pelican-logo

Get Vault

Terms of Use

Last Updated: December 21, 2025

Introduction

This Terms of Use constitutes a legally binding contract between Pelican Identity, a subsidiary of Heracules Design & Tech Ltd. (“Pelican Identity,” “Company,” “we,” “our,” or “us”), and any individual or entity (“User,” “you,” or “your”) that accesses, or uses the Pelican business dashboard and other platforms (as defined below). By creating an account, accessing, or otherwise using the Platform, you acknowledge that you have read, understood, and agree to be bound by this Terms of Use, our Privacy Policy, and any supplemental policies, guidelines, or documents referenced herein (collectively, the “Policies”). If you do not agree to all such terms, you must not access or use Pelican vault or any of its related services.

Scope and Applicability

Purpose of This Policy

This Business Privacy Policy explains how Pelican processes data in connection with its business-facing services. It applies solely to Business customers and does not govern end-user data stored in Pelican Vault.

Roles and Responsibilities

Data Controller and Processor Roles

Businesses act as Data Controllers for any personal data they request or receive through Pelican. Pelican acts as a Data Processor, except where Pelican independently processes limited metadata for security, compliance, or billing purposes.

Data Pelican Processes

Business Account Data

  • Administrative Information:

    Company name, contact email, authorized users, billing details.

  • Technical Metadata:

    API usage logs, authentication events, IP addresses, and device metadata.

Data Pelican Does Not Control

User Identity Data

Pelican does not store, persist, or independently access end-user identity data contained in Pelican Vault. Such data is transmitted directly to Businesses only upon explicit user approval.

Purpose of Processing

Operational Necessity

  • Service Delivery:

    To authenticate requests, enforce access controls, and deliver core platform functionality.

  • Security and Abuse Prevention:

    To detect fraud, misuse, or unauthorized access.

Data Retention

Retention Limits

Pelican retains Business-related metadata only for as long as necessary to fulfill contractual, legal, or security obligations. Identity data shared with Businesses is not retained by Pelican.

Security Measures

Safeguards

Pelican employs technical and organizational measures including encryption, access controls, and audit logging. However, no system is immune to risk, and absolute security is not guaranteed.

International Data Transfers

Global Operations

Pelican operates globally and may process data across jurisdictions. Appropriate safeguards are applied where required by law.

Business Obligations

Downstream Compliance

Businesses are solely responsible for how they store, process, secure, and retain any user data received via Pelican.

Policy Changes

Updates

Pelican may update this policy from time to time. Continued use of the Services constitutes acceptance of the updated policy.