Privacy policy

Privacy Policy

Last updated: January 15, 2026

Dripped Vault (“Dripped Vault,” “we,” “us,” or “our”) operates https://drippedvault.com (the “Site”). We collect and process personal information solely for legitimate business purposes including payment processing, fraud prevention, identity verification, and legal compliance.

1. Scope & Legal Basis

We process personal information:

  • With user consent

  • To perform a contract (order fulfillment)

  • For fraud prevention and security

  • To comply with legal and payment-network obligations

We apply data minimization and purpose limitation principles at all times.

2. Personal Information We Collect

2.1 Customer & Order Information

Collected at checkout or during account/order support:

  • Full name

  • Email address

  • Billing information

  • Transaction metadata (order ID, timestamps)

  • Communications with customer support

We do not store full card numbers, CVV codes, or sensitive authentication data.

2.2 Payment Authentication (3D Secure / Strong Customer Authentication)

Certain transactions may require 3D Secure (3DS) or similar authentication mandated by card networks or issuing banks.

  • Authentication is performed directly by the payment processor or issuing bank

  • We receive only confirmation of authentication outcome

  • We do not access or store authentication credentials

3DS may be applied automatically based on transaction risk signals.

2.3 Identity Verification (High-Risk Orders Only)

To mitigate fraud, chargebacks, and unauthorized use of payment instruments, some orders may be subject to identity verification.

Verification may require:

  • Government-issued photo identification

  • Live selfie or liveness check

Critical clarifications (processor-required):

  • We do not permanently store government ID images

  • Verification data is used only for fraud prevention, transaction approval, and dispute handling

  • Verification records are retained for a limited duration aligned with chargeback windows, then deleted or anonymized within 72 hours.

  • We do not sell, share, or reuse identification data for any purpose beyond fraud prevention related to the specific order.

Orders that fail or do not complete verification may be cancelled and refunded.

2.4 Gift Card Payments

Certain products may be purchased using third-party gift cards.

When gift cards are used:

  • Gift card codes are collected solely for payment validation and redemption

  • Codes are checked for authenticity, balance, and prior use

  • Fraudulent, invalid, or reused gift cards result in cancellation

Gift card data is not retained longer than operationally required.

2.5 Automatically Collected Data

For security and fraud analysis, we automatically collect:

  • IP address

  • Device and browser characteristics

  • Location approximations

  • Session and interaction metadata

This data supports:

  • Fraud detection

  • Risk scoring

  • Abuse prevention

  • Compliance monitoring

3. How We Use Personal Information

We use personal information to:

  • Process payments and fulfill digital orders

  • Authenticate transactions and prevent fraud

  • Verify purchaser identity when required

  • Comply with payment-network and legal obligations

  • Respond to disputes, chargebacks, and inquiries

  • Maintain platform integrity and security

We do not use personal information for resale or unauthorized marketing.

4. Disclosure to Third Parties

Personal information may be shared only when necessary with:

  • Payment processors and acquiring banks

  • Fraud-prevention and identity-verification providers

  • Hosting, analytics, and security vendors

  • Legal or regulatory authorities where required

All third parties are contractually obligated to safeguard information and use it only for authorized purposes.

5. Data Retention

We retain personal information only as long as necessary to:

  • Complete transactions

  • Prevent fraud

  • Handle disputes and chargebacks

  • Meet legal and regulatory requirements

Identity-verification data is retained for a strictly limited period and is then securely deleted or anonymized.

6. Security Measures

We employ reasonable and industry-standard safeguards including:

  • Encrypted data transmission

  • Restricted access controls

  • Monitoring for unauthorized activity

No system is entirely risk-free, but we actively mitigate security threats.

7. User Rights

Where applicable, users may request:

  • Access to personal information

  • Correction of inaccuracies

  • Deletion of data not required for legal or security purposes

Requests can be made via the contact information below.

8. Age Restriction

Our services are intended for individuals 18 years of age or older.
We do not knowingly collect information from minors.

9. Policy Updates

We may update this Privacy Policy to reflect operational, legal, or security changes. Updates are posted on this page.

10. Contact

For privacy-related inquiries:

Email: privacy@drippedvault.com