1. Overview
The short version
We collect only what we need to run our services. We don't sell your data. You can request deletion at any time.
VyntRise Technologies ("VyntRise", "we", "us", or "our") is committed to protecting your personal information. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you use our platform and services.
This policy applies to all users of VyntRise services and complies with the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other applicable privacy laws.
2. Information We Collect
Information you provide directly
- Account registration data (name, email, company name)
- Payment and billing information (processed securely via Stripe)
- Communications you send us (support tickets, contact forms)
- Content and data you upload to the platform
Information collected automatically
- Usage data (pages visited, features used, time spent)
- Device and browser information (IP address, browser type, OS)
- Log data (access times, error logs, API calls)
- Cookies and similar tracking technologies (see our Cookie Policy)
Information from third parties
- Business data from connected integrations (Google Business Profile, review platforms)
- Analytics data from third-party providers
- Payment verification data from financial institutions
3. How We Use Your Information
We use the information we collect to:
- Provide, operate, and improve our Services
- Process transactions and send related information
- Send administrative communications (account updates, security alerts)
- Send marketing communications (with your consent, where required)
- Analyze usage patterns to improve user experience
- Detect, prevent, and address fraud and security issues
- Comply with legal obligations
- Respond to your requests and provide customer support
4. Legal Basis for Processing (GDPR)
For users in the European Economic Area (EEA), we process your personal data under the following legal bases:
- Contract performance — processing necessary to provide the Services you've subscribed to
- Legitimate interests — improving our Services, fraud prevention, and security
- Consent — marketing communications and non-essential cookies
- Legal obligation — compliance with applicable laws and regulations
6. Data Retention
We retain your personal data for as long as necessary to provide the Services and fulfill the purposes outlined in this policy, unless a longer retention period is required by law.
- Account data — retained for the duration of your account plus 30 days after deletion
- Transaction records — retained for 7 years for tax and legal compliance
- Usage logs — retained for 90 days
- Marketing data — retained until you withdraw consent
7. Your Rights
You are in control
You can exercise any of these rights by contacting us at privacy@vyntrise.com. We respond within 30 days.
Depending on your location, you may have the following rights:
- Access — request a copy of the personal data we hold about you
- Rectification — request correction of inaccurate or incomplete data
- Erasure — request deletion of your personal data ("right to be forgotten")
- Portability — receive your data in a structured, machine-readable format
- Restriction — request that we limit how we process your data
- Objection — object to processing based on legitimate interests
- Withdraw consent — withdraw consent at any time where processing is consent-based
California residents have additional rights under the CCPA, including the right to know, delete, and opt-out of the sale of personal information (we do not sell personal information).
9. Data Security
We implement industry-standard security measures to protect your personal data, including:
- TLS/SSL encryption for all data in transit
- AES-256 encryption for data at rest
- Regular security audits and penetration testing
- Role-based access controls and least-privilege principles
- SOC 2 Type II compliance
While we take reasonable precautions, no security system is impenetrable. In the event of a data breach that affects your rights, we will notify you as required by applicable law.
10. International Data Transfers
VyntRise operates primarily in the United States. If you are located outside the US, your data may be transferred to and processed in the US or other countries.
For transfers from the EEA, UK, or Switzerland, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission to ensure adequate protection of your personal data.
11. Children's Privacy
Our Services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us immediately and we will delete it.
12. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by email or through a prominent notice on our platform at least 14 days before the changes take effect.
Your continued use of the Services after the effective date constitutes acceptance of the updated policy.
13. Contact & Data Protection Officer
For privacy-related questions, requests, or concerns, please contact:
- Privacy Team: privacy@vyntrise.com
- Data Protection Officer: dpo@vyntrise.com
- Address: VyntRise Technologies, San Francisco, CA 94105
If you are in the EEA and believe we have not adequately addressed your privacy concerns, you have the right to lodge a complaint with your local data protection authority.