How we collect, use, and protect your personal data.
Last Updated: March 2025 | Effective Date: March 2025
AssetVault ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website assetvault.com (the "Platform"), including any other media form, media channel, mobile website, or mobile application related or connected thereto. Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the Platform. By using the Platform, you consent to the collection and use of information in accordance with this policy.
For the purposes of the General Data Protection Regulation (GDPR), the data controller responsible for your personal data is AssetVault. Our primary contact for privacy matters is: Email: support@assetvault.com. We have appointed a data protection officer who can be reached at the same email address for any privacy-related concerns or requests.
Personal Data: When you voluntarily provide it to us, we may collect personally identifiable information, such as your name, email address, phone number, and postal address when you fill out contact forms, donation forms, or collaboration requests. We also collect payment information when you make donations, though payment card details are processed directly by Flutterwave and are never stored on our servers.
Usage Data: We automatically collect certain information about your device and usage of the Platform, including your IP address, browser type, operating system, referring URLs, access times, pages viewed, and the links clicked. This data is collected through cookies, server logs, and similar technologies.
Download Data: When you download products, we record the product ID, your IP address, user agent string, approximate geographic location, timestamp, and a unique download token. This data is used to prevent abuse, track download statistics, and improve our service.
We use the information we collect for the following purposes: to provide, operate, and maintain the Platform; to improve and personalize your experience; to process and manage donations; to respond to your inquiries and support requests; to monitor and analyze usage patterns and trends; to detect, prevent, and address technical issues and security threats; to prevent fraud and enforce our terms of service; and to comply with legal obligations. We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason that is compatible with the original purpose.
We process your personal data only when we have a lawful basis to do so. The lawful bases depend on the specific context and purpose of processing: Consent — where you have given us clear consent to process your personal data for a specific purpose (e.g., cookie preferences, newsletter subscriptions). Contractual Necessity — where processing is necessary for the performance of a contract with you (e.g., processing a donation). Legitimate Interests — where processing is necessary for our legitimate interests, such as maintaining platform security, improving our services, and preventing fraud, provided these interests are not overridden by your rights. Legal Obligation — where processing is necessary to comply with a legal obligation to which we are subject.
We use cookies and similar tracking technologies to track activity on our Platform and hold certain information. Cookies are small data files stored on your device. We use the following types of cookies: Essential Cookies — required for the Platform to function properly, including session management and security features. These cannot be disabled. Functional Cookies — enable enhanced functionality and personalization, such as theme preferences and language settings. Analytics Cookies — help us understand how visitors interact with the Platform by collecting information about pages visited, time spent, and navigation patterns. Marketing/Advertising Cookies — used by our advertising partners (Monetag, HilltopAds, Adsterra, Google AdSense) to deliver relevant advertisements and track ad campaign performance. You can manage your cookie preferences through our cookie consent banner or your browser settings. For more details, see our Cookies Policy.
We share information with and use the following third-party services: Cloudflare — CDN, DDoS protection, and hosting. Cloudflare processes IP addresses and request data as part of providing these services. Flutterwave — payment processing for donations. Flutterwave handles payment card data directly and is PCI DSS compliant. Cloudflare Turnstile — bot detection and spam prevention. Turnstile may collect device information and behavioral data. Advertising Networks — Monetag, HilltopAds, Adsterra, and Google AdSense may use cookies and tracking technologies to serve advertisements. Each network has its own privacy policy. We do not sell, trade, or otherwise transfer your personal information to outside parties except as described in this policy.
We retain your personal information only for as long as is necessary for the purposes set out in this privacy policy. Specifically: contact form submissions are retained for up to 12 months; donation records are retained for up to 7 years for financial and tax compliance; download logs are anonymized after 90 days; session data is deleted when sessions expire or when you log out; analytics data is retained for up to 26 months. When determining retention periods, we consider the nature and sensitivity of the data, the potential risk of harm from unauthorized disclosure, our legal obligations, and the purposes for which we process the data.
Under the GDPR, you have the following rights regarding your personal data: Right of Access — you can request a copy of the personal data we hold about you. Right to Rectification — you can request correction of inaccurate or incomplete data. Right to Erasure — you can request deletion of your personal data ("right to be forgotten"), subject to certain exceptions. Right to Data Portability — you can request your data in a structured, commonly used, machine-readable format. Right to Object — you can object to processing based on legitimate interests or for direct marketing purposes. Right to Restrict Processing — you can request that we limit how we use your data in certain circumstances. Right to Withdraw Consent — you can withdraw your consent at any time where we rely on consent to process your data. To exercise any of these rights, please contact us at support@assetvault.com. We will respond to your request within 30 days.
Your information may be transferred to — and maintained on — computers located outside of your state, province, country, or other governmental jurisdiction where data protection laws may differ. Your consent to this privacy policy followed by your submission of such information represents your agreement to that transfer. Cloudflare and our other service providers may process data in various jurisdictions. We ensure that appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission, to protect your data during international transfers.
We implement industry-standard security measures to protect your personal data, including encryption in transit (HTTPS/TLS), secure password hashing (PBKDF2 with 100,000 iterations), server-side session management with HTTP-only cookies, rate limiting and IP-based abuse prevention, Cloudflare DDoS protection and Web Application Firewall, regular security audits and penetration testing, and access controls limiting data access to authorized personnel only. However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.
Our Platform is not intended for children under the age of 13 (or 16 in some EU jurisdictions). We do not knowingly collect personal information from children. If you are a parent or guardian and believe that your child has provided us with personal data, please contact us immediately, and we will take steps to delete such information from our systems.
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. We encourage you to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page. Your continued use of the Platform after any modifications to the Privacy Policy will constitute your acknowledgment of the modifications and your consent to abide by the updated policy.
If you have any questions about this Privacy Policy, please contact us: Email: support@assetvault.com | Contact Form: contact.html. For GDPR-related requests, please include "GDPR Request" in your email subject line.