Privacy policy.

Last updated · 2026-04-23

What we collect

• Account data you submit on signup: name, email, password hash, profile type.
• Organization data you create: organization name, type, country, currency.
• Ledger data you enter: contracts, invoices, line items, wallet movements, withdrawals.
• Operational logs: request metadata, IP address, user agent, timestamps.

Why we collect it

To operate the service, secure the service, bill paid plans, and respond to support. We do not sell personal data.

How we store it

Encrypted in transit over HTTPS and encrypted at rest. Database access is limited to engineers on call. Backups are retained for a rolling thirty days.

Who we share it with

Sub processors we rely on are listed in the DPA. We share data with them only as required to operate Vectis.

How long we keep it

Active account data is kept while the account is active. On deletion, data is removed within thirty days except where retention is required by law (for example, invoice records under tax law).

Your rights

• Access, export, or delete your data.
• Correct inaccurate information.
• Object to processing where applicable.

Write to privacy@vectis.app for any of the above.

Cookies

We use a session cookie for authentication. We do not run advertising cookies. See cookies for the full list.

Changes

Material changes are announced on this page with a new updated date.