Introduction

Vendure GmbH ("Vendure", "we", "us") is committed to protecting your personal data and privacy. This Privacy Policy describes how we collect, use, and protect your personal information when you interact with our website and use our online forms.

Data Controller

Vendure GmbH Stiftgasse 15–17/1/3 1070 Vienna, Austria Email: contact@vendure.io

Types of Data Collected

We collect personal data when you submit information via forms on our website, including but not limited to:

• Name
• Email address
• Company name
• Content of your message/inquiry

Purpose and Legal Basis for Data Processing

We process your data to respond to inquiries, provide support, or handle business requests. The legal basis for processing your data is your explicit consent (Article 6(1)(a) GDPR) when submitting the form.

Data Sharing and Third Parties

Your personal data may be shared with third-party providers for the purposes described below:

• HubSpot: To manage customer relationships, inquiries, and marketing communications. HubSpot Privacy Policy: https://legal.hubspot.com/privacy-policy
• Resend: To send transactional emails or notifications related to your inquiry. Resend Privacy Policy: https://resend.com/privacy
• Google Workspace: For email communication, document management, and collaboration. Google Privacy Policy: https://policies.google.com/privacy

These service providers are contractually bound to protect your data according to GDPR standards.

Data Retention

We retain your personal data only as long as necessary to fulfill the purposes stated above or to comply with legal obligations.

Data Subject Rights

You have the right to:

• Access your data
• Request correction or deletion of your data
• Object to or restrict processing of your data
• Withdraw consent at any time
• Request data portability

Please contact us at contact@vendure.io to exercise any of these rights.

Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction.

Complaints and Supervisory Authority

You have the right to file a complaint with the supervisory authority if you believe your data protection rights have been violated:

Austrian Data Protection Authority (Datenschutzbehörde)
Barichgasse 40-42, 1030 Vienna, Austria
https://www.dsb.gv.at

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date.

Last updated: 30/05/2025