VaultPurge

Do You Have Candidate Resumes from 2023 on Your Computer?

If yes, you are in breach of GDPR Article 17.

EU Data Protection Authorities are issuing fines up to €20,000,000. Let's see how much your agency is risking.

Calculate Your GDPR Liability

AES-256-GCM
RSA-OAEP 2048
PBKDF2-HMAC
Zero-Knowledge

Architected for Professional Regulatory Compliance

GDPR ARTICLE 17 SOC2 TYPE II ISO 27001 CCPA
Security Architecture Specification ROI: How to Save 30 Billable hrs/mo

One Workflow. Zero Liability.

From the moment a candidate applies to the second their data is shredded, VaultPurge keeps PII out of your inbox and under your control.

SOURCE: PUBLIC_DROP_LINK

CANDIDATE_ID.PDF

"Candidate uploads directly to vault"

SOURCE: RECRUITER_PUSH
AUTO_ENCRYPT

PROFILE_SNIP.PDF

"Recruiter pushes from LinkedIn"

Unified Intake: Capture PII via public links or direct browser push. Keep sensitive data out of your email server forever.

CLIENT_REVIEW_882 • UNAUTHORIZED • CLIENT_REVIEW_882
Secure Zero-Knowledge Viewer
DOWNLOADS DISABLED

Dynamic IP/Email watermarking deters screenshots and prevents unauthorized file redistribution.

SHREDDING_KEY_PURGE...
Forensically Shredded
DELETION_CERTIFICATE_V1.2

PURPOSE: SENIOR_DEV_ROLE

REASON: GDPR_ARTICLE_17_TTL

METHOD: CRYPTO_WIPE_HMAC

STATUS: UNRECOVERABLE

Satisfy Article 17 audits with cryptographically signed proof that includes the exact purpose of processing.

Drop Box
Inbound Compliance

Stop letting sensitive candidate IDs linger in your email inbox or local 'Downloads' folders.

Secure Viewer
Controlled Sharing

Share documents with clients that can be seen but never downloaded, keeping you in control of the PII.

Auto-Shred
GDPR Autopilot

Cryptographically wipe data once its purpose is served. Satisfy Article 17 audits with zero manual effort.

The Compliance Reality

"Recruitment compliance is often seen as a soul-crushing, manual add-on task. We built VaultPurge to end the cycle."

"I spend my Fridays manually scouring shared folders for old resumes. It's a soul-crushing waste of time, but if we miss one, the DPO has my head."

MD

Managing Director

Boutique Tech Agency

"Our ATS says we deleted the data, but the CV is still sitting in three different 'Sent' folders and the hiring manager's cache. It's a GDPR time bomb."

CO

Compliance Officer

Legal Sector Firm

"I sent a CV via email. They hired him 4 months later without telling me. Since they already 'owned' the file, I had zero leverage to claim my fee."

F

Founder

Executive Search Boutique

The Compliance Moat

Why standard cloud storage is your biggest GDPR liability.

Security Requirement Email / Google Drive VaultPurge
Zero-Knowledge (No Provider Access) ❌ NO ✅ YES
Automated Article 17 Shredding ❌ MANUAL ✅ AUTOMATED
Legal Proof of Destruction ❌ NO ✅ ISSUED
Controlled Viewing (No Downloads) ❌ NO ✅ YES
Dynamic Watermarking ❌ NO ✅ YES

THE WORKFLOW ADVANTAGE

Built for recruiters who need more than just storage. We've built the isolation layer your current workflow is missing.

LinkedIn Extension

Push candidate data directly from LinkedIn to your secure vault. PII never touches your hard drive, eliminating local cache liability entirely.

Coming Soon to Beta

Dynamic Watermarking

Every document viewed by a client is overlaid with their unique identity. Deter screenshots and prevent unauthorized redistribution of your talent pool.

Purpose-Based Audit

Attach specific job roles to every file. Your Deletion Certificates will include the exact legal basis for processing, satisfying forensic audits instantly.

€20,000,000 Fine vs €49/Month

"The Cheapest Compliance Insurance in the EU."

Solo Founder
€49/mo

For boutique agency founders & freelance headhunters.

  • Unlimited Automated Shredding
  • GDPR Article 17 Deletion Certificates
  • Zero-Knowledge Personal Vault
Start 14-Day Free Trial →

Team / Enterprise

Scaling agencies needing centralized oversight, multi-user permissions, and custom DPO reporting.

Centralized Agency Dashboard
Master Audit Logs for Auditors
Contact Sales for Pricing

🛡️ THE EU COMPLIANCE GUARANTEE: If your agency is fined for a GDPR data retention failure while using VaultPurge correctly, we'll refund 12 months of service plus pay €10,000 toward your legal fees.

Compliance FAQ

Answering the tough questions about recruitment liability.

We already use an ATS (Bullhorn/Workable). Why do we need this?

ATS systems are for management, not isolation. Most GDPR breaches happen before data enters your ATS—it’s sitting in your recruiters' Outlook inboxes or local 'Downloads' caches. VaultPurge acts as the 'Intake Isolation Layer.' Our Drop Box captures PII before it hits your mail server, ensuring you never create a 'Ghost PII' liability in the first place.

Can clients still bypass me via screenshots or photos?

While no viewer can stop a physical camera, our Dynamic Watermarking acts as a powerful legal and psychological deterrent. Every document is overlaid with the viewer's unique ID and IP address. This ensures 100% accountability—if a candidate is bypassed, you have forensic evidence of who leaked the profile.

How do I know your "Zero-Knowledge" claim is real?

We move beyond 'Zero-Trust' to Technical Inability. VaultPurge uses the W3C Web Crypto API to perform all encryption in your browser. We possess zero technical means to access your keys. If we are subpoenaed or our backend is breached, all anyone gets is encrypted noise. You hold the only keys.

How do I prove to an auditor that we actually deleted the data?

Deleting a file from a trash bin provides zero legal evidence. VaultPurge generates a signed Deletion Certificate for every shredded file. This certificate includes the file hash, the purpose of processing, and a cryptographically verifiable timestamp. It’s the only tangible proof your DPO needs to satisfy an Article 17 audit.

Private Beta Access

Secure Your Slot

Limited to 50 agencies for the April batch. No card required.