vendorapp logo

Docs

Sign in

Vendorapp Privacy Policy

Introduction

Welcome to Vendorapp! This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website www.vendorapp.co (the "Site") and use our web application (the "App"). By accessing or using the Site and App, you agree to this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not use the Site and App.

This Privacy Policy complies with applicable data protection regulations, including the General Data Protection Regulation (GDPR) for users in the EU/UK and the California Consumer Privacy Act (CCPA) for users in California, USA.

1. Information We Collect

1.1 Personal Information

We collect personal information directly from you when you create an account or register with our Site and App. This information includes:

  • Name
  • Phone numbers
  • Email addresses
  • Job titles
  • Usernames
  • Contact details for authentication

1.2 Billing Information

If you sign up for a paid plan, we collect additional billing information, including:

  • Billing addresses
  • Payment details (processed securely by Stripe; Vendorapp does not store financial information)

1.3 Derivative Data

We collect derivative data for tracking and analytics purposes, including:

  • Log and usage data
  • Device data
  • Location data

1.4 Payment Processing Details

Payments made through Vendorapp are securely processed via Stripe. While Vendorapp does not store financial details such as credit card numbers, Stripe may retain billing transaction records in compliance with financial and tax regulations.

1.5 Support Ticket Data

We use Microsoft 365 for managing support tickets. If you contact us for support, your email address and name may be stored in our ticketing system.

1.6 Cookies and Tracking Technologies

Our Site and App use cookies and similar tracking technologies to improve user experience, analyze usage patterns, and provide relevant advertising. You can adjust cookie preferences through your browser settings.

2. Use of Your Information

We use the information we collect to provide and improve our services and to fulfill contractual obligations, including:

  • Enabling user-to-user communications
  • Identifying usage trends
  • Requesting feedback
  • Sending marketing and promotional communications

You can unsubscribe from marketing and promotional communications by clicking the unsubscribe link at the bottom of our marketing emails.

3. Subprocessors

To provide the best service, we work with the following subprocessors:

SubprocessorPurposeData Processed
Microsoft AzureHosting and data storageCustomer data stored in dedicated tenant spaces
Azure OpenAIVendorapp Intelligence (AI)Query data stored within each customer's tenant
Microsoft 365Support ticketingNames and email addresses (PII)
BrandfetchFetching vendor names & logosPublicly available data only
KindeAuthenticationPasswordless authentication (no passwords stored)
StripePayment processingSecure handling of customer payment details

We ensure that all subprocessors handle data in compliance with GDPR, CCPA, and other applicable laws.

4. Data Security & Retention

4.1 Encryption

We use encryption to protect data at rest and in transit, ensuring that customer data remains secure.

4.2 Retention

  • Customer data is stored as long as the account remains active.
  • Upon termination of the account, data is deleted within 90 days, unless retention is required for legal, tax, or compliance reasons.
  • Payment processing records (handled by Stripe) may be retained for up to 7 years in accordance with financial regulations.

4.3 Data Deletion Requests

Users may request deletion of their data at any time by contacting us at support@vendorapp.co. We will process such requests in compliance with legal and regulatory obligations.

5. GDPR & CCPA Compliance & User Rights

If you are an EU/UK user, you have the right to:

  • Access your personal data
  • Rectify incorrect or incomplete data
  • Request deletion of your data
  • Object to processing under certain circumstances
  • Request data portability to another service provider

If you are a California resident (CCPA compliance), you have the right to:

  • Request disclosure of the categories of personal data collected and processed
  • Request deletion of your personal data (subject to legal exceptions)
  • Opt-out of the sale of personal data (Vendorapp does not sell user data)

You may also object to our use of subprocessors under GDPR by contacting us at support@vendorapp.co. If an objection is raised, Vendorapp will evaluate alternative processing options, though refusal of essential subprocessors may limit service functionality.

6. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date. By continuing to use the Site and App after any changes are made, you agree to the revised Privacy Policy.

Users will be notified of significant changes via email or through the Vendorapp platform.

7. Governing Law

This Privacy Policy shall be governed and construed in accordance with the laws of England and Wales. Any disputes shall be subject to the exclusive jurisdiction of the courts of England and Wales.

8. Contact Us

If you have any questions about this Privacy Policy or our privacy practices, please contact us at:

Email: support@vendorapp.co

Address: Vendorapp Limited, 1 Park Road, Hampton Wick, Kingston Upon Thames, Surrey, KT1 4AS, United Kingdom