ChitSeal

Privacy Policy

Last updated: July 9, 2026

What we collect, and why

Account: your phone number and name — the phone number anchors your identity on every agreement. If you sign in with Apple or Google, we store the account identifier they issue (never your password).

Agreements: the loans you record — amounts, parties, dates, terms, payment records, and any attachments you add.

Signing context: when you e-sign we record the device model, app version, network address, and time of signing — and, only if you opt in, an approximate (~1 km) location. This strengthens the evidentiary weight of the record and is sealed into it.

Identity verification (optional / higher-value agreements): verification is performed by our partner Didit, who checks your government ID and a selfie (biometric matching). We never see or store your document images or biometrics — we store only the verified legal name, encrypted (AES-256). It is disclosed to the other party in one case only: your agreement is overdue and they request it — exactly as stated before you verify.

We never collect bank credentials — ChitSeal does not move money.

Who processes it for us

We use a small set of service providers, each bound to use your data only to provide their service: Railway (hosting, United States), Twilio (SMS verification codes), Didit (identity verification), Apple / Google (optional sign-in), Anthropic (optional AI drafting of terms — the draft inputs, never your account data), and a public RFC-3161 timestamp authority (which receives only a one-way hash, never content).

Cross-border: our servers are currently hosted in the United States, so your data is processed there under contractual safeguards. Whatever the country, this policy and Canadian law (PIPEDA) govern how it is handled.

What we share

Nothing, with anyone, except: the other party to your agreement sees that agreement; your verified identity is disclosed to the other party only after a default, as described above; and we disclose data if a court of competent jurisdiction orders it.

How long we keep it

Agreements are evidence, so we keep them while your account is active. Delete your account any time — your data is removed after a 30-day grace period, except sealed records the other party is entitled to retain as evidence of their agreement. SMS verification codes expire in minutes and are not retained.

Your rights

Access and export everything from Profile → Export. Correct your name in Profile. Delete your account any time. Questions, complaints, or access requests: contact@vanillapha.com — we respond within 30 days. If we ever suffer a breach creating a real risk of significant harm, we will notify you and the Office of the Privacy Commissioner of Canada as required by law. PIPEDA applies; you may complain to the OPC at any time. For users in the United States, we honour the same rights, and e-signature records are kept in accordance with the ESIGN Act and applicable state UETA laws.

ChitSeal (“Chit”) is a product of Vanillapha Inc., Ontario, Canada. Contact: contact@vanillapha.com