Your crypto.
Your keys.
Your control.

Last updated: 1 June 2025

1. Introduction and Scope

VaultKey ("we", "us", or "our") is committed to protecting the privacy of every individual who interacts with our website, products, and services. This Privacy Policy explains what personal data we collect, how we use it, with whom we share it, and what rights you have under the General Data Protection Regulation (GDPR), the Polish Act on Personal Data Protection (UODO), and other applicable laws.

This Policy applies to all users of vault-key.pro, purchasers of VaultKey hardware products, and anyone who contacts us. It does not apply to third-party services linked from our site.

2. Data Controller

The data controller responsible for your personal data is VaultKey, Prosta 36, 00-838 Warszawa, Poland. For privacy-related questions, contact us at compliance@vault-key.pro.

3. Personal Data We Collect

We collect personal data in the following categories:

• Identity data: first name, last name.
• Contact data: delivery address, email address, telephone number.
• Transaction data: details about order requests and order history.
• Technical data: IP address, browser type, operating system, and access logs for security purposes.
• Support data: information provided when you contact us for assistance.

We do not collect special categories of personal data (e.g., health, biometric, or financial data beyond what is necessary for order fulfilment). We do not knowingly collect data from individuals under 16 years of age. We do not collect or store any cryptocurrency wallet keys, seed phrases, or private keys — these remain solely with you.

4. Legal Basis for Processing

We process your personal data on the following legal bases under Art. 6 GDPR:

• Performance of a contract (Art. 6(1)(b) GDPR): processing necessary to handle your order request, arrange delivery, and provide customer support.
• Legal obligation (Art. 6(1)(c) GDPR): processing required under Polish tax and consumer-protection law.
• Legitimate interests (Art. 6(1)(f) GDPR): fraud prevention and website security.
• Consent (Art. 6(1)(a) GDPR): where you have given clear consent, e.g., for marketing communications. You may withdraw consent at any time.

5. How We Use Your Data

We use your personal data to: process and fulfil order requests; communicate about your order; provide customer support; comply with legal obligations; and ensure website and transaction security.

6. Cookies

We use strictly necessary cookies to operate our website (session management). We do not use advertising, social media tracking, or third-party analytics cookies without your consent.

7. Data Sharing and Third Parties

We do not sell or rent your personal data. We share data only with:

• Logistics providers for order delivery, bound by Data Processing Agreements.
• Cloud infrastructure providers within the EU/EEA.
• Public authorities where required by Polish or EU law.

We do not transfer personal data outside the EU/EEA unless appropriate safeguards exist (Standard Contractual Clauses or adequacy decisions).

8. Data Retention

We retain personal data only as long as necessary. Order data is retained for 5 years as required by Polish accounting law. Log files are retained for a maximum of 30 days for security purposes.

9. Your Rights

Under GDPR, you have the right to: access your data (Art. 15); rectify inaccurate data (Art. 16); erasure where conditions are met (Art. 17); restrict processing (Art. 18); data portability (Art. 20); and object to processing (Art. 21). To exercise these rights, email compliance@vault-key.pro. You also have the right to lodge a complaint with the Polish Data Protection Authority (UODO), ul. Stawki 2, 00-193 Warszawa, Poland.

10. Security

We implement appropriate technical and organisational measures including TLS encryption, role-based access control, and regular security reviews. No internet transmission is 100% secure.

11. Changes to This Policy

We may update this Policy periodically. Material changes will be posted on our website. The date at the top indicates the most recent revision.

Last updated: 1 June 2025

1. Parties and Scope

These Terms and Conditions ("Terms") govern the relationship between VaultKey ("we", "us", "VaultKey") and you ("Customer", "you") regarding the purchase of VaultKey hardware crypto wallets through our website vault-key.pro. By submitting an order request or using our services, you confirm that you have read, understood, and agree to be bound by these Terms.

2. Order Requests — Non-Binding Nature

Order requests submitted via this website are non-binding until confirmed in writing by VaultKey. Upon receiving your request, we will contact you within 1 business day by email or telephone to confirm availability, agree on payment method, and issue a written order confirmation. A binding contract is formed only upon our written order confirmation. We reserve the right to decline any order request.

3. Payment

No payment is taken at the time of submitting an order request. Payment details and methods will be communicated to you during order confirmation. Full payment is required before shipment unless otherwise agreed in writing.

4. Prices and VAT

Prices are stated in Euros (€) and are inclusive of Polish VAT (23%) where applicable to Polish customers. For customers in other EU countries, VAT treatment may vary in accordance with EU VAT rules. International customers outside the EU may be subject to customs duties and local taxes, for which the customer is solely responsible.

5. Shipping and Delivery

We ship from Warsaw, Poland within 1–3 business days of confirmed and paid orders. Standard delivery within Poland takes 1–3 business days; EU delivery takes 3–7 business days. We are not responsible for delays caused by customs, carrier disruptions, or force majeure events.

6. Product Description — Important Notice

Every VaultKey device ships completely blank and factory-fresh. The seed phrase and private keys are generated by the buyer on the device during first setup. VaultKey never has access to, stores, or transmits any seed phrases or private keys. The customer is solely responsible for the safekeeping of their seed phrase. VaultKey is not a custodian of any cryptocurrency assets and does not provide exchange, brokerage, or asset management services.

7. Right of Withdrawal (Consumer Customers)

If you are a consumer (a natural person acting outside your trade, business, or profession) resident in the EU/EEA, you have the right to withdraw from the contract without giving any reason within 14 days of the day on which you take physical possession of the goods, in accordance with the EU Consumer Rights Directive (2011/83/EU) and the Polish Consumer Rights Act (Ustawa o prawach konsumenta). To exercise this right, inform us by an unambiguous statement (e.g., email to compliance@vault-key.pro) before the withdrawal period expires. You must return the goods in original, unactivated condition within 14 days of notifying us. Return shipping costs are borne by the customer. We will reimburse the purchase price no later than 14 days after receiving the returned goods.

The right of withdrawal does not apply to business customers or to devices that have been activated (i.e., where a seed phrase has been generated on the device).

8. Warranty

VaultKey hardware products are covered by a 2-year statutory warranty for consumers under Polish law (Kodeks cywilny). The warranty covers manufacturing defects under normal use. It does not cover damage from misuse, physical damage, unauthorised modifications, or loss/theft of the seed phrase. To claim warranty service, contact compliance@vault-key.pro with proof of purchase.

9. Limitation of Liability

To the maximum extent permitted by applicable law, VaultKey shall not be liable for any indirect, incidental, or consequential damages arising from the use of our products. VaultKey is not liable for any loss of cryptocurrency assets resulting from the loss, theft, or disclosure of a seed phrase, as seed phrases are generated solely by the customer and are not known to VaultKey. Our total aggregate liability shall not exceed the amount paid by you for the product in question.

10. Governing Law and Dispute Resolution

These Terms are governed by the laws of the Republic of Poland. For consumer customers in the EU, mandatory consumer protection laws of your country of residence also apply. Disputes shall be subject to the jurisdiction of the courts in Warsaw, Poland, except where mandatory consumer protection rules provide otherwise. The European Commission provides an Online Dispute Resolution (ODR) platform at https://ec.europa.eu/consumers/odr. Our email address for ODR purposes is compliance@vault-key.pro.

11. Changes to These Terms

We reserve the right to update these Terms. Material changes will be posted on our website. Continued use of our services after the effective date constitutes acceptance of the revised Terms.

Last updated: 1 June 2025

1. Your Right of Withdrawal

As an EU/EEA consumer, you have the right to withdraw from your purchase without giving any reason within 14 calendar days of the day you (or a third party you designate, other than the carrier) take physical possession of the goods. This right is provided under the EU Consumer Rights Directive (2011/83/EU) and the Polish Consumer Rights Act.

2. How to Exercise Your Right of Withdrawal

To exercise the right of withdrawal, you must inform us of your decision by an unambiguous statement before the 14-day period expires. You may:

• Send an email to compliance@vault-key.pro with your name, order reference, and a statement of your intention to withdraw.
• Call us at +48 513 487 900 during business hours (Monday–Friday, 9:00–17:00 CET).
• Write to us at: VaultKey, Prosta 36, 00-838 Warszawa, Poland.

We will acknowledge your withdrawal request promptly by email.

3. Conditions for Return

To be eligible for a return and refund under the right of withdrawal, the device must:

• Be in its original, unactivated condition — meaning no seed phrase has been generated on the device.
• Be returned in its original packaging, including all accessories and documentation.
• Show no signs of damage, misuse, or tampering.

Important: Once a seed phrase has been generated on the device (i.e., the device has been activated and used to store cryptographic keys), the right of withdrawal cannot apply, as the device is considered activated digital content under applicable EU law. This is to protect the security and integrity of crypto wallet functionality.

4. Return Shipping

You are responsible for the direct cost of returning the goods to us. We recommend using a tracked shipping service, as we cannot be held responsible for items lost in transit. Return address: VaultKey, Prosta 36, 00-838 Warszawa, Poland.

5. Refund

Upon receipt and inspection of the returned goods, we will process your refund within 14 days using the same payment method used for the original purchase. We may withhold the refund until we have received the goods or you have provided proof of return shipment, whichever is earlier.

6. Warranty Returns

If your device is faulty or defective on arrival or develops a manufacturing defect within the 2-year statutory warranty period, please contact us at compliance@vault-key.pro with your order reference and a description of the defect. We will arrange a repair, replacement, or refund at no cost to you. Warranty does not cover accidental damage, misuse, or loss/compromise of your seed phrase.

7. Cancellation of Order Requests

Since order requests are non-binding until we issue a written confirmation, you may cancel your request at any time before receiving our written order confirmation simply by notifying us by email or phone. No cancellation fee applies at this stage.

8. Non-Consumer Customers

Business customers (legal entities or natural persons acting within their trade or profession) are not entitled to the 14-day right of withdrawal. Returns or cancellations for business customers are subject to separate agreement in writing.