At VELA, privacy is a relevant issue. We are focused on establishing a relationship of trust with our customers and users, based on respect for the privacy of people and their information.
We work to ensure the highest level of protection to our customers and their businesses’ information, continuously applying strict standards to guarantee safety and quality in this matter.
This policy is presented in English, and the version shall prevail to settle any doubts or controversies arising from this policy.
Definition of Each Party
VELA’s Merchants are the companies that use our services to sell their products/services.
VELA is the entity that performs payment process for its Merchants, processing Personal Data on their behalf and acting as their Data Processor. To process such payments VELA may engage with other Data Processors.
VELA’s Customers are the users that select our payment option to perform a purchase from VELA’s Merchants. They are the data subject of the Personal Data VELA´s processes.
Contact Details of the Data Processor
Your Personal Data is processed by the following Data Processor:
You can also contact our Group Data Protection Officer by e-mail on the following address: firstname.lastname@example.org.
What is personal data?
Personal Data is information that can be used to identify a person either directly or indirectly; it may include name, address, email, phone number, credit/debit card number, IP address, and location data. Non-Personal Data does not allow a specific individual to be identified when analyzed alone or with other Non-Personal Data; it may include gender, age, and general geographic location. We collect Personal and Non-Personal Data, and may also anonymize Personal Data to make it Non-Personal. You agree that VELA may collect, handle, store, use, transfer and disclose Non-Personal Data for any purpose, which includes – but is not limited to – the use of aggregated transactional information for commercial purposes.
What categories of personal data do we process?
- Data you give us.
- Data we collect about you.
- Data we receive from other sources.
- Geo-Location Data.
You may give us data about you by filling in forms on ours or VELA’s Merchant’s sites and applications, as well as when you use our services. The data you give us may include, among others, your name, ID, date of birth, address, email address, phone number, and credit card information.
We may record your call with call center agents working on our behalf for training purposes and to ensure quality customer service.
Regarding each of your visits to our site we may automatically collect the following information:
Technical information, including the Internet Protocol (IP) address used to connect your device to the Internet, your login information, browser type, and version, time zone setting, browser plug-in types and versions, operating system and platform;
Information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through, and from our site (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs); methods used to browse away from the page; and phone numbers used to call our customer service.
We are working closely with third parties (including, for example, business partners and sub-contractors in technical, payment, and delivery services, that may access your Personal Data and share with us, always according to our instructions and taking the security measures defined in clause 13).
Some devices allow applications to access real-time location-based data (for example GPS). We may use this data to optimize your experience.
What are the purpose and legal grounds for processing your personal data?
We process your Personal Data for – but not limited to – the following purposes, based upon the legal grounds of the applicable law and your consent:
- to proceed with your payment request;
- to handle your request when you send an inquiry via our Website or call center;
- to send you newsletters to which you have subscribed;
- to send you direct marketing communications that you have agreed to receive via email or any other channel;
- to send you direct marketing communications via email based on your consent if you are an existing VELA Customer and we have received your email address from you. You can object to this use of your email address at any time and free of charge. You can unsubscribe easily via the added link at the bottom of any email;
- to transfer your email address (or any other Personal Data for which applicable law imposes the need of your prior consent and for which you have agreed) to a specified third party; and
- to manage risk, or to detect, prevent, and/or remediate fraud or other potentially illegal or prohibited activities and comply with Know Your Customer and similar rules. Some of these activities are automated and use your Personal Data and historical data to determine the risk of the operation based on the service being requested. We may refuse to carry out operations which are labeled as potentially fraudulent, illegal, or prohibited or which represent a high risk.
For any personal data that requires your consent to be handled and processed, you have the right to withdraw such consent at any time.
We always strive for maintaining a fair balance between the need to process your Personal Data and the preservation of your rights and freedoms, including the respect for your privacy, always complying with legal or regulatory provisions to which we and you are subject.
To whom will your personal data be transferred?
There are circumstances where we disclose or are compelled to disclose your Personal Data to third parties. This will only take place in accordance with the applicable law and for the purposes listed in clause 7. These scenarios include disclosure:
- to our group companies, for the same purposes as referred to under clause 7.
- to our service providers, suppliers, or subcontractors (group companies or third parties) who provide services that include data processing on our behalf (such as external contact centers, agencies, IT support service providers, stand builders, food & beverage partners, etc.). These companies may use your Personal Data only within the strict limits of instructions that we give them and in compliance with this Policy. They are subject to significant confidentiality and security obligations regarding Personal Data;
- to our group companies to send you direct marketing communications, possibly based upon your marketing profile, unless you have withdrawn your consent to receiving such communications;
- to any other third party upon your consent.
- to another legal entity, on a temporary or permanent basis, for the purposes of a joint venture, collaboration, financing, sale, merger, reorganization, change of legal form, dissolution, or similar event. In the case of a merger or sale, your Personal Data will be permanently transferred to a successor company;
- to public authorities or other third parties where we are required by law to do so or in the context of legal procedures.
- International transfer of personal data
By providing us with your Personal Data, you acknowledge that we may transfer it to recipients, including companies VELA directly or indirectly controls, companies VELA is controlled by or companies under common control with VELA, subcontractors (e.g. payment service providers), even if they are established outside your area of residence (such as the European Economic Area, South America or North America). In this case, the processing of your Personal Data will be protected according to the requirements of applicable law and this Policy. Particularly, when transferring data to countries that are outside the European Economic Area and which do not offer an adequate level of protection, we will ensure the use of appropriate data transfer tools (e.g. the European Commission’s Standard Contractual Clauses).
How long do we store your Personal Data?
The retention period for complying with legal obligations and evidence purposes: For compliance with legal obligations (such as accounting, tax, and insurance) and evidence purposes, Personal Data is stored in our database for an additional seven (7) years after the required legal term, unless longer retention is required and we have a legitimate and lawful purpose to do so.
We may keep an anonymized version of your Personal Data for statistical purposes, which will no longer refer to you. The anonymized version may be kept without any time limits, to the extent that we have a legitimate and lawful interest in doing so.
How We Use the Data We Collect
Internal Uses: We collect, store, and process your data on servers located in countries throughout the world, which includes, but is not limited to, South America, North America, and Europe. Our primary purpose in collecting your data is to provide you with a safe, smooth, efficient, and customized experience. You agree that we may use your Personal Data to:
- process transactions and provide the VELA Services;
- verify your identity, including during account creation and password reset processes; resolve disputes, collect fees and troubleshoot problems;
- manage risk, or to detect, prevent, and/or remediate fraud or other potentially illegal or prohibited activities; detect, prevent or remediate violations of policies or applicable user agreements;
- provide you with customer support services;
- resolve customer complaints or claims made by users via the VELA Services; respond to requests for customer service;
- inform users if we believe their accounts or any of their transactions have been used for an illegitimate purpose; confirm information concerning a user’s identity, business, or account activity;
- carry out collection activities; conduct customer surveys; and
- investigate suspicious transactions.
We use your email or physical address to send you notice of payments made through VELA, information about important changes to our products and services, notices, and other disclosures required by law. Generally, users cannot opt-out of these communications, but they will be primarily informational in nature rather than promotional.
Your rights in relation to your Personal Data
As a data subject, you can exercise the rights below regarding your Personal Data.
To exercise these rights, please contact our Privacy Officers, either by mail or by email at the addresses mentioned under clause 4, attaching a copy of your identity card, passport, or other valid means of identification and your specific request.
- Right to access. You may, where permitted by applicable law, request to obtain information regarding our processing of your Personal Data and, if applicable, have access to them.
- Right to rectification. You may request that we rectify/complete any inaccurate/incomplete Personal Data free of charge.
- The right to withdraw consent. You may, as permitted by applicable law, withdraw consent to the handling and processing of your Personal Data at any time. Such withdrawal will not affect the lawfulness of handling and processing made prior to the withdrawal date, based on your prior consent. Please note that if you withdraw your consent, you may not be able to benefit from certain service features for which the processing of your Personal Data is essential.
- Right to restriction of the processing. You may request that your Personal Data is processed with certain restrictions, to the extent required by applicable law. Please note that if you do so, you may not be able to benefit from certain service features for which the processing of your Personal Data is essential.
- The right to contest automated decisions. When an automated processing and decision-making is applied, you may contest that automated processing of your Personal Data and request that a human reviews the processing.
- Right to erasure. You may request that we delete your Personal Data and we will comply unless there is a lawful reason for not doing so. For example, there may be an overriding legitimate ground for keeping your Personal Data, such as a legal obligation that we must comply with, or if retention is necessary for us to comply with our legal obligations.
- Right to lodge a complaint with the supervisory authority. You have the right to contact the relevant supervisory authority in case you consider we process your Personal Data unlawfully.
- Unsubscribing from VELA. You have the right to object the use and processing of your Personal Data for direct marketing purposes.
- Should you no longer wish to receive information regarding events organized by us, please contact our local Privacy Officers, either by mail or by email at the following address Datum Software, Inc. 12000 Findley Rd, Suite 350, Johns Creek, GA 30097 USA or email address email@example.com.
- Should you no longer wish that we transfer your Personal Data to third parties (advertising and media partners, exhibitors, or commercial partners), please contact our local Privacy Officers, either by mail or by email at the following address Datum Software, Inc. 12000 Findley Rd, Suite 350, Johns Creek, GA 30097 USA or email address firstname.lastname@example.org.
- Should you no longer wish that we use your Personal Data for establishing marketing profiles, please contact our local Privacy Officers, either by mail or by email at the following address Datum Software, Inc. 12000 Findley Rd, Suite 350, Johns Creek, GA 30097 USA or email address email@example.com.
- Should you wish to unsubscribe from our mailing list, please use the unsubscribe button that appears on each email sent for commercial purposes by us, or contact local Privacy Officers, either by mail or by email at the following address Datum Software, Inc. 12000 Findley Rd, Suite 350, Johns Creek, GA 30097 USA or email address firstname.lastname@example.org and state the type of information you do not want to receive any more or indicate the email address you want to unsubscribe from.
- First party cookies – cookies that the website you are visiting places on your computer.
- Third-party cookies – cookies placed on your computer through the website but by third parties, such as Google.
Due to the importance, we grant to privacy and data protection, we do everything we can to safeguard your Personal Data from any misuse. Our employees are trained to correctly deal with Personal Data. Your Personal Data is hosted in secured environments, which are not accessible to the public. Our computer facilities are equipped with back-up, filtering, and firewall systems, conforming to the adequate industry security standards. Access to your Personal Data is solely granted to those persons who are authorized for the performance of their duties. Furthermore, we are PCI-DSS certified to guarantee that data are stored and handled safely.
What exactly are cookies?
A cookie is a small file that a website or its service provider transfers to your computer’s hard drive through your web browser that enables the websites or service providers systems to recognize your browser and capture and remember certain information.
You can set your browser to notify you when you receive a cookie. This enables you to decide if you want to accept it or not. Alternatively, you can choose to turn off all cookies via your browser settings. However, some of the services and features offered through our Website may not function properly if your cookies are disabled.
Cookies can be first-party or third-party cookies.
We use the following cookies on our Website:
14.1 Strictly necessary/session cookies
These cookies are essential in enabling you to move around our website and use its features. Without these cookies, services you have asked for cannot be provided. They are deleted when you close the browser. These are first-party cookies.
14.2 Performance cookies
These cookies collect anonymous data about how visitors use our website. They allow us to recognize and count the number of visitors and to see how visitors move around our website when they are using it and the approximate regions that they are visiting. These are first-party cookies.
14.3 Functionality cookies
These cookies allow the website to remember choices you make (such as your user name, language, or the region you are in) and provide enhanced, more personal features. These cookies can also be used to remember changes you have made to text size, fonts, and other parts of web pages that you can customize. The information these cookies collect may be anonymized and they cannot track your browsing activity on other websites. These are first-party cookies.
14.4 Analytics, advertising, and Social Media cookies
14.5 Cookie consent and opting out
In addition to paragraph 14.4 above, should you not wish us to use Analytics and Advertising cookies, you can access the following page to deactivate Google Analytics: https://tools.google.com/dlpage/gaoptout.
Please note that VELA Services and VELA websites are not intended for children under the age of 16. VELA is committed to the protection of children’s privacy, particularly in an online environment. To our best knowledge, VELA does not collect personally identifiable information from children under 16 without parental authorization. If a parent or guardian becomes aware that his/her child has provided Personal Data to VELA without his/her authorization, please contact us at email@example.com.
Linked websites are not responsible for the privacy policies and practices of other websites even if you accessed the third-party website using links from our Website. We recommend that you check the policy of each website you visit and contact the owner or operator of such website if you have concerns or questions.
Changes on our Policy
We reserve the right to amend or modify this Policy upon notice to you and if we do so we will post the changes on this page. It is your responsibility to check the Policy every time you submit information to us or place an order.
You can also contact our Group Data Protection Officer by e-mail on the following address: firstname.lastname@example.org.