Privacy Policy

Last updated: June 24, 2025

This Privacy Policy describes Our policies and procedures on the collection, use and disclosure of Your information when You use the Service and tells You about Your privacy rights and how the law protects You, particularly under the General Data Protection Regulation (GDPR) and UK data protection laws.

We use Your Personal Data to provide and improve the Service. By using the Service, You agree to the collection and use of information in accordance with this Privacy Policy. We are committed to protecting Your privacy and ensuring Your data is processed lawfully, fairly, and transparently.

Interpretation and Definitions

Interpretation

The words of which the initial letter is capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.

Definitions

For the purposes of this Privacy Policy:

• Account means a unique account created for You to access our Service or parts of our Service.
• Affiliate means an entity that controls, is controlled by or is under common control with a party, where "control" means ownership of 50% or more of the shares, equity interest or other securities entitled to vote for election of directors or other managing authority.
• Application refers to Vidrana, the software program provided by the Company.
• Company (referred to as either "the Company", "We", "Us" or "Our" in this Agreement) refers to Vidrana, located in the United Kingdom.
• Controller means Vidrana, which determines the purposes and means of processing Personal Data.
• Cookies are small files that are placed on Your computer, mobile device or any other device by a website, containing the details of Your browsing history on that website among its many uses.
• Country refers to: United Kingdom
• Data Protection Laws means the UK General Data Protection Regulation, the Data Protection Act 2018, and any successor legislation.
• Data Subject means You, the individual to whom Personal Data relates.
• Device means any device that can access the Service such as a computer, a cellphone or a digital tablet.
• GDPR means the General Data Protection Regulation (EU) 2016/679 as retained in UK law.
• Personal Data is any information relating to an identified or identifiable natural person.
• Processing means any operation performed on Personal Data, including collection, recording, organisation, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure, dissemination, restriction, erasure or destruction.
• Processor means any natural or legal person who processes Personal Data on behalf of the Controller.
• Service refers to the Application or the Website or both.
• Service Provider means any natural or legal person who processes the data on behalf of the Company. It refers to third-party companies or individuals employed by the Company to facilitate the Service, to provide the Service on behalf of the Company, to perform services related to the Service or to assist the Company in analyzing how the Service is used.
• Usage Data refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).
• Website refers to Vidrana, accessible from the URL provided by the Company.
• You means the individual accessing or using the Service, or the company, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable.

Data Controller Information

Vidrana is the data controller responsible for Your Personal Data. We are based in the United Kingdom and process data in accordance with UK Data Protection Laws and GDPR.

Legal Basis for Processing

Under GDPR, we process Your Personal Data based on the following legal grounds:

1. Consent: Where You have given clear consent for us to process Your Personal Data for specific purposes
2. Contract: Where processing is necessary for the performance of a contract with You
3. Legal Obligation: Where we need to comply with legal requirements
4. Legitimate Interests: Where processing is necessary for our legitimate business interests, provided this doesn't override Your rights and freedoms
5. Vital Interests: Where processing is necessary to protect someone's life
6. Public Task: Where processing is necessary to perform a task in the public interest

Types of Data Collected

Personal Data

While using Our Service, We may ask You to provide Us with certain personally identifiable information that can be used to contact or identify You. Personally identifiable information may include, but is not limited to:

• Email address
• First name and last name
• Phone number
• Usage Data
• Location data (with Your consent)
• Device information and identifiers

Usage Data

Usage Data is collected automatically when using the Service.

Usage Data may include information such as Your Device's Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that You visit, the time and date of Your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

When You access the Service by or through a mobile device, We may collect certain information automatically, including, but not limited to, the type of mobile device You use, Your mobile device unique ID, the IP address of Your mobile device, Your mobile operating system, the type of mobile Internet browser You use, unique device identifiers and other diagnostic data.

Information Collected while Using the Application

While using Our Application, in order to provide features of Our Application, We may collect, with Your prior explicit consent:

• Information regarding your location
• Media from your Device's camera and photo library for video features
• Microphone access for voice features
• Contacts (if relevant to service functionality)

We use this information to provide features of Our Service, to improve and customize Our Service. You can withdraw Your consent at any time through Your Device settings or by contacting Us.

Cookies and Tracking Technologies

We use Cookies and similar tracking technologies in accordance with our Cookie Policy. We will only use non-essential cookies with Your explicit consent.

Types of Cookies We Use:

1. Strictly Necessary Cookies: Essential for the website to function properly
2. Performance Cookies: Help us understand how visitors interact with our website (with consent)
3. Functional Cookies: Remember Your preferences and settings (with consent)
4. Marketing Cookies: Used to deliver relevant advertisements (with consent)

You can manage Your cookie preferences through our cookie banner or by contacting us.

How We Use Your Personal Data

We process Your Personal Data for the following purposes, based on the legal grounds indicated:

1. Service Provision (Legal basis: Contract/Consent)
• To provide and maintain our Service
• To manage Your Account and registration
• To enable Service functionalities
2. Communication (Legal basis: Contract/Consent/Legitimate Interest)
• To contact You regarding service updates
• To respond to Your inquiries
• To send important notices
3. Service Improvement (Legal basis: Legitimate Interest/Consent)
• To monitor and analyze usage
• To improve our Service
• To develop new features
4. Legal Compliance (Legal basis: Legal Obligation)
• To comply with applicable laws
• To respond to legal requests
• To protect our rights and interests
5. Marketing (Legal basis: Consent)
• To send promotional materials (only with Your consent)
• To provide personalized offers
• To conduct market research

Data Sharing and Disclosure

We may share Your Personal Data in the following circumstances:

With Service Providers (Processors)

We may share Your data with trusted third-party processors who assist us in operating our Service. All processors are bound by data processing agreements and must comply with GDPR requirements.

For Legal Compliance

We may disclose Your data when required by law, court order, or governmental request, or to protect our legal rights.

Business Transfers

In the event of a merger, acquisition, or sale of assets, Your Personal Data may be transferred. We will provide notice and ensure the receiving party complies with this Privacy Policy.

With Your Consent

We may share Your data for other purposes with Your explicit consent.

International Data Transfers

If we transfer Your Personal Data outside the UK or EEA, we ensure adequate protection through:

• Adequacy decisions by the UK government
• Standard Contractual Clauses
• Other appropriate safeguards as required by Data Protection Laws

Data Retention

The Company will retain Your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use Your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.

The Company will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of Our Service, or We are legally obligated to retain this data for longer time periods

Your Rights Under GDPR

As a Data Subject, You have the following rights:

1. Right of Access: Request copies of Your Personal Data
2. Right to Rectification: Request correction of inaccurate data
3. Right to Erasure: Request deletion of Your Personal Data
4. Right to Restrict Processing: Request limitation of data processing
5. Right to Data Portability: Request transfer of Your data
6. Right to Object: Object to processing based on legitimate interests
7. Right to Withdraw Consent: Withdraw consent at any time
8. Right to Lodge a Complaint: Lodge a complaint with the relevant supervisory authority if You believe Your data protection rights have been violated

To exercise any of these rights, please contact us using the information provided below. We will respond within one month of receiving Your request.

Data Security

We implement appropriate technical and organisational measures to ensure data security, including:

• Encryption of data in transit and at rest
• Regular security assessments
• Access controls and authentication
• Staff training on data protection
• Incident response procedures

While we strive to protect Your Personal Data, no method of transmission or storage is 100% secure. We cannot guarantee absolute security but commit to notifying You of any data breaches as required by law.

Children's Privacy

Our Service is not intended for children under 16 years of age. We do not knowingly collect Personal Data from children under 16. If You are a parent or guardian and believe Your child has provided us with Personal Data, please contact us immediately.

Automated Decision-Making and Profiling

We may use automated decision-making processes, including profiling, to:

• Personalize Your experience
• Prevent fraud
• Improve our services

You have the right to request human intervention in automated decisions that significantly affect You.

Data Protection Officer

If You have questions about data protection or wish to exercise Your rights, You may contact our Data Protection Officer at:

• Email: support@vidrana.com

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify You of any material changes by:

• Posting the new Privacy Policy on our Service
• Sending You an email notification
• Providing prominent notice on our Service

Changes become effective when posted. We encourage You to review this Privacy Policy periodically.

Contact Us

If you have any questions about this Privacy Policy or wish to exercise Your rights, please contact us:

• Email: support@vidrana.com

For data protection inquiries specifically, please use the subject line "Data Protection Inquiry" in Your email.

Effective Date: This Privacy Policy is effective as of the date last updated above.