Vendium
Terms of Service
🔒 Privacy & Security

Privacy Guide

🛡️ Privacy Promise

No selling of data
Minimal data collection
Strong encryption
Your control

Quick Actions

📋 Terms of Service🔒 Privacy Questions

Privacy Policy

Last updated: 12/29/2025
GDPR Compliant
Version 3.0

Our Privacy Commitment

At Vendium, your privacy is fundamental to our mission. We collect only what's necessary, protect everything we store, and give you complete control over your data. This policy explains exactly how we handle your information.

Data Protection

Enterprise-grade security and encryption

User Control

Full control over your data and privacy settings

Transparency

Clear policies and honest communication

1. Information We Collect

We collect information you provide directly to us, such as when you create an account, make a purchase, or contact us for support:

Personal Information

  • Name and email address
  • Profile information
  • Communication preferences

Automatically Collected

  • Usage analytics (anonymized)
  • Device information
  • Performance metrics

Business Information

  • Store configuration
  • Product catalogs
  • Transaction history

What We DON'T Collect

  • Payment card details
  • Social media passwords
  • Unnecessary personal data

2. How We Use Your Information

We use the information we collect to provide, maintain, and improve our services. Here's how we use your data:

Core Services

  • Process transactions and payments
  • Deliver digital products and services
  • Maintain your account and dashboard
  • Provide customer support

Communications

  • Send transaction confirmations
  • Deliver technical notices
  • Respond to your inquiries
  • Share platform updates

Security & Fraud Prevention

  • Detect fraudulent transactions
  • Prevent unauthorized access
  • Monitor for suspicious activity
  • Enhance platform security

Analytics & Improvement

  • Analyze usage patterns (anonymized)
  • Improve platform performance
  • Develop new features
  • Monitor service quality

3. Information Sharing

We do not sell, trade, or rent your personal information to third parties. We may share your information only in specific, limited circumstances.

Authorized Sharing

  • With your explicit consent
  • Service providers (payment processing)
  • Legal compliance requirements
  • Protecting our rights and safety

Trusted Partners

  • Stripe (payment processing)
  • Cloud hosting providers
  • Email service providers
  • Analytics services (anonymized)

We Never Share

  • Personal data for advertising
  • Customer lists or contacts
  • Financial information
  • Private communications

Data Protection Standards

  • Contractual data protection
  • Minimal data sharing principle
  • Regular partner audits
  • GDPR compliance requirements

4. Data Security

We implement comprehensive security measures to protect your information:

🔐

End-to-End Encryption

Data encrypted in transit and at rest using AES-256

🛡️

Access Controls

Multi-factor authentication and role-based permissions

🔍

Regular Audits

Monthly security assessments and penetration testing

6. Your Rights

You have comprehensive rights regarding your personal information:

Access & Transparency

  • Request copies of your data
  • See how we use your information
  • Know who we share data with

Correction & Updates

  • Correct inaccurate information
  • Update your preferences
  • Complete partial records

Deletion & Erasure

  • Delete your account and data
  • Remove specific information
  • Right to be forgotten

Portability & Control

  • Export your data
  • Transfer to another service
  • Object to processing

7. Cookies and Tracking

We use cookies responsibly to improve your experience and provide essential functionality. You have full control over cookie preferences.

✅ Essential Cookies

Required for basic functionality:

  • • Authentication
  • • Security
  • • Shopping cart

📊 Analytics Cookies

Help us improve (optional):

  • • Usage patterns
  • • Performance metrics
  • • Error tracking

🎯 Preference Cookies

Remember your choices:

  • • Language settings
  • • Theme preferences
  • • Display options

5. Data Retention

We retain your personal information for as long as necessary to provide our services and comply with legal obligations.

Account Data

  • Active account: Duration of use
  • Closed account: 90 days
  • Login records: 1 year
  • Profile information: Until deletion

Transaction Data

  • Payment records: 7 years
  • Invoice data: 7 years
  • Refund records: 7 years
  • Tax documents: 7 years

Security & Logs

  • Security logs: 2 years
  • Error logs: 1 year
  • Access logs: 6 months
  • Audit trails: 3 years

Data Deletion

  • Automatic deletion after retention period
  • Secure deletion methods used
  • Backup purging included
  • Legal hold exceptions apply

8. Third-Party Services

We work with carefully selected third-party services to provide you with the best experience. Here's what you need to know:

Payment Processors

  • Stripe (credit cards, bank transfers)
  • PayPal (digital payments)
  • CashApp (mobile payments)
  • Cryptocurrency processors

Infrastructure Services

  • Cloud hosting providers
  • Content delivery networks
  • Database services
  • Security monitoring

Communication Services

  • Email delivery services
  • SMS notification providers
  • Customer support tools
  • Marketing automation

Data Protection Standards

  • All partners are GDPR compliant
  • Data processing agreements signed
  • Regular security audits conducted
  • Data minimization principles applied

9. International Data Transfers

Your data may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place.

Approved Mechanisms

  • Standard Contractual Clauses (SCCs)
  • Adequacy decisions
  • Binding corporate rules
  • Privacy Shield (where applicable)

Data Processing Locations

  • Primary: European Union
  • Secondary: United States
  • Backup: Canada
  • CDN: Global (anonymized)

Security Measures

  • End-to-end encryption in transit
  • At-rest encryption in all locations
  • Regular security assessments
  • Incident response protocols

Your Rights

  • Request information about transfers
  • Object to international processing
  • File complaints with supervisory authorities
  • Access copies of safeguard documents

10. Children's Privacy

Our services are not intended for children under 13. We do not knowingly collect personal information from children under 13 years of age.

Age Restrictions

  • Minimum age: 13 years
  • EU users: 16 years (GDPR)
  • Age verification required
  • Parental consent for minors

Protection Measures

  • No targeted advertising to minors
  • Enhanced privacy controls
  • Regular compliance audits
  • Staff training on child protection

If We Discover Child Data

  • Immediate account suspension
  • Parent/guardian notification
  • Data deletion within 48 hours
  • Authorities notified if required

Report Concerns

  • Email: children@vendium.com
  • Response within 24 hours
  • Dedicated child protection team
  • Anonymous reporting available

11. Changes to Privacy Policy

We may update this privacy policy from time to time. Here's how we handle changes and keep you informed:

Types of Changes

  • Minor clarifications
  • Legal requirement updates
  • New feature additions
  • Service improvements

How We Notify You

  • Email notification to users
  • Dashboard notifications
  • Website banner announcement
  • 30-day advance notice

Material Changes

  • Data use modifications
  • Sharing policy updates
  • Rights and control changes
  • Require explicit consent

Your Options

  • Review changes before effective date
  • Contact us with questions
  • Opt out of material changes
  • Close account if disagreeing

13. GDPR Compliance

We are committed to full compliance with the General Data Protection Regulation (GDPR) and other applicable privacy laws.

Compliance Features

  • Lawful basis for processing
  • Data Protection Impact Assessments
  • Privacy by design principles
  • Data breach notifications

Your GDPR Rights

  • Right to access
  • Right to rectification
  • Right to erasure
  • Right to data portability

Exercise Your Rights

  • Submit requests via email
  • Identity verification required
  • Response within 30 days
  • Free of charge (usually)

Supervisory Authority

If you're not satisfied with our response, you can lodge a complaint with your local data protection authority.

EU residents: Contact your national DPA

UK residents: ICO (ico.org.uk)

12. Contact Us

Have questions about your privacy or this policy? We're here to help:

🔒 Privacy Officer

Response time:24 hours

👤 Data Protection

DPO Email:dpo@vendium.com
GDPR requests:48 hours

📞 General Support

Support Email:support@vendium.com
Response time:2-8 hours

© 2025 Vendium. Your privacy is our priority.

Terms of Service|Privacy Questions|Back to Home