Looking for UK-specific content?
Visit UK website
US & worldwide
UK
DACH
Expertise
Services
Software development
Web development
Mobile development
Quality Assurance
DevOps
Cloud consulting
Cybersecurity
Technologies
AI
Backend
Frontend
AR/VR
Blockchain
Big data
All technologies
Platforms
AWS
Azure
Google Cloud
Salesforce
SharePoint
calculator
Want to start a project with us but need cost details? Click here for an estimate
Industries
Fintech
Proptech
Automotive
Foodtech
Ecommerce
Healthtech
Edtech
Game dev
Adtech
calculator
Project price calculatorAssess your costs in 60 seconds.
Get my free estimate
Engagement models
Staff augmentation
Dedicated teams
Project outsourcing
Solutions for startups
Solutions for enterprises
Solutions for AI companies
calculator
Project price calculatorAssess your costs in 60 seconds.
Get my free estimate
Portfolio
About us
Who we are
How we work
Why Vention
Our partnerships
Testimonials
Locations
Newsroom
Media kit
Careers
AI manifesto
Vention Impact
Incubator contest
about us
Our approachDiscover how we bring engineering peace of mind to every project.
Learn more
Insights
Contact us
Expertise
Industries
Engagement models
Portfolio
About us
Insights
Light mode
Contact us

Privacy Policy for Vention App

At VENSOLUTIONSGROUP LTD, with its registered office at Griva Digeni 59, Kaimakliotis Building, 5th Floor, 6043 Larnaca, Cyprus ("we," "our," or "the Company"), we value your privacy and are committed to protecting and respecting your personal information. This Privacy Policy ("Policy") explains how we collect, use, disclose, and safeguard your data when you access and use our Customer Portal ("Portal").

The Company is the data controller for the personal data we collect from users of the Portal. As the data controller, we are responsible for determining the purposes and means of processing your personal data.

We are committed to complying with applicable data protection laws, including the General Data Protection Regulation ("GDPR") for users in the European Union, the California Consumer Privacy Act ("CCPA") for users in California, USA, and other relevant data protection laws worldwide.

This Policy outlines the types of personal data we collect, the purposes for which we use it, how we protect it, and the rights you have regarding your personal data. Please read this Policy carefully to understand how we handle your data and ensure that we are meeting our legal obligations to safeguard your privacy.

Section 1: Data Collection

Personal Data We Collect

We collect specific personal data from users during the registration process to provide access to and functionality within the Portal. The following personal data is collected:

  • Email address
  • User ID
  • First name
  • Last name
  • Job title (optional)

Authentication Cookies

The Company will collect session cookies necessary for user authentication. These cookies are used solely for the purpose of maintaining user sessions while logged into the Portal. Session cookies ensure that users can access the Portal and utilize its features without needing to log in repeatedly.

Section 2: Data Usage and Purpose

Purpose of Data Collection

The personal data collected from users is used for the following purposes:

  • Account Creation and Authentication: The personal data is used to create and manage user accounts within the Portal. This allows users to access the Portal and its features securely, including team management, scheduling, and other functionality.
  • Portal Functionality: We use your data to provide the core functionality of the Portal, such as managing teams, scheduling tasks, providing feedback mechanisms, and displaying organizational charts. This ensures a seamless user experience and proper coordination of services.
  • Communication: Your data may be used to communicate with you regarding your account, including notifications, updates, and important information related to your use of the Portal.

Section 3: Legal Basis for Processing

Consent as the Legal Basis

The legal basis for processing personal data under this Privacy Policy is consent. By voluntarily providing your personal data during the registration process for the Portal, you are giving your consent to the collection and use of that data for the purposes outlined in this Policy. You may withdraw your consent at any time by contacting us, although such withdrawal will not affect the lawfulness of processing based on consent before its withdrawal.

 

Cross-Border Data Transfers

As a global service provider, we may transfer your personal data to jurisdictions outside of your country of residence, including to countries that may not offer the same level of data protection as your home jurisdiction. In such cases, we will ensure that appropriate safeguards are in place to protect your data, such as the implementation of Standard Contractual Clauses (SCCs) or other legal mechanisms recognized under applicable data protection laws.

Section 4: Data Retention

Retention Period

We will retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, as outlined in this Policy. The retention period may vary depending on the type of data and the specific purpose of its use. For example, we will retain personal data related to your account while it remains active or as long as required to provide functionality within the Portal.

In certain circumstances, we may retain data for longer periods, such as when required by law or for the establishment, exercise, or defense of legal claims.

 

Account Deactivation and Data Deletion

If your account is deactivated or if you request deletion of your personal data, we will take reasonable steps to ensure that your data is securely deleted, subject to any legal requirements that may necessitate its retention.

 

Retention of Inactive Accounts

In cases where an account is inactive for a specified period, we may retain personal data to comply with legal obligations, prevent fraud, or for legitimate business interests.

You have the right to request the deletion of your personal data at any time, subject to any legal exceptions that may apply.

Section 5: Data Sharing

We do not sell, rent, or lease your personal data to third parties. However, we may share your personal data in the following limited circumstances:

1. With Affiliates or Service Providers: We may share personal data with trusted affiliates or third-party service providers who assist in operating the Portal. These service providers are only permitted to use your data for the purpose of providing services to us and are contractually obligated to protect your data in accordance with this Policy.

2. For Legal Compliance: We may disclose personal data if required by law or in response to a valid legal request, such as a subpoena, court order, or government inquiry. This disclosure will occur only when necessary to comply with legal obligations or to protect the rights, property, and safety of the Company, our users, or others.

3. In Case of Business Transfers: In the event of a merger, acquisition, or sale of all or a portion of our business, your personal data may be transferred to the acquiring entity or successor in the transaction. We will notify you of such a transfer, and the new entity will be bound by the terms of this Policy.

4. With Your Consent: We may share your personal data with other third parties if you have provided explicit consent for us to do so.

Section 6: Security Measures

Data Protection and Security

We take the protection of your personal data seriously and implement appropriate technical and organizational measures to safeguard it against unauthorized access, disclosure, alteration, and destruction. These measures include:

  • Encryption: We use industry-standard encryption technologies to protect sensitive data in transit, including personal data entered during account creation and authentication.
  • Password Security: We do not store passwords in plaintext. Instead, we use encryption and hashing methods to securely store your credentials. Only encrypted versions of your passwords are retained for authentication purposes. 
  • Multi-Factor Authentication: To further enhance security, we may implement multi-factor authentication (MFA) for user accounts. This ensures that only authorized users can access the Portal.
  • Regular Security Audits: We conduct regular security audits and assessments to ensure that our data protection measures are effective and up to date with industry best practices.

 

Data Storage and Transmission

All personal data is stored in secure systems, protected by firewalls, access controls, and other security measures to prevent unauthorized access. Additionally, data in transit is encrypted to ensure that it remains secure when transferred between servers and users.

 

Limitations of Security

While we strive to protect your personal data, no method of transmission over the Internet or method of electronic storage is entirely secure. Therefore, we cannot guarantee absolute security, but we will take all reasonable measures to protect your information.

Section 7: User Rights

Your Rights Regarding Personal Data

Under applicable data protection laws, you have certain rights regarding your personal data. These rights include:

  • Right to Access: You have the right to request access to the personal data we hold about you. Upon request, we will provide you with a copy of your personal data, along with information about how it is being processed.
  • Right to Correct: If the personal data we hold about you is incorrect or incomplete, you have the right to request that we correct or update it.
  • Right to Deletion: You have the right to request the deletion of your personal data, subject to any legal exceptions that may apply (e.g., when we are required to retain your data for legal or business purposes). If you request deletion, we will take appropriate steps to erase your data from our systems.
  • Right to Restriction of Processing: You may request the restriction of processing of your personal data in certain circumstances, such as when you contest the accuracy of the data, or when you have objected to the processing based on legitimate interests.
  • Right to Data Portability: In certain circumstances, you have the right to request a copy of your personal data in a structured, commonly used, and machine-readable format. You can also request that we transfer this data to another controller, where technically feasible.
  • Right to Object: You have the right to object to the processing of your personal data in certain situations, including when processing is based on legitimate interests or direct marketing purposes.

Exercising Your Rights

To exercise your rights, you can contact us at the contact details provided in this Policy. We will respond to your request in accordance with applicable data protection laws, typically within one month. However, this period may be extended in certain cases, especially if the request is complex or involves a large volume of data.

 

Right to Lodge a Complaint

If you believe that we have not complied with data protection laws when processing your personal data, you have the right to lodge a complaint with a supervisory authority in your jurisdiction. For users in the European Union, this would typically be the relevant data protection authority in your country of residence.

Section 8: Data Breach Notification

 

Notification of Data Breaches

In the event of a data breach that affects your personal data, we are committed to notifying you promptly, in accordance with applicable data protection laws. A data breach refers to any unauthorized access, disclosure, alteration, or destruction of personal data that could potentially harm your privacy or security.

 

Assessment of the Breach

Upon discovering a data breach, we will assess the nature and scope of the breach, identify the data affected, and evaluate the potential risks to your privacy and security. We will take immediate action to contain the breach, prevent further unauthorized access, and mitigate any potential harm.

 

Notification Process

If the breach is likely to result in a high risk to your rights and freedoms, we will notify you without undue delay, providing clear and concise information about the breach. The notification will include the nature of the breach, the personal data involved, the potential consequences, and the measures taken to address and mitigate the breach.

 

Regulatory Reporting

In addition to notifying affected individuals, we will also report the breach to the relevant supervisory authority as required by applicable data protection laws, such as the GDPR. This notification will occur within the statutory timeframe, typically 72 hours from the discovery of the breach, unless it is unlikely to result in a risk to your rights and freedoms.

 

Preventative Measures

Following a data breach, we will review our security protocols and systems to identify any weaknesses and implement further protective measures to prevent future breaches. This may include improving data encryption, strengthening access controls, or enhancing employee training on data protection best practices.

Section 9: CCPA

 

California Consumer Privacy Act (CCPA)

The CCPA provides California residents with specific rights regarding their personal data. If you are a resident of California, you have the following rights:

  • Right to Know: You have the right to request that we disclose the categories and specific pieces of personal data we have collected about you, as well as the purposes for which that data is used.
  • Right to Delete: You have the right to request the deletion of your personal data that we have collected, subject to certain exceptions, such as when the data is necessary for legal compliance or business purposes.
  • No Sale or Sharing of Personal Data: We do not sell or share personal data under the CCPA, and we will not do so in the future. Therefore, the right to opt-out of the sale of personal data does not apply in our case.
  • Right to Non-Discrimination: You have the right to exercise your CCPA rights without facing discrimination.

 

Exercising Your CCPA Rights

To exercise your rights under the CCPA, you may submit a verifiable request by contacting us at the contact details provided in this Policy. We will respond to your request within 45 days of receiving it. If we require more time, we will notify you and inform you of the reasons for the delay.

Section 10: Changes to the Policy

 

Updates to the Policy

We may update or modify this Policy from time to time to reflect changes in our practices, legal obligations, or improvements in our services. When we make significant changes to the Policy, we will provide clear notice to users, either through email notifications or by posting an updated version on the Portal.

 

Notification of Changes

Users will be notified of material changes to the Policy through a prominent notice on the Portal or via email, depending on the nature of the change. It is important that you review this Policy periodically to stay informed of how your personal data is being handled and the rights available to you.

 

Effective Date

The effective date of this Policy is the date it is published or last updated. All changes to this Policy will take effect from the effective date of the updated version, unless otherwise specified.

 

Your Consent to Changes

By continuing to use the Portal after the Policy has been updated, you consent to the revised terms and agree to the collection, use, and processing of your personal data as outlined in the updated Policy. If you do not agree with the changes, you should discontinue use of the Portal and may request the deletion of your personal data.

 

Section 11: Contact Information

Contacting Us

If you have any questions, concerns, or requests regarding this Policy or our practices regarding personal data, please do not hesitate to contact us. We are committed to addressing your concerns and providing assistance.

 

You can reach us at the following contact details:

Email: hello@ventionteams.com