What Happens to Your Data?
You asked, we answer. Your data lives in the EU, is separated across independent services, and is never tied to your identity. Here's exactly how it works.
Where Your Data Lives
Every piece of your data has a specific home — and none of them are in the United States.
Location & Profile Data
EU Cloud Provider (France-based)
Authentication & Login
Descope
Compute & Serving
Google Cloud
Push Notifications
Google Cloud Messaging
How We Protect You
Three architectural decisions that keep your data safe — by design, not by promise.
No US Data Residency
Your data is stored in the EU — primarily in the Netherlands — under GDPR protections that are stricter than US privacy law.
- All user data stored on servers in the Netherlands, operated by a French cloud provider
- EU privacy regulations (GDPR) govern how your data is handled
- Jurisdictionally mobile — data can move between EU data centers (e.g., Netherlands to France) if community safety requires it
Data Segmentation
Your login credentials and your personal data live on completely separate services. A breach of one does not compromise the other.
- Authentication (login) handled by Descope in EU data centers
- Profile, reports, and preferences stored separately on dedicated EU servers
- Linked only by an anonymized user ID — not your email or name
- Defense-in-depth: multiple layers, not a single point of failure
Google runs our code. A French cloud provider holds your data. Different companies, different jurisdictions, by design.
Minimal Google Footprint
We use Google Cloud for running code and sending push notifications — that's it. Your personal data is not stored under Google's terms.
- Google Cloud handles compute and serving only
- Push notifications routed through Google (required for Android)
- All user data lives on dedicated EU infrastructure under stricter privacy controls
- Deliberate architecture: Google infrastructure, not Google data governance
Who Sees Your Data
Short answer: only Vouch, and only to power the features you use.
- Only Vouch can access your data — used solely within the app
- Powers features like the Incident Map and personalized news feed
- No data shared with law enforcement unless you explicitly request it
- Anonymized, aggregate data may be shared with marketing partners — but never tied to your identity or any personally identifying information
- Ad personalization is based on your activity but never tied to your identity — no fingerprinting, no personal identification
- Fully GDPR compliant — and actively pursuing higher levels of security certification and compliance
- Every release undergoes independent security testing through a dedicated vendor relationship
- Your data is never used to train AI models — our AI features run on proprietary prompts with existing models, not your data
Data Partnerships for Community Safety
Vouch is exploring partnerships with organizations like ADL, AJC, and community federations to share aggregated, anonymized safety intelligence — helping them better protect Jewish communities.
- Real-time incident maps and regional heatmaps
- Location-based trend analysis and pattern detection
- Aggregated and anonymized — individual data is never shared
- Organizations get better intelligence; communities get better protection
Questions About Your Privacy?
We believe in transparency. If something on this page doesn't answer your question, reach out directly.