Privacy

Introduction

At VELA, privacy is a relevant issue. We are focused on establishing a relationship of trust with our customers and users, based on respect for the privacy of people and their information.

We work to ensure the highest level of protection to our customers and their businesses’ information, continuously applying strict standards to guarantee safety and quality in this matter.

In addition to complying with non-disclosure agreements, we have this privacy policy that explains our actions in data handling and details the procedures through which personal information is collected, stored, and used by us.

This policy is presented in English, and the version shall prevail to settle any doubts or controversies arising from this policy.

Applicability of this Privacy Policy

This Privacy Policy governs how VELA collects, handles, uses, and discloses your data when you use the services, features, technologies, or functions offered by VELA, this includes, but is not limited to, when you willingly provide information while using VELA Services.

You accept and comply with this Privacy Policy when you sign up for, access, or use any VELA Services. By accepting and complying with this Privacy Policy, you expressly agree to how we collect, handle, and use your data, as described herein.

Definition of Each Party

VELA’s Merchants are the companies that use our services to sell their products/services.

VELA is the entity that performs payment process for its Merchants, processing Personal Data on their behalf and acting as their Data Processor. To process such payments VELA may engage with other Data Processors.

VELA’s Customers are the users that select our payment option to perform a purchase from VELA’s Merchants. They are the data subject of the Personal Data VELA´s processes.

Contact Details of the Data Processor

Your Personal Data is processed by the following Data Processor:

If you have any questions about this Privacy Policy, or if you wish to exercise your rights mentioned under clause 12, please contact our Privacy Officers via mail at this address: Datum Software, Inc., 12000 Findley Rd, Suite 300, Johns Creek, GA 30097 USA; or email address compliance@datumsoftware.com according to the procedure described in clause 12.

You can also contact our Group Data Protection Officer by e-mail on the following address: compliance@datumsoftware.com.

What is personal data?

Personal Data is information that can be used to identify a person either directly or indirectly; it may include name, address, email, phone number, credit/debit card number, IP address, and location data. Non-Personal Data does not allow a specific individual to be identified when analyzed alone or with other Non-Personal Data; it may include gender, age, and general geographic location. We collect Personal and Non-Personal Data, and may also anonymize Personal Data to make it Non-Personal. You agree that VELA may collect, handle, store, use, transfer and disclose Non-Personal Data for any purpose, which includes – but is not limited to – the use of aggregated transactional information for commercial purposes.

What categories of personal data do we process?

  1. Data you give us.
  2. You may give us data about you by filling in forms on ours or VELA’s Merchant’s sites and applications, as well as when you use our services. The data you give us may include, among others, your name, ID, date of birth, address, email address, phone number, and credit card information.

    We may record your call with call center agents working on our behalf for training purposes and to ensure quality customer service.

  3. Data we collect about you.
  4. Regarding each of your visits to our site we may automatically collect the following information:

    Technical information, including the Internet Protocol (IP) address used to connect your device to the Internet, your login information, browser type, and version, time zone setting, browser plug-in types and versions, operating system and platform;

    Information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through, and from our site (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs); methods used to browse away from the page; and phone numbers used to call our customer service.

  5. Data we receive from other sources.
  6. We are working closely with third parties (including, for example, business partners and sub-contractors in technical, payment, and delivery services, that may access your Personal Data and share with us, always according to our instructions and taking the security measures defined in clause 13).

  7. Geo-Location Data.
  8. Some devices allow applications to access real-time location-based data (for example GPS). We may use this data to optimize your experience.

What are the purpose and legal grounds for processing your personal data?

We process your Personal Data for – but not limited to – the following purposes, based upon the legal grounds of the applicable law and your consent:

  1. to proceed with your payment request;
  2. to handle your request when you send an inquiry via our Website or call center;
  3. to send you newsletters to which you have subscribed;
  4. to send you direct marketing communications that you have agreed to receive via email or any other channel;
  5. to send you direct marketing communications via email based on your consent if you are an existing VELA Customer and we have received your email address from you. You can object to this use of your email address at any time and free of charge. You can unsubscribe easily via the added link at the bottom of any email;
  6. to transfer your email address (or any other Personal Data for which applicable law imposes the need of your prior consent and for which you have agreed) to a specified third party; and
  7. to manage risk, or to detect, prevent, and/or remediate fraud or other potentially illegal or prohibited activities and comply with Know Your Customer and similar rules. Some of these activities are automated and use your Personal Data and historical data to determine the risk of the operation based on the service being requested. We may refuse to carry out operations which are labeled as potentially fraudulent, illegal, or prohibited or which represent a high risk.

For any personal data that requires your consent to be handled and processed, you have the right to withdraw such consent at any time.

We always strive for maintaining a fair balance between the need to process your Personal Data and the preservation of your rights and freedoms, including the respect for your privacy, always complying with legal or regulatory provisions to which we and you are subject.

To whom will your personal data be transferred?

There are circumstances where we disclose or are compelled to disclose your Personal Data to third parties. This will only take place in accordance with the applicable law and for the purposes listed in clause 7. These scenarios include disclosure:

  1. to our group companies, for the same purposes as referred to under clause 7.
  2. to our service providers, suppliers, or subcontractors (group companies or third parties) who provide services that include data processing on our behalf (such as external contact centers, agencies, IT support service providers, stand builders, food & beverage partners, etc.). These companies may use your Personal Data only within the strict limits of instructions that we give them and in compliance with this Policy. They are subject to significant confidentiality and security obligations regarding Personal Data;
  3. to our group companies to send you direct marketing communications, possibly based upon your marketing profile, unless you have withdrawn your consent to receiving such communications;
  4. to any other third party upon your consent.
  5. to another legal entity, on a temporary or permanent basis, for the purposes of a joint venture, collaboration, financing, sale, merger, reorganization, change of legal form, dissolution, or similar event. In the case of a merger or sale, your Personal Data will be permanently transferred to a successor company;
  6. to public authorities or other third parties where we are required by law to do so or in the context of legal procedures.
  7. International transfer of personal data

By providing us with your Personal Data, you acknowledge that we may transfer it to recipients, including companies VELA directly or indirectly controls, companies VELA is controlled by or companies under common control with VELA, subcontractors (e.g. payment service providers), even if they are established outside your area of residence (such as the European Economic Area, South America or North America). In this case, the processing of your Personal Data will be protected according to the requirements of applicable law and this Policy. Particularly, when transferring data to countries that are outside the European Economic Area and which do not offer an adequate level of protection, we will ensure the use of appropriate data transfer tools (e.g. the European Commission’s Standard Contractual Clauses).

How long do we store your Personal Data?

The retention period for complying with legal obligations and evidence purposes: For compliance with legal obligations (such as accounting, tax, and insurance) and evidence purposes, Personal Data is stored in our database for an additional seven (7) years after the required legal term, unless longer retention is required and we have a legitimate and lawful purpose to do so.

We may keep an anonymized version of your Personal Data for statistical purposes, which will no longer refer to you. The anonymized version may be kept without any time limits, to the extent that we have a legitimate and lawful interest in doing so.

How We Use the Data We Collect

Internal Uses: We collect, store, and process your data on servers located in countries throughout the world, which includes, but is not limited to, South America, North America, and Europe. Our primary purpose in collecting your data is to provide you with a safe, smooth, efficient, and customized experience. You agree that we may use your Personal Data to:

We use your email or physical address to send you notice of payments made through VELA, information about important changes to our products and services, notices, and other disclosures required by law. Generally, users cannot opt-out of these communications, but they will be primarily informational in nature rather than promotional.

Your rights in relation to your Personal Data

As a data subject, you can exercise the rights below regarding your Personal Data.

To exercise these rights, please contact our Privacy Officers, either by mail or by email at the addresses mentioned under clause 4, attaching a copy of your identity card, passport, or other valid means of identification and your specific request.