Privacy Policy

1. Controller and processor roles

This Policy explains how personal data is processed in the context of Venyo. For privacy questions, contact hello@venyo.app.

Venyo may act as controller for website, commercial contact, billing, account management, subscriptions, support and own communications. Venyo may act as processor when storing and processing data entered by a tenant about its final clients, guests, suppliers, contacts and events.

2. Data we may process

• identity and contact data, such as name, email, phone, role, company or venue;
• account, authentication, permissions, user profile and tenant data;
• commercial data, including leads, CRM, contacts, proposals, approvals and notes;
• event data, timings, tasks, specs, documents, floor plans, files and uploads;
• billing data, including plan, extras, company details, tax number, address, payments and subscription status;
• technical data, such as IP address, logs, device, browser, errors and security activity;
• data submitted through contact, demo, support, feedback or custom-plan forms.

3. Purposes and legal bases

We process data to provide the Venyo service, manage accounts and tenants, process subscriptions and payments, respond to contacts and support, ensure security, audit activity, improve the service and comply with legal, fiscal, contractual or rights-defense obligations.

Legal bases may include contract performance, pre-contractual steps, legitimate interest, legal obligation, consent where applicable, or customer instructions when Venyo acts as processor.

4. Final-client data entered by tenants

When a tenant uses Venyo to manage its own clients, guests, suppliers, proposals, contracts, payments, documents or events, that tenant is usually the controller. Venyo processes that data to provide the service according to tenant instructions and platform settings.

The tenant must inform its final clients, obtain consent where required, define its own commercial terms and use the platform in compliance with applicable law.

5. Third parties and providers

Venyo may use technical and commercial providers required to operate the service, including hosting, database, email, payments, billing, monitoring, support, analytics when configured and communication tools.

Payments and subscriptions may be processed by Stripe. Data required for payment, billing and subscription management may be shared with Stripe under its own policies.

6. Retention, security and transfers

Data is retained for as long as necessary to provide the service, maintain the contractual relationship, deliver support, ensure security, comply with legal and accounting duties and defend rights.

Venyo applies technical and organizational measures such as authentication, user permissions, tenant segregation, audit records, access controls and upload management. Some providers may process data outside the EEA using legally adequate transfer mechanisms.

7. Cookies and similar technologies

The website and app may use cookies or similar technologies for technical operation, session, security, preferences, usage analysis or service improvement. Non-essential cookies will be handled with consent mechanisms when legally required.

8. Data subject rights

Subject to applicable law, individuals may request access, rectification, erasure, restriction, objection, portability, withdrawal of consent where applicable and information about processing.

For rights related to a Venyo account, contact hello@venyo.app. If the request concerns data controlled by a tenant about its final clients, we may forward the request to that tenant or act according to its instructions.

9. Changes

This Policy may be updated to reflect legal, technical, operational or commercial changes. The current version will be available on the website.