What is the Contact Vault module used for

The Contact Vault module is used to store sensitive client contact data such as email addresses and phone numbers in an encrypted and isolated way, separate from regular content, logs and messages.

How does the Contact Vault help with GDPR compliance

The Contact Vault is designed with GDPR in mind. Personal contact data is stored encrypted, access is limited by roles and permissions, and sensitive fields are masked by default in admin views so full details are visible only when truly needed.

Who can see full email and phone values

Only users with the appropriate role based permissions can reveal full email and phone values. Other admins see masked data, which reduces accidental exposure and keeps sensitive information restricted to a small group of trusted users.

How is the Contact Vault connected to client requests

Contact entries in the vault can be linked to records in the Client Requests module without duplicating data. One encrypted contact can be reused across multiple service or support requests while remaining isolated from public content.

Is contact data stored encrypted at rest

Yes. Email addresses and phone numbers in the Contact Vault are stored encrypted at rest. Raw values are not exposed by default in admin listings, which adds an extra layer of protection even if someone gains access to the database.

What are typical use cases for the Contact Vault

Typical use cases include storing client contact details from service requests, limiting what technicians can see, reviewing stored contacts during GDPR or security audits and avoiding personal data in logs, notes or public views.

How is access to the vault protected

Access to the Contact Vault is protected by role based permissions and additional safeguards for login and abuse prevention, which are handled together with the Security module so only authorised users can work with sensitive data.

Contact vault, GDPR safe storage

Why a contact vault is necessary

Client email addresses and phone numbers are among the most sensitive types of data in any system. Storing them inside regular records, logs or messages increases the risk of accidental exposure.

The Contact Vault separates personal contact data from operational data such as requests, tickets or services. Public contact information remains in the Contacts module, while sensitive data is isolated and protected.

Store personal contact data encrypted.
Limit access by role and permission.
Mask data by default in admin views.
Link contacts to requests without duplication.

Encrypted contact storage

Email addresses and phone numbers are stored encrypted at rest. Raw values are never exposed by default.

This protects data even in the event of database access or unintended admin visibility.

Masked admin views

By default, contact data is masked in admin listings. Only partial information is visible.

Full data requires an explicit action and appropriate permission.

Role based access control

Access to full contact details is limited by role. Not every admin needs to see personal data.

Roles and permissions are managed centrally in the Users module.

Linked to client requests

Contact records are linked to client requests without duplicating data across tables.

One contact can be reused safely across multiple records while remaining protected.

Audit friendly structure

The vault shows when data was stored and which request it belongs to.

This simplifies internal audits and compliance reviews.

Security by design

All access to the vault is protected by role based permissions and additional safeguards.

Typical use cases

Store client email and phone from service requests.
Limit access to personal data for technicians.
Review stored contacts during GDPR audits.
Avoid sensitive data in logs and notes.

Privacy by design, not by accident

The Contact Vault keeps sensitive client data protected, isolated and accessible only when necessary. It helps teams stay compliant, reduce risk and keep trust intact.