

For a detailed breakdown of our technical security measures, see our Security page.

We may update this policy as the service evolves. The “Last updated” date at the top of this page will reflect any changes. For material changes we will make a reasonable effort to notify users who have provided an email address.

Questions or requests? Email us at privacy@vaulttrace.org.