Trust Center

Our cloud provider has more certification than any other provider.

Vault One understands that, to realize the benefits of the cloud, you must be willing to entrust us with one of your most valuable assets—your data. You must be able to trust that your data is safe, that the privacy of your data is protected, and that you retain ownership of and control over your data—that it will only be used in a way that is consistent with your expectations.

Our infrastructure provider is recognized by the European Union’s (EU) data protection authorities for our commitment to rigorous EU privacy laws. It was also the first major provider to adopt the new international cloud privacy standard, ISO 27018.

We keep your data safe
Our infrastructure provider has more than 20 years of experience building enterprise software and running some of the world’s largest online services. We have used this experience to build a robust set of security technologies and practices into the infrastructure.

We conform to global standards
Our servers meet a broad set of international, industry-specific, and country-specific compliance standards, including:

  • Australia CCSL
  • FedRAMP
  • HIPAA/HITECH
  • ISO-IEC-27001
  • Singapore MTCS
  • SOC 1, and SOC 2, and SOC 3
  • UK G-Cloud

You own and control your data
Vault One strives to be transparent in our privacy practices, offers you meaningful privacy choices, and responsibly manages the data we store and process. One measure of our commitment to data privacy is our adoption of the world’s first code of practice for cloud privacy, ISO 27018.

You own your data. You own all of the data that you place in Vault One. You can access your data at any time and for any reason without our assistance. We will not use your data or derive information from it for advertising or data mining.

You control your data. Because the data you host belongs to you, you have control over how it is accessed.

When government or law enforcement request access to your data—including for national security purposes—they must follow applicable legal processes, such as serving Vault One with a court order for content or a subpoena for account information. If we are compelled to disclose your data, we will promptly notify you and provide a copy of the demand, unless we are legally prohibited from doing so. Vault One does not provide any government with direct or unfettered access to your data except as you direct or where required by law.