Legal · Privacy

Privacy Policy

How LibraryVault collects, uses, stores, and protects your information.

LibraryVault is committed to protecting your privacy and handling your information transparently, securely, and responsibly — in line with the UK GDPR, the Data Protection Act 2018, and modern enterprise privacy practice.

Contact Support View Terms & Conditions
UK GDPR aligned Enterprise security Transparent practices

Last updated: 10 May 2026

Section 01

Introduction

LibraryVault provides enterprise-grade governance frameworks, audit-ready templates, and operational maturity packs to MSPs, enterprises, and cloud-first IT organisations worldwide.

We take privacy seriously. This Privacy Policy explains what information we collect, why we collect it, how we use and protect it, and the rights you have over your data. It applies to our website, customer portal, and all related services.

We comply with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and applicable international privacy laws relevant to our customers.

Data Controller
[COMPANY NAME] Ltd
Registered Office
[Registered office address, United Kingdom]
Privacy Contact
privacy@libraryvault.io
Section 02

Information We Collect

We collect only the information needed to deliver our governance products, manage your account, support you, and meet our legal obligations.

Name
Full name provided at signup, checkout or in support requests.
Email address
Used for account access, order delivery, invoices, and support.
Billing & company details
Company name, VAT number, billing address for invoices.
Payment information
Processed by Stripe — card data never touches our servers.
Order history
Records of purchased packs, bundles, invoices and licences.
Download activity
Logs of which packs were downloaded and when, for security.
Website usage data
Pages visited, device, browser, IP — for analytics and security.
Support requests
Tickets, messages and attachments you submit to our team.
Account login data
Authentication identifiers, hashed passwords, session tokens.
Section 03

How We Use Your Information

Your information is used for clearly defined operational, legal, and customer experience purposes — never for purposes you would not reasonably expect.

Order fulfilment
Delivering purchased governance packs and bundles.
Customer accounts
Provisioning the customer portal and account access.
Customer support
Responding to tickets, queries, and licensing questions.
Invoices & records
Generating VAT-ready invoices and statutory records.
Secure downloads
Issuing time-limited signed URLs to your purchased assets.
Product updates
Notifying you of relevant pack updates you own.
Fraud prevention
Detecting suspicious activity and protecting your account.
Analytics
Understanding how customers use the site to improve UX.
Legal compliance
Meeting tax, accounting and regulatory obligations.
Section 04

Payment Processing

All payments are processed by Stripe, a PCI-DSS Level 1 certified payment provider trusted by enterprises globally.

  • LibraryVault does not store raw card data on its servers.
  • Card details are entered directly into Stripe's secure, tokenised payment fields.
  • We retain only transaction identifiers, billing details, and receipts for accounting and fraud prevention.
  • Apple Pay and Google Pay are supported via Stripe and inherit the same security guarantees.

Stripe processes payment information under its own privacy policy, available at stripe.com/privacy.

Section 05

Customer Accounts & Downloads

Your customer portal is the secure home for everything you've purchased from LibraryVault.

  • A personal dashboard showing orders, downloads, invoices, and support tickets.
  • Order tracking with re-download access at any time, including future updates.
  • Downloads delivered through time-limited signed URLs — links cannot be hotlinked or shared externally.
  • Self-service account management, including profile, password, and email preferences.
  • Authenticated access protected by industry-standard session management and password hashing.
Section 06

Marketing Communications

Marketing emails are entirely optional and granular — you stay in control.

  • Product updates, feature releases, and changelog notifications for packs you own.
  • New pack and bundle announcements aligned to your interests.
  • Optional cart reminder emails if you leave items in your basket.
  • One-click unsubscribe in every marketing email and granular controls in your portal.

Manage preferences any time at Portal · Email Preferences.

Section 07

Cookies & Analytics

We use a small set of cookies to keep the site secure, performant, and improving over time.

Strictly necessary

Authentication, cart state, security — required for the site to function.

Analytics

Aggregated usage analytics (e.g. Google Analytics or similar) to improve UX. Anonymised where possible.

Preferences

Remember your settings, theme, and consent choices across visits.

You can manage cookie preferences via your browser settings or our cookie controls. Disabling certain cookies may affect site functionality.

Section 08

Data Sharing & Third Parties

We share data only with vetted providers who help us operate the service — and only the minimum necessary.

  • Payment providers — Stripe, for transaction processing and fraud detection.
  • Analytics providers — limited, aggregated usage data to improve the site.
  • Email & messaging systems — for transactional and opt-in marketing emails.
  • Hosting & infrastructure providers — for secure storage, compute, and delivery.
  • Legal & regulatory authorities — only where strictly required by law.
LibraryVault does not sell customer data. Your information is never traded, rented, or made available to third-party advertisers.
Section 09

International Data Transfers

Our cloud infrastructure may process data in regions outside the United Kingdom and European Economic Area.

Where personal data is transferred internationally, we rely on recognised safeguards including the UK International Data Transfer Agreement, the EU Standard Contractual Clauses, and equivalent mechanisms approved under UK GDPR.

We select reputable enterprise providers with mature security and compliance programmes (e.g. ISO 27001, SOC 2, GDPR-aligned) to ensure your data remains protected wherever it is processed.

Section 10

Data Retention

We retain your information only as long as necessary for the purposes set out in this policy or required by law.

Data typeRetention period
Customer accountsFor as long as your account is active, plus 12 months.
Invoices & financial recordsMinimum 6 years (UK statutory retention).
Support historyUp to 3 years after the last interaction.
Download & access logsUp to 24 months for security and audit purposes.
Marketing dataUntil you unsubscribe or withdraw consent.
Section 11

Data Security

LibraryVault applies enterprise-grade operational security principles across our platform, infrastructure, and internal processes.

Encryption in transit & at rest
TLS 1.2+ everywhere; encrypted storage for customer data and assets.
Hardened cloud hosting
Hosted in reputable enterprise cloud platforms with redundancy and backups.
Access controls
Least-privilege role based access, MFA for staff, audit logging on sensitive operations.
Continuous monitoring
Security monitoring, anomaly detection, and patching aligned to enterprise practices.

While no system can be guaranteed 100% secure, we take reasonable and proportionate technical and organisational measures to protect your information from unauthorised access, alteration, disclosure, or destruction.

Section 12

Your Rights (GDPR)

Under the UK GDPR you have a number of rights over your personal data. We make it straightforward to exercise them.

Right of access
Request a copy of the personal data we hold about you.
Right to rectification
Ask us to correct inaccurate or incomplete information.
Right to erasure
Request deletion of your data, subject to legal retention periods.
Right to restrict processing
Limit how we use your data while a request is reviewed.
Right to data portability
Receive your data in a structured, machine-readable format.
Right to object
Object to processing based on legitimate interests or for marketing.
Right to lodge a complaint
Contact the UK ICO (ico.org.uk) if you are unhappy with our response.
Submit a privacy request

Email privacy@libraryvault.io with your request. We will respond within one calendar month, in line with UK GDPR requirements.

Section 13

Children's Privacy

LibraryVault products and services are designed for businesses, IT teams, and governance professionals.

Our website, customer portal, and governance frameworks are not intended for children under 16, and we do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact privacy@libraryvault.io and we will promptly delete it.

Section 14

Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes to our services, technology, or legal obligations.

The latest version date is shown at the top of this page. For significant changes that materially affect how we handle your data, we will notify you via email or a clear notice in the customer portal before the changes take effect.

Current version effective: 10 May 2026.

Section 15

Contact Information

If you have any questions about this Privacy Policy or how we handle your information, our team is here to help.

Support
support@libraryvault.io
Privacy
privacy@libraryvault.io
Legal
legal@libraryvault.io
Contact Support Licensing Questions
Privacy FAQ

Frequently asked questions

Privacy you can verify, security you can trust.

Have a privacy, compliance, or procurement question? Our team responds quickly with the documentation enterprise buyers expect.

Talk to our team Read our Security overview
Legal & Quick Links

More from LibraryVault

Terms & ConditionsLicensingContactSupportGovernance PacksCustomer Portal

LibraryVault is a trading name of [COMPANY NAME] Ltd, registered in England and Wales. Registered office: [Registered office address, United Kingdom]. All rights reserved.