Privacy Policy

Last updated: September 27, 2025

At Vaachas, we take your privacy seriously. This Privacy Policy explains how we collect, use, and protect your information when you use our credential management platform.

Privacy at a Glance

Strong Encryption
Credentials are encrypted at rest and data is transmitted over secure TLS.
Data Minimization
We collect only what we need to provide and improve the service.
Compliance-Aligned
We strive to align with applicable privacy laws and your rights.

1. Information We Collect

Account Information: When you create an account, we collect your name, email address, and company information.

Usage Data: We collect information about how you use our service, including API calls, feature usage, and performance metrics.

Security Logs: We maintain audit logs for security purposes, including login attempts and administrative actions.

Your Credentials: We store your credentials using end-to-end encryption. We cannot access the plaintext content of your stored credentials.

2. How We Use Your Information

We use your information to:

  • Provide and maintain our credential management service
  • Authenticate your identity and secure your account
  • Send you important service updates and security notifications
  • Improve our service through usage analytics
  • Comply with legal obligations and prevent fraud

3. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:

  • Service Providers: With trusted third-party services that help us operate our platform
  • Legal Requirements: When required by law or to protect our rights and users
  • Business Transfers: In connection with a merger, acquisition, or sale of assets
  • With Your Consent: When you explicitly authorize us to share your information

4. Data Security

We implement administrative, technical, and physical safeguards designed to protect your data:

  • Encryption of credentials at rest and TLS in transit
  • Access controls, authentication, and least-privilege practices
  • Security reviews and periodic testing
  • Monitoring and incident response procedures

No method of transmission or storage is 100% secure. While we work hard to protect your data, we cannot guarantee absolute security.

5. Your Rights

You have the following rights regarding your personal data:

  • Access: Request a copy of your personal data
  • Correction: Update or correct inaccurate information
  • Deletion: Request deletion of your personal data
  • Portability: Export your data in a machine-readable format
  • Objection: Object to processing of your personal data

To exercise these rights, please contact us at privacy@vaachas.com.

6. Data Retention

We retain your personal data only as long as necessary to provide our services and comply with legal obligations:

  • Account data: Retained while your account is active
  • Usage logs: Retained for 2 years for security and analytics
  • Audit logs: Retained for 7 years for compliance purposes
  • Deleted data: Permanently removed within 30 days of deletion request

7. International Transfers

Your data may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses approved by the European Commission
  • Adequacy decisions for countries with equivalent privacy protections
  • Certification schemes and codes of conduct

8. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by email or through our service. Your continued use of our service after such changes constitutes acceptance of the updated policy.

9. Contact Us

If you have any questions about this Privacy Policy or our privacy practices, please contact us:

  • Email: support@vaachas.com
  • Address: Jaipur, Rajasthan, India
  • Phone: +91

Questions about privacy?

Our privacy team is here to answer any questions about how we protect your data.