Vanishly Go to app

Effective date: 28th May 2026 Last updated: 28th May 2026 Operated by: Third Time Lucky Corp Pty Ltd (ABN 94 612 461 800), Queensland, Australia Contact: support@vanishly.link

Plain English summary

This document is the legal agreement between you and us when you use Vanishly. The short version:

  • Vanishly is a free service for sending and receiving secrets (passwords, credentials, sensitive data) using end-to-end encryption.
  • We encrypt everything in your browser. We cannot read your secrets, even if we wanted to.
  • We do not back up your secrets. When they expire or get read once, they are gone forever.
  • We do not allow password resets. If you lose your login credentials, your account is permanently gone. This is intentional.
  • You must not use Vanishly for illegal purposes, to send malware, to phish people, or to harass anyone.
  • The service is free at launch. We may introduce paid tiers in the future with additional features. The core service of sending and receiving secrets will remain free.
  • Australian Consumer Law and GDPR rights apply where relevant. We do not try to remove your statutory rights.
  • If something goes wrong, our liability is limited to AUD $100.
  • Queensland, Australia law governs this agreement. Disputes go to Queensland courts.

The formal terms below override the summary where they conflict. Read both.

1. Who we are and what this agreement covers

These Terms of Service (“Terms”) form a legally binding agreement between you and Third Time Lucky Corp Pty Ltd, an Australian company with ABN 94 612 461 800 in Queensland, Australia (“we”, “us”, “our”, “Third Time Lucky”).

We operate the Vanishly service available at vanishly.link (“Vanishly” or “the Service”). The Service lets registered users send and request encrypted secrets through one-time links.

By creating a Vanishly account, accessing the Service, or sending or receiving a secret through Vanishly, you agree to these Terms.

If you are using Vanishly on behalf of an organisation, you confirm you have authority to bind that organisation to these Terms, and “you” includes that organisation.

2. Definitions

  • Account: a registered user account with verified email and active two-factor authentication.
  • Sender: an Account holder who creates a share or a request through the Service.
  • Recipient: a person who receives a share link or a request link via the Service, whether or not they have an Account.
  • Share: a one-time encrypted message sent from a Sender to a Recipient via Vanishly.
  • Request: a one-time encrypted secret deposit flow initiated by a Sender, fulfilled by a Recipient.
  • Secret: the plaintext content encrypted and transmitted through a Share or Request.
  • Free Tier: the no-cost plan with a 5-send lifetime quota.
  • Standard Plan: the paid plan billed at the rate published at vanishly.link/pricing.
  • Pro Plan: the higher-tier paid plan billed at the rate published at vanishly.link/pricing.

3. Account creation and security

3.1 Eligibility

You must be at least 18 years old (or the age of majority in your jurisdiction, whichever is higher) to create a Vanishly Account. The Service is not directed at children.

3.2 Account requirements

Creating an Account requires a valid email address, a strong password (subject to our published requirements), email verification, and active two-factor authentication (TOTP). You cannot create or send through an Account without all four.

3.3 No account recovery

You are responsible for safeguarding your Account credentials and your TOTP authenticator device. We do not offer password recovery, password reset via email, or any other mechanism to restore access to a locked-out Account. If you lose your password and your recovery codes, the Account is permanently inaccessible.

This is a deliberate security design decision, not an oversight. Refer to our Security Policy for the reasoning. You acknowledge and accept this constraint by creating an Account.

3.4 Account responsibility

You are responsible for all activity that occurs under your Account, including any sends or requests created. If you suspect unauthorised access, you must notify us immediately at support@vanishly.link.

3.5 One person per Account

Accounts are individual. You must not share Account credentials with anyone else. Multi-user team functionality may be offered in future as a separate product feature.

4. Acceptable use

4.1 Permitted uses

Vanishly is provided for the lawful exchange of sensitive information between consenting parties. Common legitimate uses include sharing passwords with colleagues, sending credentials to clients, requesting confidential information from contractors, and exchanging private documents between individuals.

4.2 Prohibited uses

You must not use Vanishly to:

  • Send, request, or facilitate the transmission of content that is illegal in Australia or in any jurisdiction where you or the Recipient is located
  • Send malware, ransomware, viruses, exploit code, or any payload designed to harm a computer system
  • Phish, impersonate another person or organisation, or deceive Recipients about the sender’s identity
  • Harass, threaten, defame, or coordinate harm against any person
  • Distribute child sexual abuse material (CSAM) or any content that exploits minors
  • Distribute non-consensual intimate imagery
  • Distribute material that infringes third party intellectual property rights
  • Circumvent or attempt to circumvent our security measures, rate limits, or quota enforcement
  • Resell or sublicense access to Vanishly without a written agreement with us
  • Use the Service in a manner that could damage, disable, or impair the Service or interfere with other users
  • Use automated means (bots, scrapers, crawlers) to access the Service except for the explicit purpose of legitimate API access where offered
  • Use Vanishly to facilitate any activity prohibited by Australian, Queensland, or applicable foreign law

4.3 No expectation of monitoring

Because Vanishly is zero-knowledge end-to-end encrypted, we cannot inspect the content of Secrets. We do not pre-screen, monitor, or moderate Secret content. The responsibility for content lawfulness rests with the Sender.

4.4 Reporting abuse

If you are a Recipient who has received a Secret you believe was sent in violation of these Terms (phishing, harassment, illegal content), you can report it via the “Report this page” link on the recipient page. Reports are reviewed by our admin team. We may suspend or terminate Accounts found to have violated these Terms, in our reasonable discretion.

4.5 Cooperation with law enforcement

We will respond to valid legal process from Australian authorities (search warrants, subpoenas, court orders). Because we cannot decrypt Secret content, the data we can disclose is limited to Account metadata, sender and recipient email addresses on Requests, timing of activity, and IP address hashes. We will challenge requests we believe are overbroad or unlawful.

5. The Service: how it works and what we promise

5.1 Description

Vanishly enables Senders to create Shares (push) and Requests (pull) of encrypted Secrets. Recipients access Secrets via one-time links. Secrets expire on first read or after a Sender-configured time period, whichever comes first. After expiry or consumption, Secret ciphertext is permanently deleted from our servers.

5.2 Zero-knowledge architecture

We have designed Vanishly so that Secret content is encrypted in the Sender’s or Recipient’s browser using keys we never receive. We cannot read, recover, or restore Secret content under any circumstance, including at the request of an Account holder, a Recipient, or a law enforcement agency.

5.3 We do not back up Secret content

Secrets are explicitly excluded from our database backups. Once a Secret expires or is consumed, the only remaining record is metadata (creation time, expiry time, Sender Account, Recipient email for Requests). The encrypted content cannot be restored.

5.4 Availability

We aim to provide reliable Service availability. We do not guarantee uptime. The Service may be unavailable for planned maintenance, security incidents, or causes beyond our reasonable control.

5.5 Changes to the Service

We may add, modify, or remove Service features over time. Material changes to features available on your current Plan will be notified in advance via email and in-app notification, and you may cancel your subscription before the change takes effect if you do not accept it.

6. The Service is free at launch

6.1 Free service

Vanishly is provided free of charge at launch. There are no paid tiers active at this time. Use of the Service is subject to fair use limits and rate limits as described elsewhere in these Terms.

6.2 Future paid tiers

We may introduce paid tiers in the future offering additional features such as expanded send quotas, advanced branding customisation, and team management. If and when paid tiers are introduced:

  • We will provide at least 30 days advance notice to existing Accounts via email and in-app notification
  • The core service of sending and receiving secrets will remain available in some form without payment
  • Any features previously available without charge that move to a paid tier will be honoured for existing users for a transition period of at least 30 days
  • Pricing, billing terms, and refund policies will be published as part of the activation announcement

6.3 No fees currently

We do not charge fees for Account creation, sending, requesting, receiving, branding customisation (within free-tier features), or any other current Service function. We do not collect payment details from you. We do not have a current billing relationship with you.

6.4 Future billing relationship

If you subscribe to a paid tier in the future, the billing relationship will be governed by terms presented at the point of subscription. Those terms will include payment processor information, cancellation procedures, refund policies, and tax handling. You are not bound to any future billing terms by these current Terms.

7. Domain verification

We offer optional domain verification for Accounts using custom email domains. If your account email is on a free email provider (gmail.com, outlook.com, and others maintained on our published list), domain verification is not available. The trust signal shown on your recipient pages reflects your verification status as described in our Security Policy.

You are responsible for maintaining the DNS TXT record we issue for verification. If the record is removed or modified such that ongoing verification fails, your verified status will be revoked and the corresponding trust signal will change.

8. Recipient experience and Recipient rights

8.1 Recipients without Accounts

Recipients of Shares and Requests do not need to create an Account to access the Service. Their interaction is limited to viewing or depositing Secrets via one-time links.

8.2 Recipient agreement

By accessing a Vanishly Share or deposit link, a Recipient is using the Service and is subject to:

  • Section 4 (Acceptable Use)
  • Section 5 (Service description)
  • Our Privacy Policy
  • The relevant provisions of these Terms governing their interaction

A Recipient does not agree to the billing or Account-specific provisions.

8.3 Recipient reporting

Recipients can report a Share or Request they believe is malicious, illegal, or otherwise violates these Terms via the “Report this page” link on the recipient page. We will review reports and take action where appropriate.

9. Intellectual property

9.1 Our IP

The Vanishly name, logo, marks, and Service interface are our property. You receive no licence to use them except as necessary to use the Service.

9.2 Your content

You retain all rights to the Secret content you send or request through Vanishly. We claim no ownership of your Secrets.

9.3 Feedback

If you send us suggestions, ideas, or feedback about the Service, we may use them without restriction or compensation.

10. Termination

10.1 By you

You can terminate your Account at any time via Account settings. Account deletion permanently removes your Account record, your Shares, your Requests, and your branding configuration. Audit log records are retained for 30 days then purged.

10.2 By us

We may suspend or terminate your Account, with or without notice, if:

  • You materially breach these Terms
  • We have reasonable grounds to believe your Account is involved in activity prohibited under section 4
  • Required by law or valid legal process
  • We discontinue the Service (with reasonable advance notice except in emergencies)

10.3 Effect of termination

Upon termination, your access to the Service ceases. Existing Shares and Requests are deleted as described above. We will not refund subscription fees paid for the unused portion of a billing period except where required by law or where termination is at our initiative without your breach.

10.4 Survival

Sections 4 (acceptable use, to the extent of pre-termination conduct), 9 (IP), 11 (consumer rights), 12 (warranties), 13 (liability), 14 (indemnity), 15 (disputes), and 16 (general) survive termination.

11. Australian Consumer Law and statutory rights

Nothing in these Terms excludes, restricts, or modifies any consumer guarantees, rights, or remedies you may have under the Australian Consumer Law (Schedule 2 of the Competition and Consumer Act 2010) or under similar consumer protection legislation in your jurisdiction.

To the extent we are able to limit our liability for breach of a consumer guarantee, our liability is limited (at our option) to:

  • supplying the Service again, or
  • paying the cost of having the Service supplied again

If you are an EU consumer, nothing in these Terms removes your rights under EU consumer protection law, including any applicable rights under the Consumer Rights Directive.

12. Warranties and disclaimer

12.1 What we warrant

We warrant that we will provide the Service with reasonable care and skill, in accordance with the description on our website and these Terms.

12.2 What we do not warrant

To the maximum extent permitted by law and subject to section 11:

  • We do not warrant that the Service will be uninterrupted, error-free, or available at all times
  • We do not warrant that the Service will meet your specific requirements
  • We do not warrant that the Service is suitable for any specific purpose beyond the general description provided
  • We do not warrant the conduct of other users, including Senders or Recipients you interact with through the Service
  • We do not warrant against losses arising from your failure to safeguard your Account credentials, your recovery codes, or your retrieval URLs

The Service is provided “as is” and “as available” except as specifically set out in these Terms and as required by section 11.

13. Limitation of liability

Subject always to section 11 (which prevails over this section to the extent of any inconsistency):

13.1 Excluded losses

To the maximum extent permitted by law, we are not liable for:

  • Indirect, incidental, special, consequential, or punitive damages
  • Loss of profits, revenue, goodwill, or anticipated savings
  • Loss of data (including loss of Secret content, recovery codes, or retrieval URLs)
  • Loss arising from your inability to access an Account due to loss of credentials
  • Loss arising from a Recipient’s misuse of a Secret after receipt
  • Loss arising from a Sender’s incorrect use of the Service (sending to wrong Recipient, including unintended content)

13.2 Cap on liability

Our total aggregate liability to you for all claims arising out of or related to the Service or these Terms in any 12-month period is limited to AUD $100.

This cap reflects the fact that the Service is currently provided free of charge. If paid tiers are introduced in the future, the cap may be revised in subscription-specific terms to reflect the fees paid.

This cap does not apply to liability that cannot be limited under Australian law (including liability under section 11).

14. Indemnity

You agree to indemnify and hold us harmless from any claims, losses, liabilities, costs, and expenses (including reasonable legal fees) arising from:

  • Your breach of these Terms
  • Your violation of any law or third-party rights
  • Your use of the Service in a manner that causes harm to a Recipient or any third party
  • Content you send through the Service

This indemnity does not apply to the extent the loss is caused by our negligence or breach of these Terms.

15. Disputes

15.1 First, talk to us

If you have a complaint or dispute about the Service, please contact us at support@vanishly.link first. We commit to acknowledging your complaint within 5 business days and working with you in good faith to resolve it within 30 days.

15.2 Governing law and jurisdiction

These Terms are governed by the laws of Queensland, Australia. Any dispute that cannot be resolved through good-faith negotiation will be submitted to the exclusive jurisdiction of the courts of Queensland, Australia.

15.3 EU consumer exception

If you are an EU consumer, you may bring proceedings in the courts of the EU member state where you are habitually resident, and the mandatory consumer protection laws of that member state may apply to the extent they provide greater protection than these Terms.

15.4 Online Dispute Resolution

If you are an EU consumer, you can also use the EU Online Dispute Resolution platform: https://ec.europa.eu/consumers/odr

16. General

16.1 Entire agreement

These Terms, together with our Privacy Policy and Security Policy, form the entire agreement between you and us regarding the Service and supersede any prior agreements.

16.2 Amendments

We may amend these Terms from time to time. Material changes will be notified by email to your Account email address and through in-app notification at least 14 days before they take effect. Continued use of the Service after the effective date constitutes acceptance. If you do not accept the changes, you may cancel your subscription before they take effect.

16.3 Severability

If any provision of these Terms is held to be invalid or unenforceable, the remaining provisions continue in force.

16.4 No waiver

Our failure to enforce any provision is not a waiver of our right to enforce that provision later.

16.5 Assignment

You cannot assign your rights or obligations under these Terms without our written consent. We may assign these Terms in connection with a merger, acquisition, or sale of substantially all of our assets, provided we notify you and your rights are not materially diminished.

16.6 Force majeure

We are not liable for failure to perform our obligations due to circumstances beyond our reasonable control, including but not limited to acts of God, natural disasters, war, terrorism, civil unrest, government action, internet or power outages, or third-party service failures (including our hosting providers or Stripe).

16.7 Contact

For Service-related questions, please use the relevant address:

These Terms were last updated on 28th May 2026. Previous versions are available on request.