PasswordPact (“we,” “us,” or “our”) is a service owned and operated by 911 Vault Corp. This Privacy Policy describes how we collect, use, process, and protect your information when you use PasswordPact. By accessing or using the Services, you agree to this Privacy Policy.
a. Personal Information:
We collect information that identifies you or can be used to identify you, including:
b. Secure Vault Data:
You may upload or store sensitive information (“Vault Data”) in our Services. Vault Data may include files, notes, credentials, or other digital assets you choose to secure and share. You control what you store and who can access it.
c. Non-Personal Information:
We collect technical and usage data such as device identifiers, browser type, usage logs, and aggregated statistics. This data does not identify you personally.
d. Cookies and Tracking Technologies:
We use cookies and similar technologies to enhance your experience, analyze usage, and improve our Services. You can manage cookie preferences in your browser settings.
We use your information to:
a. Security Architecture:
All sensitive data processing and exposure occurs exclusively within isolated secure enclave environments. Our system is designed so that the platform operator has zero knowledge of your data and cannot access plaintext information at any stage. Persistent data is stored on enterprise-grade, ISO 27001-certified cloud infrastructure in the United States.
b. Encryption:
All Vault Data is encrypted in transit and at rest using industry-standard cryptographic methods. We utilize NIST-approved modules and post-quantum ready encryption standards. Platform operators do not have access to unwrapped decryption keys or plaintext data.
c. Role-Based Access and Conditional Release:
You may designate trusted contacts (“Trustees”) and assign roles and access conditions for your Vault Data. Access is governed by your policies and requires unanimous multi-party validation, event triggers, or scheduled releases. All access events are logged and trigger notifications to relevant users.
d. Decentralized Storage and Physical Possession:
For certain vaults, encrypted files are distributed to Trustees and/or the owner. Decryption requires physical possession of the encrypted file and collaborative validation per your configured policy.
e. Owner Control and Auto-Lock:
The vault owner can reset access at any time, clearing pending requests and returning the vault to a locked state. After any decryption event, the vault automatically resets, requiring renewed validation for future access.
f. Security Limitations:
No security measure is 100% effective. We cannot guarantee absolute security of your information. In the event of a security incident affecting your Vault Data, we will notify you as required by law.
a. With Your Designated Trustees:
Vault Data is only shared with your designated Trustees and only according to your explicit instructions and access policies.
b. With Service Providers:
We may share limited information with trusted service providers who assist with our operations (e.g., cloud hosting, payment processing). These providers are contractually obligated to protect your information.
c. Legal and Regulatory Requirements:
We may disclose information if required by law, court order, or to protect our rights, property, or safety, or that of our users.
d. Business Transfers:
If 911 Vault is acquired or merges with another entity, your information may be transferred as part of that transaction. You will be notified of any material changes.
e. No Third-Party Marketing:
We do not sell or share your personal information with third parties for marketing purposes.
All data is processed and stored in the United States. GDPR compliance is available only by explicit contractual agreement for EU data subjects. By using our Services, you consent to U.S. data jurisdiction.
Our platform is designed with industry-leading security and privacy controls, including end-to-end encryption and zero-knowledge architecture. We do not represent our platform as HIPAA-compliant.
You may delete your account at any time via your account settings. Upon deletion, your Vault Data will be securely deleted from our systems. We may retain non-personal or aggregated data for analytics and legal compliance.
Our Services are not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us for removal.
We may update this Privacy Policy from time to time. Material changes will be communicated by email or prominent notice on our Services. Continued use of the Services after changes constitutes acceptance of the updated policy.
If you have any questions or concerns about this Privacy Policy or your information, please contact us at: