— 01 —What we collect.
Vouch collects the minimum data needed to operate as an electronic signature service — and to produce the legally defensible audit trail that's the whole point of the product. Specifically:
| Category | What it includes |
|---|---|
| Account info | Name, email, password (hashed), company name (optional), billing address. |
| Document content | The PDFs you upload, field placements you make, and signatures captured. Stored encrypted at rest. |
| Audit metadata | For each signature event: IP address, user agent, timestamps, ESIGN consent confirmation, signature image hash, document hash. This is the legally required evidence. |
| Usage data | Pages you visit in the app, features you use, errors you encounter. Aggregated, used to improve the product. |
| Payment info | Last four digits of your card, expiration, billing zip. Full card numbers are handled by Stripe; we never see them. |
| Communications | Emails you send to us, including support tickets. |
— 02 —How we use it.
We use the data above to:
- Provide the Service — sending documents, capturing signatures, generating audit trails, producing certificates of completion.
- Maintain legal compliance — the audit metadata is the evidentiary backbone of every signature. Without it, your signed documents have weaker legal standing.
- Communicate with you — service notifications, billing receipts, security alerts, important account changes.
- Improve the product — usage data helps us identify what's broken, what's slow, what's confusing. Always aggregated.
- Prevent fraud and abuse — detect spam, identity fraud, unauthorized access attempts.
- Comply with the law — respond to lawful requests from law enforcement, tax authorities, or courts.
— 03 —Who we share with.
Your signers
When you send a document, the recipients you specify receive a tokenized link. They can see the document, your name, your company name, and any personal note you include.
Service providers we depend on
We use a small number of vendors to run Vouch. Each one has signed a Data Processing Agreement and is contractually limited to the purposes we hire them for:
- Stripe — payment processing.
- Resend — transactional email delivery.
- Cloudflare R2 / AWS S3 — encrypted document storage.
- Supabase / PostgreSQL hosting — primary database.
- Sentry — error monitoring (no document content, only error stack traces).
Legal requirements
If we receive a valid legal request — subpoena, court order, properly scoped law enforcement demand — we'll comply, but we'll also push back where the request is overbroad. Where legally permitted, we'll notify the affected user before disclosing.
Business changes
If Vouch is acquired or merges with another company, your data may transfer to the acquirer. We'll notify you before that happens and give you time to delete your account if you don't want to continue.
— 04 —What we never do.
- We don't sell your personal data. Not to advertisers, data brokers, or anyone else. Ever.
- We don't read your documents for marketing purposes or to train AI models. The contents of your contracts are yours.
- We don't use third-party advertising trackers on our marketing or app pages. No Google Ads pixel, no Facebook Pixel, no LinkedIn Insight Tag.
- We don't share your audit data with anyone except parties you've designated as recipients of the document or the public verification API (which only returns chain hashes, never document contents).
- We don't track cross-site activity. No fingerprinting, no profile-building across sites you visit.
— 05 —How long we keep it.
Different categories of data have different retention periods:
- Account data — kept while your account is active. Deleted within 30 days of account closure (except where retention is required by law).
- Draft documents (unsent) — kept while your account is active. Deleted within 30 days of account closure.
- Signed documents and their audit chains — kept for a minimum of 7 years from the date of completion, regardless of account status. This is the ESIGN/UETA recordkeeping requirement. You can download copies at any time during this period.
- Billing records — kept for 7 years for tax and accounting compliance.
- Support communications — kept for 3 years from last interaction.
- Aggregated usage analytics — kept indefinitely in aggregated form, with no personal identifiers.
Once a document is signed and sealed, it becomes part of a permanent legal record. We can't unilaterally delete it even if you ask us to, because it may be needed in a future dispute. You can always download your copy.
— 06 —Your rights.
Regardless of where you live, you have the following rights:
- Access — request a copy of all personal data we hold about you.
- Correct — request correction of inaccurate data.
- Delete — request deletion of your data, subject to legal retention requirements (see Section 05 above).
- Export — receive your data in a machine-readable format.
- Object — object to certain types of processing.
- Restrict — restrict how we process your data while you investigate a concern.
If you live in California, the EU, the UK, or another jurisdiction with comprehensive privacy laws (CCPA, GDPR, etc.), you have additional rights specific to those laws. We honor all of them globally — we don't think people deserve different privacy depending on where they live.
To exercise any of these rights, email privacy@vouch.ink. We'll respond within 30 days.
— 07 —Cookies & tracking.
We use a minimum of cookies:
- Session cookies — to keep you logged in. Required for the Service to work.
- CSRF tokens — to prevent cross-site request forgery attacks. Required.
- Theme preference — to remember whether you've chosen dark or light mode. Stored in localStorage, never sent to our servers.
We don't use:
- Third-party advertising cookies.
- Tracking pixels.
- Analytics services that build personal profiles. We use a privacy-respecting analytics tool (Plausible) that doesn't set cookies and doesn't track users across sites.
— 08 —Security.
We take reasonable measures to protect your data:
- All data in transit is encrypted with TLS 1.2 or higher.
- Documents at rest are encrypted with AES-256.
- Passwords are hashed using bcrypt with appropriate work factor.
- Access to production systems is restricted to a small number of engineers, behind 2FA and audit logs.
- The audit chain itself uses SHA-256 and is tamper-evident — we can't quietly alter signed records even if we wanted to.
No system is perfectly secure. If we ever experience a breach affecting your data, we'll notify you within 72 hours of becoming aware of it, in compliance with applicable breach-notification laws.
— 09 —Children.
Vouch is not intended for users under 18. We don't knowingly collect personal information from anyone under 18. If you believe we have collected data from a minor, please contact us at privacy@vouch.ink and we'll delete it promptly.
— 10 —Changes to this policy.
We may update this Privacy Policy from time to time. When we do, we'll change the "Last updated" date at the top of this page and notify active users by email at least 14 days before material changes take effect.
— 11 —Contact us.
For privacy questions, data requests, or any other privacy-related concern:
Novan LLC
Attn: Privacy
Baltimore, Maryland, United States
privacy@vouch.ink
This Privacy Policy explains what data we collect and how we use it.
Questions? Email privacy@vouch.ink.