EARLY ACCESS·building for the first 100 verified deals·100% stripe-verified metrics·€0 commission fees·NDA-gated deal rooms·STRIPE CONNECTlive·lisbon, PT·
EARLY ACCESS·building for the first 100 verified deals·100% stripe-verified metrics·€0 commission fees·NDA-gated deal rooms·STRIPE CONNECTlive·lisbon, PT·
Vvaulto· terminal v0.1
last updated: may 2026

EU Compliance

Transparency about our legal structure, data handling, and regulatory compliance.

Note: Vaulto is an early-stage company. This page reflects our current status honestly. We update it as our compliance posture evolves.

Entity Status

Vaulto is currently operated as a sole proprietorship by Guilherme Anjos, based in Lisbon, Portugal.

Company registration in progress: We are in the process of registering a Finnish Oy (limited company) to better serve EU customers and comply with marketplace regulations.

  • Current status: Sole proprietorship (PT)
  • Target entity: Finnish Oy (limited company)
  • Registration: In progress

Data Residency

All customer data is stored via Supabase (built on AWS infrastructure).

Database: PostgreSQL hosted on Supabase
File storage: Supabase Storage (S3-compatible)
Application: Vercel Edge Network

Region configuration is being verified. EU data residency (eu-central-1 or eu-west-1) is a priority for GDPR compliance.

GDPR Compliance

We implement technical and organizational measures to protect personal data:

  • Row Level Security (RLS): All database tables have RLS policies ensuring users can only access their own data.
  • Encryption: Data encrypted at rest (AES-256) and in transit (TLS 1.3).
  • Access logging: Audit logs for sensitive actions including deal room access and document views.
  • Data minimization: We collect only data necessary to provide the service.
  • Right to erasure: Users can delete their account and associated data from settings.
Privacy Policy →DPA available on request: legal@vaulto.sh

Payment Processing

Important: Vaulto does not custody funds

Vaulto is a software platform that tracks deal progress. We do not hold, transfer, or custody buyer or seller funds. All escrow services are provided by licensed third-party escrow providers (e.g., Escrow.com).

  • Platform fees: Collected via Stripe
  • Escrow services: Provided by Escrow.com (parties contract directly)
  • Vaulto fee: 2% of transaction (capped at €5,000), invoiced after close

VAT

VAT registration is in progress. Once complete:

  • EU buyers will receive VAT-compliant invoices
  • Reverse charge mechanism will apply for B2B cross-border transactions
  • Non-EU buyers will not be charged VAT

DAC7 (Marketplace Reporting)

The EU DAC7 directive requires digital platforms to report seller activity to tax authorities.

Status: DAC7 compliance framework is in development. We will implement required seller verification and annual reporting by the 2027 reporting deadline. Sellers will be notified of any data collection requirements.

Questions?

For compliance inquiries, contact us at legal@vaulto.sh