Privacy Policy

Last updated: February 2026

Privacy at a glance

This policy explains what we collect, how we use it, and the choices you have. We keep data minimal, secure it aggressively, and never sell it.

Collected

Account, billing, usage, device data

Used for

Service delivery, security, product improvement

Your control

Access, deletion, portability, objections

1. Information We Collect

Information You Provide

We collect information you voluntarily provide when using our services, including:

Account information (name, email address, company name, job title)
Billing information (payment method details, billing address)
Profile information (preferences, settings, profile photo)
Communications (support tickets, feedback, survey responses)
Content you create or upload to the platform

Information Collected Automatically

When you access our services, we automatically collect:

Device information (browser type, operating system, device identifiers)
Log data (IP address, access times, pages viewed, referring URLs)
Usage data (features used, actions taken, performance metrics)
Location data (country, region, city based on IP address)
Cookies and similar tracking technologies

Information from Third Parties

We may receive information from third-party sources, including:

Identity verification services
Integration partners when you connect third-party services
Publicly available business information

2. How We Use Information

We use the information we collect for the following purposes:

Provide and maintain our services: Process transactions, manage your account, and deliver the features you request
Improve and develop: Analyze usage patterns to enhance functionality, develop new features, and optimize performance
Communicate with you: Send service announcements, security alerts, support messages, and marketing communications (with your consent)
Ensure security: Detect, prevent, and respond to fraud, abuse, and security incidents
Comply with legal obligations: Meet regulatory requirements and respond to lawful requests
Personalize your experience: Customize content and recommendations based on your preferences and usage

3. Data Security

We implement industry-standard security measures to protect your personal information from unauthorized access, alteration, disclosure, or destruction. Our security practices include:

Encryption: All data is encrypted in transit (TLS 1.3) and at rest (AES-256)
Access controls: Role-based access with multi-factor authentication
Infrastructure: SOC 2 Type II certified data centers with 24/7 monitoring
Regular audits: Penetration testing and security assessments by independent third parties
Incident response: Documented procedures for detecting and responding to security events

While we strive to protect your personal information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security but commit to notifying you of any breach affecting your data as required by law.

4. Your Rights

Depending on your location, you may have the following rights regarding your personal information:

Access: Request a copy of the personal information we hold about you
Correction: Request correction of inaccurate or incomplete information
Deletion: Request deletion of your personal information, subject to legal retention requirements
Portability: Receive your data in a structured, machine-readable format
Restriction: Request limitation of processing in certain circumstances
Objection: Object to processing based on legitimate interests or for direct marketing
Withdraw consent: Withdraw previously given consent at any time

To exercise these rights, contact us at privacy@varxius.com. We will respond to your request within 30 days. For GDPR requests, we comply within the legally mandated timeframes.

5. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required by law. When determining retention periods, we consider:

The nature and sensitivity of the information
The purposes for which we process your data
Applicable legal, regulatory, and contractual requirements
Our legitimate business interests

When you delete your account, we remove your personal data within 90 days, except where retention is required for legal compliance or dispute resolution.

6. Cookies and Tracking

We use cookies and similar technologies to enhance your experience. You can manage cookie preferences through your browser settings or our cookie consent tool. For more information, see our Cookie Policy.

7. International Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission, to protect your data during international transfers.

8. Children's Privacy

Our services are not directed to individuals under 16 years of age. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal data, please contact us immediately.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. We encourage you to review this policy periodically.

10. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

Email: privacy@varxius.com
Address: VarXiuS Inc., 548 Market Street, Suite 45000, San Francisco, CA 94104, United States
Data Protection Officer: dpo@varxius.com

For EU residents, you also have the right to lodge a complaint with your local supervisory authority if you believe your data protection rights have been violated.