Privacy — the human version

Three kinds of data: what you give us (email, optional profile details used for survey matching), what using Vouch generates (your ledger), and technical signals (device, IP). The technical signals mostly exist to stop fraud — which we do under “legitimate interests” with a documented assessment behind it.

The services that run Vouch — login, hosting, email, gift-card issuing — and offer partners, so your completions get attributed and validated. Some providers are US-based; those transfers use approved safeguards.

We don't sell your data, and we don't run advertising trackers.

Essential cookies (login, security) run without asking — everything else asks first, and “reject” is as easy as “accept”. No advertising cookies at all. One honest note: some fraud-prevention signals read characteristics of your device; we limit these to what's needed to keep the rewards pool honest, we disclose them, and exactly how UK rules apply to them is a question we're resolving with our lawyers rather than pretending it's settled.

You can access, correct, or delete your data, object to processing, and complain to the ICO. Requests go to support and are handled within the statutory windows.