Privacy Policy

This Privacy Policy explains how venpor Ltd, a company incorporated in the Republic of Cyprus ("venpor", "we", "us"), processes personal data. venpor is subject to the EU General Data Protection Regulation (GDPR) and the Cyprus implementing law (Law 125(I)/2016), and is supervised by the Office of the Commissioner for Personal Data Protection. Contact us at privacy@venpor.ai.

1. Scope and who this applies to

This Policy covers personal data venpor processes as a controller — where venpor decides why and how the data is processed. The people this concerns are: visitors to our website; prospects and contacts at our customers and partners; and users who operate the venpor platform and our AI Services (the assistant we call "Venny").

It does not govern the personal data that our customers put into the Platform about their own workers, contractors, and candidates — for that data venpor is a processor, and the customer is the controller.

2. Our role: controller and processor

For our own website, prospect and customer contacts, account users, product analytics, support, and marketing data, venpor is the controller and this Policy applies.

For personal data that customers put into the Platform about their workers, contractors, and candidates, venpor is a processor acting on the customer's documented instructions. That processing is governed by our Data Processing Agreement, not by this Policy.

If you are a worker, contractor, or candidate and you want to access, correct, or delete your data, please contact the organisation that engaged you directly. If you send such a request to venpor, we will forward it to the relevant customer.

3. Personal data we collect (as controller)

Category

Examples

Contact data

Name, business email, telephone number, employer, job title.

Account data

Username, role and permissions, authentication and login data, settings.

Communications & support

Messages, support tickets, and correspondence with us.

Usage & device data

Pseudonymised product analytics, metered AI Services consumption, log data, IP address, device and browser data, cookie identifiers.

Marketing data

Subscription and consent preferences, and your responses to our communications and events.

4. Why we use your data and our legal bases

Purpose

Legal basis (Art. 6(1) GDPR)

Providing and hosting the Platform and managing accounts

Performance of a contract (b) for users; legitimate interests (f) for others.

Providing support

Performance of a contract (b) / legitimate interests (f).

Product analytics, security, fraud and abuse prevention

Legitimate interests (f).

Sales, CRM, and responding to your enquiries

Legitimate interests (f).

Direct marketing and newsletters

Consent (a), or legitimate interests (f) for existing-customer updates where permitted.

Cookies and similar analytics

Consent (a) where required.

Complying with legal, tax, and accounting obligations

Legal obligation (c).

5. The AI Services — transparency and no automated decisions

venpor's AI Services ("Venny") provide decision-support only. They do not make decisions based solely on automated processing that produce legal or similarly significant effects concerning any individual (Article 22 GDPR); a human always remains responsible.

6. Who we share personal data with

  • Sub-processors. Cloud hosting, analytics, AI infrastructure, and support tooling providers that process data on our behalf under a written contract.

  • Embedded providers. Where you use an embedded service, that provider processes data under its own terms and privacy notice.

  • Authorities and advisers. Regulators, courts, or professional advisers where we are legally required or it is necessary to establish or defend legal claims.

  • Corporate transactions. A buyer or successor in connection with a merger, acquisition, or reorganisation, subject to this Policy.

We do not sell your personal data.

7. International data transfers

We process personal data in the European Economic Area where possible. Where personal data is transferred outside the EEA, we put in place appropriate safeguards — primarily the EU Standard Contractual Clauses (Commission Decision 2021/914). You can request a copy by emailing privacy@venpor.ai.

8. How long we keep personal data

Account and contact data is kept for the life of the relationship and a reasonable period afterwards. Invoicing and accounting records are kept for the statutory retention period under Cyprus law (currently six years). Marketing data is kept until you opt out.

9. Your rights

Subject to the GDPR, you have the right to: access your data; have it corrected or erased; restrict or object to its processing; data portability; and withdraw consent at any time. To exercise a right, email privacy@venpor.ai. You also have the right to lodge a complaint with the Office of the Commissioner for Personal Data Protection (dataprotection.gov.cy).

10. Cookies and marketing

We use cookies and similar technologies on our website. You can manage your preferences through our consent banner.

11. Children

Our website and Platform are intended for business use and are not directed to individuals under 14. We do not knowingly collect personal data from children.

12. Changes to this Policy

We may update this Policy from time to time. We will change the "last updated" date above and, for material changes, provide a more prominent notice.

13. Contact us

For any privacy question or to exercise a right, contact our privacy team at privacy@venpor.ai, or write to venpor Ltd, Cyprus.