Virtosolutions UAB, a legal entity established in Lithuania and its group companies (collectively “Virto Commerce”, "we", "us", and "ours") is committed to protecting your privacy.
Virto Commerce wants to inform you how we collect, use, and disclose your personal information (“Personal Data”). “Personal Data” is information that identifies you as an individual or relates to an identifiable individual.
What Personal Data do we collect and process for our own purposes as a controller?
When you use our Services, visit our Websites or Social Media Pages, Virto Commerce may collect information, which may include Personal Data.
What Personal Data do we collect and process for our own purposes as a controller?
- contact information such as name, e-mail address, mailing address, phone number, company name and job title;
- billing information, such as credit or debit card number and billing address;
- feedback information, such as name and e-mail address when we provide feedback or customer support from within the Service(s);
- unique identifiers, such as username, account number or password, information collected on the Services through cookies and similar technologies, etc.
We and our service providers may collect Personal Data in a variety of ways. Such information may be collected from you through the Services, e.g., when you sign up for a newsletter or register for Services or demo version, respond to a survey, fill out a form on Website, open a ticket for support or leave comments on the forums or in a blog. We may receive your Personal Data from other sources, such as public databases, joint marketing partners, social media platforms (including from people with whom you are friends or otherwise connected) and from other third parties. For the purposes of General Data Protection Regulation (GDPR), Virto Commerce shall be the controller for this information you have submitted to us.
What do we use your Personal Data for?
We and our service providers use Personal Data for legitimate business purposes, including the following: (i) provide you the Service(s) and fulfilling your requests; (ii) send you communication from the Service(s); (iii) assess needs of your business to determine or suggest suitable Service(s); (iv) send you requested information about the Service(s); (v) respond to customer service requests, inquires, questions and concerns; (vi) administer your account and provide you with related customer service; (vii) send periodic emails with important notices or information about the Services (updates, bug fixing, etc.); (viii) personalize your experience on the Services by presenting products and offers tailored to you; (ix) send you promotional and marketing communications, that we believe may be of interest; (x) send administrative information to you, such as changes to our terms, conditions and policies; (xi) facilitate billing and payment transactions for the use of our Service(s); (xii) data analysis, such as to improve the efficiency of our Services; (xiii) enhancing, improving, or modifying our Services; (xiv) collecting feedback to improve our website, customer service, identify usage trends, determining the effectiveness of our promotional campaigns, etc.; (xv) developing new products and services; (xvi) being efficient about how we fulfil our legal, regulatory and contractual duties, also fraud and security monitoring purposes.
We will engage in these activities to manage our contractual relationship with you, to comply with a legal obligation, and/or because we have a legitimate interest. Our legitimate interest is the interest of ours as a business in conducting and managing Virto Commerce to enable us to provide to you the Services and offer the best experience. We will provide personalized services and/or send promotional and marketing communication either with your consent or because we have a legitimate interest.
If you have questions about or need further information concerning the legal basis on which we collect and use your Personal Data, please contact us using the contact details provided below.
To whom do we disclose your Personal Data?
Your Personal Data may be disclosed:
- To our third-party service providers who provide services such as website hosting, data analysis, payment processing, order fulfillment, information technology and related infrastructure provision, online advertising services, customer service, helpdesk solutions, email delivery, auditing and other services.
- By you, on message boards, chat, blogs and other services to which you are able to post information and content (including, without limitation, the forums and our Social Media Pages). Please note that any information you post or disclose through these services will become public and may be available to other users and the general public.
- Other uses and disclosures. We may also use and disclose your Personal Data as we believe to be necessary or appropriate, especially when we have a legal obligation or legitimate interest to do so: (a) to comply with applicable law; (b) to enforce our terms and conditions; and (c) to protect our rights, privacy, safety or property, and/or that of our affiliates, you or others. In addition, we have a legitimate interest in using, disclosing or transferring your information to a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings).
Further details can be provided upon request.
The following types of cookies are used in the Websites:
- Essential website cookies – these cookies are strictly necessary to provide you with services available through our Websites and to use some of its features.
- Performance and Functionality Cookies – these cookies enhance our performance on our website.
- Analytics and Customization Cookies – these cookies collect information that is used either in aggregate form to help us understand how our Websites are being used or how effective are marketing campaigns are, or to help us customize our Websites for you.
- Advertising Cookies – these cookies are used to make advertising messages more relevant to you.
We do not usually collect nor store the IP address from which you visit.
Certain information is collected by most browsers or automatically through your device.
Processing of information about Customers’ user (Virto Commerce as Data Processor)
Virto Commerce does not own, control or direct the use of any of the Customer Information stored or processed by a Customer or end-user via the Service. Only the Customer or end-users are entitled to access, retrieve and direct the use of such Customer Information. Virto Commerce is largely unaware of what Customer Information is actually being stored or made available by a Customer or end-user to the Service and does not directly access such Customer Information except as necessary to provide Services (including to respond to support requests, provide development works, maintenance, updates, etc.), as otherwise authorized by Customers or as required by law. Virto Commerce is not responsible for the content of the Personal Data contained in Customer Information or other information stored on its servers (or its subcontractors’ servers) at the discretion of the Customer nor is Virto Commerce responsible for the manner in which the Customer collects, handles disclosure, distributes or otherwise processes such information.
Our Customers are the “controllers” of Customer Information, meaning that they control the manner such information is collected and used as well as the determination of the purposes and means of the processing of such information and are responsible for compliance with the applicable data protection law. In addition, such information may be subject to our Customers’ own privacy policies. As the controller, it shall be our Customers’ responsibility to inform the end-users about the processing, and, where required, obtain necessary consent or authorization for any Personal Data that is collected as part of the Customer Information through your use of the Service(s).
As the processors of Customer Information on behalf of our Customers, we follow Customers’ instructions with respect to the Customer Information to the extent consistent with the functionality of our Service(s). In doing so, we implemented reasonable technical and organizational measures against unauthorized processing of such information and against loss, destruction of, or damage to, Customer Information.
If you seek access to, or wish to correct, update, modify or delete Personal Data which is part of the Customer Information and processed by us as data processor on behalf of our Customer, you should direct your query to our Customer, i.e. the controller. If you are a Customer of our Service(s) and wish to raise a request on behalf of your end-users in connection with Customer Data, you may open a ticket on the support portal of the relevant Service. Please note that if a Customer has subscribed to more than one Service, his request on a particular Service support portal is specific to that Service only and separate requests need to be raised across other relevant Service support portals.
Access, Choices and Your other rights (specific EEA customers)
If you are an individual resident in EEA, you have the following data protection rights regarding Personal Data collected and processed by Virto Commerce as data controller:
- If you wish to review, access, correct, update, restrict or request deletion of your Personal Data that you have previously provided to us, or if you would like to request to receive an electronic copy of your Personal Data for purposes of transmitting it to another company (to the extent this right to data portability is provided to you by applicable law), you can do so at any time by contacting us.
- You have the right to opt-out of marketing communications we or our affiliates send you at any time. You can exercise this right by clicking on the “unsubscribe” or “opt-out” link in the marketing e-mails we send you, or by contacting us.
- If we have collected and process your Personal Data with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your Personal Data conducted in reliance on lawful processing grounds other than consent.
- You have the right to complain to a data protection authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority.
If you are our Customer, we will send you emails and/or announcements with administrative information related to the Service(s) on occasions when it is necessary to do so. For instance, if our Service(s) is temporarily suspended for maintenance, we might send you an e-mail. Generally, you may not opt-out of communications which are not promotional in nature. If you do not wish to receive them, you may deactivate your account and not use our Services.
How long do we retain your Personal Data?
We will retain your Personal Data for as long as needed or permitted in light of the purpose(s) for which it was obtained. The criteria used to determine our retention periods include: (i) the length of time we have an ongoing relationship with you and provide the Services to you; (ii) when we have legal obligation to which we are subject; or (iii) as advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).
How do we protect your information?
We have implemented reasonable technical and organizational measures to maintain the safety of your Personal Data. The measures we use are designed to provide a level of security appropriate to the risk of processing your Personal Data. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. It is important for you to protect against unauthorized access to your password(s) and computer or device, and to log off when using any shared computer.
Do we disclose any information outside EEA?
Your Personal Data may be stored and processed in any country where we have facilities or in which we engage service providers, and by using the Services you consent to the transfer of information to countries outside of your country of residence, including the United States and EMEA countries, which may have data protection rules that are different from those of your country. In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in those other countries may be entitled to access your Personal Data.
Additional information regarding the EEA: Some of the non-EEA countries are recognized by the European Commission as providing an adequate level of data protection according to EEA standards. For transfers from the EEA to countries not considered adequate by the European Commission, we have put in place adequate measures, such as standard contractual clauses adopted by the European Commission to protect your Personal Data.
Sensitive Personal Data (Personal Data of special categories)
Unless we explicitly agree otherwise in writing, you will not send us, you will not disclose, and you will not process any sensitive and/or special categories Personal Data (e.g., social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or trade union membership) on or through the Services or otherwise to us.
Signing using sign-in services
You can log in to some of our Services using sign-in services such as GitHub and other. These services will authenticate your identity and provide you the option to share certain Personal Data with us such as your name and e-mail address.
Third party links, services and features
In addition, we are not responsible for the information collection, use, disclosure or security policies or practices of other organizations, such as Facebook, Apple, Google, Microsoft or any other developer, social media platform provider, operating system provider, wireless service provider or device manufacturer, including with respect to any Personal Data you disclose to other organizations through or in connection with our Services and/or Social Media Pages.
Use of Services by children and minors
The Services are not directed to individuals under the age of sixteen (16), and we do not knowingly collect Personal Data from individuals under sixteen (16).
How to contact us?