Privacy Policy

Purpose and Legal Function of This Policy

This Privacy Policy exists to describe, with precision, the limited circumstances under which Pelican processes data in connection with the Pelican Vault mobile application. It does not create, imply, or expand any custodial, fiduciary, or data controller obligations beyond those expressly stated. This policy must be read in conjunction with Pelican Vault’s self-custodial architecture, which intentionally limits Pelican’s access to and control over identity data.

Strict Scope Limitation

This Privacy Policy applies exclusively to the Pelican Vault mobile application. It does not govern, and must not be interpreted to govern, any other Pelican products, services, dashboards, APIs, developer tooling, or third-party services.

• Third-party businesses connected through Pelican Vault are governed solely by their own privacy policies.

• Future Pelican products will be governed by separate legal documents.

No Expansion of Responsibility

Nothing in this Privacy Policy shall be interpreted as creating an obligation for Pelican to access, retain, monitor, recover, or protect identity data beyond the technical measures expressly described.

If a responsibility is not explicitly stated, it is expressly disclaimed.

Interpretive Priority

The definitions in this section control the interpretation of this Privacy Policy and override informal or colloquial understandings of similar terms.

Defined Terms

• Pelican Identity:

  The legal entity that develops and distributes the Pelican Vault software, acting solely as a technology provider.

• Pelican Vault:

  A self-custodial identity software application that operates under user-controlled access and authorization.

• User:

  An individual who voluntarily installs and uses Pelican Vault and assumes responsibility for its configuration and security.

• Identity Data:

  Any personal or identifying information stored by a user within their Pelican Vault.

• Recovery Phrase:

  A user-generated access mechanism that enables vault access or restoration and is never known to Pelican.

• Third-Party Business:

  Any external entity that requests identity data from a user and operates independently of Pelican.

User as Sole Identity Custodian

Users are the sole custodians of their identity data. Pelican does not co-own, jointly control, license, or assert rights over identity data stored in Pelican Vault.

Explicit Rejection of Custodianship

Pelican does not act as a data custodian, escrow provider, trustee, fiduciary, or guardian of user identity data under any legal framework.

No Data Commercialization

Pelican does not sell, rent, license, analyze, or monetize identity data for advertising, analytics, profiling, or behavioral inference.

Architectural Enforcement of User Control

Pelican Vault is architected such that Pelican does not possess the technical capability to independently access, view, or extract identity data stored in a user’s vault.

Absence of Administrative Override

Pelican does not maintain administrative backdoors, master keys, recovery mechanisms, or override capabilities that would permit access to user identity data.

No Exceptional Access

Pelican cannot access identity data in response to customer support requests, internal reviews, legal demands, or emergency situations.

Any request for identity data must be satisfied, if at all, directly by the user.

recovery phrase Generation and Disclosure

At onboarding, Pelican Vault generates and displays a recovery phrase to the user. This recovery phrase is displayed once and is not retained by Pelican in any form.

Sole Responsibility and Risk Assumption

The user assumes full and exclusive responsibility for safeguarding the recovery phrase. Pelican disclaims all responsibility for loss, compromise, duplication, or misuse of the recovery phrase.

• Loss of the recovery phrase results in permanent loss of access.

• Compromise of the recovery phrase enables unauthorized access.

No Recovery, No Exceptions

Pelican cannot recover, reset, regenerate, or bypass a recovery phrase under any circumstances.

This includes—but is not limited to—device loss, death, incapacity, legal orders, or system failures.

Optional Convenience Feature Only

Backup and restore features, where available, are provided strictly as optional convenience mechanisms and do not alter the self-custodial nature of Pelican Vault.

User-Controlled and User-Risk-Bearing

Users bear full responsibility for selecting, configuring, securing, and validating any backup mechanism.

No Guarantee of Recoverability

Pelican makes no representations or guarantees regarding backup integrity, availability, or restorability.

Operational Metadata Only

Pelican processes only the minimum non-identity data required to operate the application, enforce security, prevent abuse, and maintain service availability.

Ephemeral Technical Processing

Authentication and session-related data are processed transiently and are not retained beyond their immediate technical purpose.

Affirmative Exclusions

Pelican does not intentionally collect, store, or process the following categories of data:

• Identity data stored in the user’s vault.

• recovery phrases, private keys, or cryptographic secrets.

• Biometric identifiers.

• Advertising or tracking identifiers.

User-Initiated Disclosure Only

All identity data disclosures occur solely as a result of user action. Pelican does not initiate, automate, or compel identity sharing.

No Ongoing Authority

Once identity data is shared, Pelican does not retain authority, visibility, or control over that data.

Independent and Unaffiliated Controllers

Third-party businesses operate independently and assume full legal responsibility for data they receive.

No Liability for Third-Party Conduct

Pelican disclaims responsibility for third-party storage practices, security measures, retention policies, or regulatory compliance.

Consent and Contractual Necessity

Where Pelican processes data, it does so based on explicit user consent or contractual necessity to provide the software.

Jurisdiction-Agnostic Compliance

Pelican operates globally and aligns its practices with generally accepted data protection principles without assuming jurisdiction-specific obligations beyond applicable law.

Security Measures

Pelican employs industry-standard technical and organizational safeguards appropriate to its limited role.

Shared Risk Model

Users acknowledge that security depends on device integrity, operating system security, and personal operational practices.

Minimal Retention

Non-identity metadata is retained only as long as operationally or legally required.

Deletion Limitations

Deletion of a Pelican Vault account does not affect data already disclosed to third parties.

Rights Relating to Pelican Processing Only

User rights apply only to data processed by Pelican and do not extend to identity data under user custody or third-party control.

Assumption of Risk

Users expressly acknowledge and accept the risks inherent in self-custodial identity management.

Limitation of Responsibility

Pelican is not responsible for losses arising from user error, third-party misconduct, device compromise, or force majeure events.