VaultScrub

Privacy Policy

Last updated: February 2025

1. Our Commitment to Privacy

VaultScrub is built with a privacy-first architecture. Your documents and personal information are processed locally on your device. We do not collect, transmit, or store your data on any external servers.

2. Data Processing

All document processing — including OCR text extraction, PII detection, and PDF redaction — happens entirely on your device. Your original documents never leave your computer.

  • Documents are read from and saved to your local filesystem only
  • OCR processing runs locally using on-device machine learning models
  • Redaction patterns are matched locally without any network calls

3. Cloud AI Features (Optional)

If you choose to use cloud-based AI features (Claude, OpenAI, or Gemini), the following applies:

  • Only redacted text is sent to the AI provider — never your original unredacted documents
  • All personally identifiable information (PII) is stripped before any text reaches an external API
  • Your API keys are encrypted locally using AES-256-GCM with PBKDF2 key derivation and are never transmitted to VaultScrub
  • Cloud AI usage is entirely optional — all core features work offline

4. Local AI Features (Ollama)

When using local AI via Ollama, all processing happens on your machine. No data is sent to any external service. The connection is made to your local Ollama instance running on your device.

5. Data Storage

  • Application settings and preferences are stored locally in your browser's localStorage
  • Sensitive data (API keys, personal information for redaction) is encrypted at rest using AES-256-GCM
  • You can delete all stored data at any time from Settings → Security → Danger Zone

6. Analytics & Telemetry

VaultScrub does not collect any usage analytics, telemetry, crash reports, or tracking data. We have no insight into how you use the application.

7. Auto-Updater

If automatic update checks are enabled, VaultScrub periodically checks for new versions by requesting a version manifest from GitHub. This request contains no personal data — only a version number comparison is performed. You can disable automatic update checks in Settings → General.

8. Third-Party Services

  • Stripe — Used for license purchases. Payment processing is handled entirely by Stripe; VaultScrub does not process or store payment information.
  • Cloud AI Providers (optional) — Anthropic (Claude), OpenAI, or Google (Gemini). Only redacted text is shared, governed by each provider's own privacy policy.
  • GitHub — Used for update checks only. No personal data is transmitted.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be reflected in the application and on this page with an updated “Last updated” date. Continued use of VaultScrub after changes constitutes acceptance of the updated policy.

10. Contact

If you have questions about this Privacy Policy, please contact us at support@vaultscrub.com.