Support & Trust Center
Help, and how to reach us.
However you need us — a question about your data, a deletion request, or a security concern — here’s how to get to a real person. We’re a small team and we answer these ourselves, within two business days.
Frequently asked
Answers, no login required.
Search the questions below, or scroll through them. If you don’t find your answer, email support@chrysalis.io and we’ll get back to you within two business days.
No matches. Try a different word, or email support@chrysalis.io directly.
Data deletion
How to delete your data.
You can ask us to delete your account and the personal data tied to it at any time, for any reason. This is your right under GDPR (Article 17, the “right to erasure”) and CCPA/CPRA, and it’s how we operate regardless of where you live.
- Send your request. Email support@chrysalis.io with “Data Deletion Request” in the subject line. Tell us whether you want your entire account deleted or only specific content.
- We confirm it’s you. To protect your account, we verify the request comes from you before deleting anything. We’ll only ask for what we need to confirm your identity.
- We delete your data. We delete your account data from our active systems and instruct any subprocessors holding it on our behalf to do the same.
- Backups are purged on cycle. Encrypted backups roll off automatically within our 7-day backup window, so deleted data is removed from backups shortly after.
- We confirm completion. You’ll get written confirmation once the deletion is done, within the timeframe below.
Timeframe. We acknowledge requests within two business days and complete verified deletions without undue delay, and in any case within 30 days, as GDPR requires.
A note on our architecture. Because of our zero-access design, much of your Vault content is already encrypted in a form we can’t read, and some content you can delete yourself directly in the app. When you contact us, we’ll tell you what you can remove yourself and what we’ll handle for you.
Limited exceptions. In narrow cases we may need to retain specific records to meet a legal obligation, resolve disputes, or enforce our agreements. If that applies, we’ll tell you what we’re keeping and why, and we delete it once the obligation ends.
For the full written policy, see our Privacy Policy. Health information handled on behalf of a covered entity is deleted in line with the terms of the applicable Business Associate Agreement.
Security & privacy reporting
Report a security or privacy concern.
If you’ve found a vulnerability, suspect a breach, or have a privacy concern — especially anything touching health information — tell us. We take these seriously and respond quickly.
Email security@chrysalis.inc
Helpful things to include: what you found, where you found it, and how to reproduce it. If it’s sensitive, just send a short note and we’ll set up a secure way to share details.
We investigate every report. If an incident affects your personal data, we notify affected individuals without unreasonable delay and within the timelines described in our Security Statement — including within 72 hours where GDPR requires it. Please report security issues by email rather than posting them publicly, so we can protect users while we fix them.
Contact channel
Talk to a person.
There’s no form to wrestle with. Email us and a real person picks it up.
Email support@chrysalis.io
Every message opens a tracked support ticket, so your request is logged, assigned, and resolved — nothing falls through the cracks. We reply within two business days.
For security, privacy, or breach concerns, use security@chrysalis.inc instead.