A safe place for the data your products run on.
Personalised commerce means collecting names, dates, photos and videos before purchase. The vault holds it under TTL, promotes it on payment and hands it to fulfilment — without touching your servers.
- recipient
- Maya
- occasion
- wedding
- date
- 2026-09-14
- portrait
- portrait.jpg · 18.4 MB
- voice
- voice_message.mp3 · 6.2 MB
Built for stores that sell something personal.
The vault was designed for personalised commerce — engraved jewellery, custom prints, made-to-order goods — where the order is half data.
Direct-to-storage uploads
Large files go straight from the shopper's browser to object storage via presigned URLs. Your storefront never proxies binary payloads.
TTL-managed records
Records auto-expire if the cart is abandoned and become permanent the moment the order is paid. No janitor scripts to write.
Two-credential model
Storefront tokens can write but never read. Trusted backend tokens can read for fulfilment. The split is enforced at the API edge.
OpenAPI 3.1 spec
Every endpoint is documented in a versioned OpenAPI spec with interactive try-it docs. Generate clients in any language.
Per-store isolation
Each storefront gets its own namespace, credentials and storage prefix. One store's data can never leak into another.
Files up to 100 MB
Photos, short videos, high-resolution mockups — each up to 100 MB. Batch uploads supported for multi-image customisations.
One call to collect, one call to read.
Storefront writes get a record ID and presigned upload URLs back in a single round trip. Fulfilment reads the sealed record on demand.
POST /v1/vault/records
authorization: Bearer pk_store_live_…
{
"store_id": "str_paperandpine",
"ttl_seconds": 1800,
"fields": {
"recipient_name": "Maya",
"occasion": "wedding",
"engraving_date": "2026-09-14"
},
"file_slots": [
{ "key": "portrait", "mime": "image/jpeg", "max_bytes": 26214400 },
{ "key": "voice_message", "mime": "audio/mpeg", "max_bytes": 10485760 }
]
}201 Created
{
"id": "vlt_01HX2K9V7C4M3RZ8N5T9YQE0AB",
"store_id": "str_paperandpine",
"status": "pending",
"expires_at": "2026-05-28T14:52:41.108Z",
"uploads": {
"portrait": {
"url": "$PERSEVO_UPLOAD/u/01HX2K9V7C4…",
"method": "PUT",
"expires_in": 900
},
"voice_message": {
"url": "$PERSEVO_UPLOAD/u/01HX2K9V7D8…",
"method": "PUT",
"expires_in": 900
}
}
}Storefront tokens can create records and request upload URLs, but cannot list or read them back. Reading requires a trusted backend token scoped to your fulfilment workers. A leaked storefront key cannot exfiltrate customer data.
From shopper input to finished order.
- 01
Shopper inputs
Names, dates, photos, videos collected on the storefront.
- 02
Vault record (TTL)
Record created with a short TTL. Files upload direct to storage.
- 03
Customer pays
Checkout completes. The vault record is sealed and promoted.
- 04
Vault confirmed
TTL is removed. The record is permanent and audit-logged.
- 05
Fulfilment reads
Backend token retrieves text fields and signed file URLs.
Abandoned records expire automatically at the end of their TTL. Files are removed from object storage at the same time — no orphaned blobs, no GDPR liability hanging around.
Sized for real personalisation workloads.
If your products are personal, your data plan should be too.
Tell us what your shoppers customise and how your fulfilment reads it. We'll map it to the vault in under an hour.