Security & Privacy
How VaultTrace protects your data
You're trusting us with sensitive financial documents. Here's exactly what happens to your data — with no vague reassurances.
Our guarantees
Your PDF is never stored
When you upload your IRS transcript, it is read into memory, processed immediately by our parser, and discarded. The raw file is never written to disk, never saved in a database, and never retained after the request completes.
Your SSN is never stored
If you optionally provide your Social Security Number for registry cross-referencing, it is used only for that single lookup during your session. It is never persisted to any database, log, or storage system.
All data in transit is encrypted
Every connection to VaultTrace is protected by TLS 1.2 or higher. Data sent between your browser and our servers is encrypted end-to-end. We enforce HTTPS with HSTS and reject plain HTTP connections.
Our servers never see your raw document
Your transcript PDF is sent directly to an AI parser which extracts only employer names and EINs — structured text with no personally identifiable information. The original document bytes are immediately freed from memory after parsing.
Transcript processed in memory and immediately discarded
Processing is fully in-memory with no intermediate file writes. Once employer names are extracted, the transcript data is garbage-collected. Nothing from your document persists beyond the scope of your scan.
Technical summary
What we do store
To deliver your results and let you revisit them, we store:
- Your email address (so we can send you your report)
- The list of employer names extracted from your transcript
- The DOL and pension plan matches found during your scan
- The timestamp of your scan
We never store your PDF, your SSN, or any raw document content. Employer names are extracted text — not financial records.