Child Safety & CSAM Policy

Effective Date: April 25, 2026 · Last Updated: April 25, 2026

1. Our Position

VaultChat has zero tolerance for the sexual exploitation of children. Any account that uploads, shares, requests, solicits, possesses, or distributes child sexual abuse material (CSAM) or that engages in the sexual exploitation of any person under 18 will be permanently terminated, reported to NCMEC, and — where applicable — referred to law enforcement.

This policy applies to every part of VaultChat: direct messages, group chats, voice and video calls, voice notes, shared media, profile content, group names and descriptions, and any other surface created by or shared between users.

2. What Is Prohibited

The following are strictly prohibited on VaultChat. There are no exceptions for artistic, educational, satirical, or fictional framing.

• Any visual depiction of a minor (anyone under 18) engaged in sexually explicit conduct, including photographs, videos, screen captures, drawings, paintings, cartoons, anime, AI-generated imagery, computer-generated imagery, and morphed or composite images.
• Sexualized text-based content involving minors, including roleplay, fan fiction, fantasy narratives, and chat-based sexual scenarios.
• Sexual solicitation of a minor or attempts to entice, groom, or coerce a minor into sexual activity, sexual conversation, or the production of sexual imagery.
• Sextortion — threatening to share sexual content of a person in order to obtain more sexual content, money, or other concessions.
• Trading, selling, advertising, or trafficking access to CSAM, including via links, codes, hashes, or invitations to channels on other platforms.
• Promoting, glorifying, or normalizing the sexual abuse of children, including the use of euphemisms or coded language commonly associated with such material.
• Sharing the personal information (handle, phone number, photo, location, school, or other identifying details) of a minor in a sexualized context.

3. Encryption and Detection

VaultChat is end-to-end encrypted. We cannot read the contents of your messages, calls, or shared media in the ordinary course of operating the service. This is a deliberate engineering choice that protects every user's private communications. It also means we do not perform server-side scanning of message contents for CSAM or any other category of content.

This does not mean VaultChat is a safe place for child exploitation. It is not. We rely on a combination of:

• User reports. Any user who witnesses prohibited content can report it through the in-app report flow and choose to forward a copy of the reported content to our safety team. Forwarded content arrives unencrypted to us (with the reporter's explicit consent) and is reviewed by humans.
• On-device safety features. We are integrating Apple's Sensitive Content Analysis (iOS 17+) and equivalent on-device tooling so that recipients are warned before viewing potentially explicit imagery. These features run entirely on the user's device. VaultChat never receives or learns the result.
• Account-level signals. We monitor account-level metadata — such as patterns of mass-add behavior, repeated reports, and ban-evasion signals — that do not require reading message content. These signals can trigger account review and suspension.
• Cooperation with law enforcement. We respond to lawful requests from law enforcement agencies that comply with applicable law and the procedures described in our Terms of Service.

4. How to Report

To report a message, photo, video, voice note, or other content that you believe violates this policy:

• Long-press the message in any chat → tap Report.
• Choose Child sexual abuse material as the reason. (CSAM reports are flagged urgent and reviewed before any other category.)
• Optionally check the box to forward a copy of the content to our safety team. This greatly speeds up review and is strongly encouraged for child-safety reports.
• Optionally check Also block this user so you don't have to receive further messages from them while we review.

If you cannot use the in-app flow — for example because the offender deleted the chat before you could report — email us at safety@vaultchat.co with as much detail as you can safely provide. Do not attach a copy of the imagery yourself. Describe what you saw, who sent it, and when. Possessing or transmitting CSAM is a federal crime even for the purpose of reporting it.

You may also report directly to NCMEC at report.cybertip.org or 1-800-843-5678. NCMEC accepts reports from any platform and forwards them to the appropriate law enforcement agency.

5. What We Do When We Receive a Report

For any report flagged as child sexual abuse material:

• Within 24 hours a member of our safety team triages the report. CSAM reports are surfaced at the top of the moderation queue ahead of every other category.
• If the report includes forwarded content and the content is reviewed and confirmed to be CSAM, we immediately suspend the reported account and any associated accounts identified through metadata.
• We preserve the reported content and associated account metadata (account identifier, registration timestamp, IP address at registration, message timestamps, recipient identifiers) as required by 18 U.S.C. § 2258A. Preserved evidence is held for the period required by law and made available to NCMEC and law enforcement.
• We file a CyberTipline report with NCMEC within the timeline required by 18 U.S.C. § 2258A — which we treat as 24 hours from confirmation, regardless of the longer statutory window.
• We respond to lawful preservation requests, search warrants, and subpoenas from law enforcement in accordance with applicable law and our Terms of Service.
• Where credible evidence indicates the reported user is producing or actively soliciting CSAM, we permanently terminate the account, ban the device identifiers we can capture, and take reasonable steps to detect and block re-registration attempts using the same credentials.

For reports that do not include forwarded content, our review is necessarily limited to account metadata and the reporter's description. We may follow up with the reporter for additional context, take account-level action where the metadata pattern warrants it, and forward the report to NCMEC where the description is sufficient to constitute apparent CSAM.

6. Our Reporting Obligations Under Federal Law

VaultChat is a "provider" within the meaning of 18 U.S.C. § 2258A. We comply with that statute. Specifically:

• We report apparent violations of federal child sexual exploitation laws to the NCMEC CyberTipline as soon as reasonably possible, and in any event within the timelines specified by the statute.
• We preserve the contents of any report and the identity of the user who appears to have committed the violation for the period required by law (currently 90 days, extendable on request from law enforcement).
• We do not destroy, modify, or alter preserved evidence except as permitted by law.
• We do not voluntarily disclose the contents of preserved reports except to NCMEC, law enforcement acting under lawful authority, and counsel.

We are an enrolled NCMEC reporting organization. Our enrollment information and contact details are on file with NCMEC.

7. Account Re-Registration and Ban Evasion

An account terminated for CSAM-related conduct is terminated permanently. Attempts to re-register — whether under a new email, new phone number, new device, or otherwise — are themselves a violation of our Terms of Service and will be terminated on detection.

We use account-level signals (registration patterns, device identifiers we are permitted to read, behavioral signatures) to detect re-registration attempts. We do not read the content of messages to do this.

8. Education and Prevention

VaultChat supports the work of the organizations listed below. If you or someone you know is being affected by child sexual exploitation, please reach out to one of these resources directly:

• National Center for Missing & Exploited Children (NCMEC) — United States, 1-800-843-5678
• Internet Watch Foundation (IWF) — United Kingdom and international
• Thorn — technology to defend children from sexual abuse
• Stop It Now — confidential help for people worried about their own thoughts or behavior toward children
• RAINN — National Sexual Assault Hotline, 1-800-656-4673

9. For Law Enforcement

VaultChat responds to lawful preservation requests, subpoenas, court orders, and search warrants from law enforcement agencies that comply with applicable law. Send formal requests to legal@vaultchat.co.

For emergency disclosure requests under 18 U.S.C. § 2702(b)(8) — that is, where there is reasonable belief of imminent danger of death or serious physical injury — please mark the subject line EMERGENCY DISCLOSURE REQUEST and include the requesting agency, the requesting officer's name and badge number, and a callback number we can use to verify the request.

We are committed to responding to valid emergency requests as quickly as we can verify them.

10. Changes to This Policy

We may update this policy as VaultChat evolves and as best practices in child safety improve. Material changes will be reflected in the "Last Updated" date at the top of this page. We encourage you to review this policy periodically.

11. Contact

Child-safety concerns: safety@vaultchat.co

Law enforcement: legal@vaultchat.co

General support: support@vaultchat.co