1. Who you are and who we are.
You are an adult Indian resident, NRI, or foreign resident over the age of eighteen entering into this contract in your individual capacity, or a parent or lawful guardian acting on behalf of a minor in connection with our Family plan. We are Vault.in Privacy Operations Pvt Ltd, an Indian company with registered office in Mumbai.
2. What we will do.
Run daily scans, draft and dispatch Section 12 erasure notices on your behalf, track Rule 14 deadlines per fiduciary, escalate to the Data Protection Board of India on day ninety-one if required, monitor breach databases, and (on relevant plans) monitor Telegram leak channels, dark web markets, and image misuse. Produce a monthly report. Hold your data as a Data Fiduciary under the DPDP Act with the obligations that entails.
3. Authority you grant us.
By signing up, you authorise Vault.in to act as your representative for the purposes of (a) submitting Section 11 access requests, Section 12 erasure requests, and Section 13 grievance escalations to Data Fiduciaries that hold your personal data; (b) filing complaints with the Data Protection Board of India on your behalf in respect of those requests; and (c) drafting and dispatching legal correspondence in your name in connection with the above. This authority is narrow, revocable in Settings, and does not extend to any other matter.
4. What we will not do.
We will not buy data from any source. We will not pay for access to dark-web markets, paste-site premium tiers, or stolen-data forums. We will not act on third-party 'look up this person' requests, even from spouses or employers. We will not share data with advertising networks. We will not honour government data requests without lawful process. The full operational doctrine is at /methodology.
5. Pricing and billing.
Personal Rs 1,499 per year. Family Rs 3,499 per year for up to five members. Concierge Rs 14,999 per year. Free scan at Rs 0. All amounts in INR. GST included on every invoice. Billing via Razorpay. Annual only; no monthly plans. Subscriptions auto-renew unless cancelled in Settings before the renewal date.
6. Cancellation and refund.
You may cancel any time in Settings; cancellation stops auto-renewal at the end of the current period. Refunds are at our discretion within thirty days of initial payment and are pro-rated based on usage. If we materially fail to deliver the service (uptime below 99% in a billing month), you may request a pro-rated refund or a service credit.
7. Limitation of liability.
We will use our reasonable best efforts to remove your exposures and to file accurate Section 12 notices. We cannot guarantee removal in every case; some exposures (statutory public records, defunct fiduciaries, dark-web caches) cannot be removed regardless of effort. Our aggregate liability to you in any twelve-month period is capped at the total fees you paid us in that period. We are not liable for indirect, consequential, or incidental losses.
8. Indemnity (limited).
You agree not to use the service to (a) submit knowingly false identification, (b) submit Section 12 notices for data that is not yours, or (c) misuse the service in any manner that exposes Vault.in to legal liability. If we incur loss because of your breach of these terms, you will indemnify us for the actual loss, capped at the fees you paid us.
9. Termination by us.
We may terminate your account with thirty days' notice for any reason. We may terminate immediately on material breach (including the misuse cases in section 8). On termination, we delete your data per our retention policy; you receive proof of destruction.
10. Governing law and jurisdiction.
These terms are governed by the laws of India. Disputes will be resolved by arbitration in Mumbai under the Arbitration and Conciliation Act, 1996, by a sole arbitrator appointed by mutual consent or, failing consent, by the Mumbai Centre for International Arbitration. The seat of arbitration is Mumbai. Either party may approach the courts at Mumbai for interim relief.
11. Grievance.
Complaints about the service are handled by our Grievance Officer at [email protected] within thirty days. If you remain dissatisfied, you may approach the Data Protection Board of India under Section 27 of the DPDP Act.
12. Changes.
We version these terms with a date. Material changes are announced in-app at least thirty days before they take effect.