Privacy Policy for Vervana.io

Introduction

Welcome to vervana.io (the "Website"). Vervana.io is a website owned and operated by Vervana, domiciled in The Netherlands at Lange Hilleweg 218, Rotterdam Netherlands (hereinafter referred to as "Vervana", "we," "us," or "our").

At Vervana, we are committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy explains how we collect, use, disclose, and protect your personal data when you use our Website and interact with our services, specifically including when you use our contact form to make inquiries.

We operate in accordance with the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) and other applicable data protection laws, including Dutch national laws implementing GDPR.

Data Controller

For the purposes of the GDPR, Vervana is the Data Controller responsible for the processing of your personal data through this Website.

Contact Details of the Data Controller:

Vervana

Lange Hilleweg 218, Rotterdam Netherlands

hello@vervana.io

Personal Data We Collect

We may collect and process the following categories of personal data:

Information You Provide Voluntarily

• Contact Form Data: When you use our contact form on the Website to make an inquiry, we collect the following data:
  • First Name
  • Last Name
  • Email Address
  • Phone Number
  • Any additional information you choose to include in the "message" field of the contact form.
• Newsletter Subscriptions: If you subscribe to our news letter, we will collect your email address.
• Feedback and Surveys: Information you provide if your participate in surveys or provide feedback.

Information Collected Automatically

• Website Usage Data: We automatically collect certain information about your visit to our Website, including:
  • IP Address: Your internet protocol (IP) address.
  • Browser Type and Version: The type and version of web browser you are using.
  • Operating System: Your operating system.
  • Referral Source: The website that referred you to our Website.
  • Pages Visited: The pages you visit on our Website.
  • Date and Time of Visit: The date and time of your visit.
  • Device Information: Device type, screen resolution, and other technical specifications.
• Cookies and Similar Technologies: We use cookies and similar tracking technologies (like web beacons and pixels) to collect information about your browsing activities on our Website. Please refer to our Cookie Policy (Section 11 below) for more details.

Legal Basis for Processing Your Personal Data

We will only process your personal data when we have a valid legal basis to do so under the GDPR. These legal bases may include:

• Legitimate Interests: For processing your data collected through the contact form, our legal basis is primarily our legitimate interest in responding to inquiries from prospective clients and other interested parties, providing information about our services, and managing communications effectively. This legitimate interest is balanced against your rights and freedoms, as we only collect data necessary to respond to your inquiry, and we provide clear information about our data processing practices in this Privacy Policy.
• Consent: We may process your data based on your explicit consent in some cases, particularly for newsletter subscriptions and certain types of cookies. You have the right to withdraw your consent at any time.
• Contract: Processing may be necessary for the performance of a contract to which you are a party or to take steps at your request prior to entering into a contract (e.g., if your inquiry is related to a potential service agreement).
• Legal Obligation: Processing is necessary for compliance with a legal obligation to which we are subject.

Purposes of Processing Your Personal Data

We process your personal data for the following purposes:

• To Provide and Improve Our Website: To operate, maintain, and improve our Website and its functionality.
• To Respond to Your Inquiries made via the Contact Form: To use the data you provide in the contact form (First Name, Last Name, Email, Phone Number, and message content) to effectively respond to your questions, requests, and provide information about our software development services. This includes contacting you via email or phone based on the information you provided.
• To Provide Services: To provide you with information about our software development services and respond to service requests beyond initial inquiries, potentially stemming from contact form submissions.
• Marketing Communications (if applicable): To send you newsletters, marketing materials, and promotional communications about our services, only where you have specifically consented to receive such communications (e.g., through a separate newsletter sign-up) or where permitted by applicable law. We will not automatically add you to marketing lists simply because you used the contact form unless you have provided explicit consent for marketing.
• Security and Fraud Prevention: To protect our Website and systems from unauthorized access, misuse, and security threats.
• Legal Compliance: To comply with applicable laws and regulations.

Disclosure of Your Personal Data

We may disclose your personal data to the following categories of recipients:

• Service Providers: We may share your personal data with third-party service providers who assist us in operating our Website, providing our services, conducting our business, or performing functions on our behalf. These service providers may include:
  • Website hosting providers
  • Analytics providers (e.g., Google Analytics)
  • Email marketing providers
  • CRM (Customer Relationship Management) software providers
  • IT support providers
  • Security providers
• Business Partners (if applicable): We may share data with business partners if necessary to provide you with our services or for joint marketing activities (only with your consent where required).
• Legal Authorities: We may disclose your personal data to competent legal authorities, government bodies, or other organizations if we are legally required to do so, or if we believe that such disclosure is necessary to:
  • Comply with a legal obligation.
  • Protect our rights, property, or safety, or the rights, property, or safety of others.
  • Investigate or prevent fraud or illegal activities.
  • In connection with a business transfer: In the event of a merger, acquisition, sale of assets, or other business transfer, your personal data may be transferred to the acquiring entity or third party involved. We will inform you in advance of such a transfer and ensure your data remains protected.

International Data Transfers

Your personal data may be transferred to and processed in countries outside of the European Economic Area (EEA) that may not have data protection laws equivalent to those in the EEA.

When we transfer your personal data outside the EEA, we will ensure that appropriate safeguards are in place to protect your data in accordance with GDPR requirements. These safeguards may include:

• Standard Contractual Clauses: Implementing Standard Contractual Clauses approved by the European Commission for data transfers outside the EEA.
• Binding Corporate Rules: For transfers within a corporate group, we may rely on Binding Corporate Rules.
• Adequacy Decisions: Transferring data to countries that the European Commission has recognized as providing an adequate level of data protection.

We will take all reasonable steps to ensure that your data is treated securely and in accordance with this Privacy Policy and applicable data protection laws, regardless of where it is processed

Data Security

We implement appropriate technical and organizational security measures to protect your personal data against unauthorized access, use, disclosure, alteration, or destruction. These measures include:

• Encryption: Using encryption technologies (e.g., HTTPS) to protect data transmitted over the internet.
• Access Controls: Implementing access controls and limiting access to your personal data to authorized personnel.
• Data Minimization and Pseudonymization: Where appropriate, we use data minimization and pseudonymization techniques.
• Regular Security Assessments: Conducting regular security assessments and updates to our systems and security measures.
• Data Breach Procedures: Establishing procedures to handle potential data breaches in accordance with GDPR requirements.

While we strive to protect your personal data, please be aware that no method of transmission over the internet or method of electronic storage is completely secure. Therefore, we cannot guarantee absolute security.

Data Retention

We will retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.

The retention period will depend on the specific type of personal data and the purpose for which it is processed. For example:

• Contact Form Data: We will retain contact form data for a reasonable period after responding to your inquiry and concluding our communication related to that specific inquiry. This period will typically be 12 months, allowing us to manage follow-up, maintain a record of inquiries, and understand trends. If your inquiry leads to an ongoing client relationship, the data may be retained for a longer period as part of our client management records, governed by a separate client agreement and privacy terms where applicable. If the inquiry does not lead to further engagement, after the specified period, we will securely delete or anonymize the contact form data.
• Newsletter Subscriptions: We will retain your email address for as long as you remain subscribed to our newsletter.
• Website Usage Data: Website usage data may be retained for a defined period for analytical purposes, typically anonymized or aggregated.

After the applicable retention period expires, we will securely delete or anonymize your personal data in accordance with our data retention policies.

Your Rights Under the GDPR

Under the GDPR, you have the following rights regarding your personal data:

• Right to Access: You have the right to request access to the personal data we hold about you and to receive a copy of that data.
• Right to Rectification: You have the right to request that we correct any inaccurate or incomplete personal data we hold about you.
• Right to Erasure ("Right to be Forgotten"): You have the right to request that we erase your personal data under certain circumstances (e.g., when the data is no longer necessary for the purposes for which it was collected, when you withdraw consent, etc.).
• Right to Restriction of Processing: You have the right to request that we restrict the processing of your personal data under certain circumstances (e.g., while we are verifying the accuracy of your data, if the processing is unlawful).
• Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller, where technically feasible and the processing is based on consent or contract and carried out by automated means.
• Right to Object: You have the right to object to the processing of your personal data based on our legitimate interests or for direct marketing purposes.
• Right to Withdraw Consent: If we are processing your personal data based on your consent, you have the right to withdraw your consent at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
• Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement if you consider that the processing of your personal data infringes the GDPR. In the Netherlands, the supervisory authority is the Autoriteit Persoonsgegevens (Dutch Data Protection Authority).

How to Exercise Your Rights:

To exercise any of your rights, please contact us using the contact details provided in Section 2 ("Data Controller") of this Privacy Policy. We will respond to your requests in accordance with GDPR requirements, generally within one month of receipt of your request, but this may be extended in complex cases. We may ask you to verify your identity to process your request.

Cookie Policy

Our Website uses cookies and similar tracking technologies. A Cookie Policy provides detailed information about the cookies we use, their purposes, and how you can manage your cookie preferences.

Links to Other Websites

Our Website may contain links to third-party websites that are not operated by us. We are not responsible for the privacy practices of these websites. We encourage you to review the privacy policies of any third-party websites you visit.