Vennue

Privacy Policy

Last Updated: October 2025

Vennue ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our property intelligence platform and analytics services, and when visitors interact with properties using our technology.

1. Information We Collect

Personal Information from Account Holders

When you create an account or subscribe to our Services, we collect:

  • Name, email address, phone number, and business information
  • Company details, property information, and billing data
  • Account credentials and authentication information
  • Communication preferences and support inquiries

Property and Visitor Data

Our Services collect data about visitor interactions with properties:

  • QR code scans, NFC taps, and digital touchpoint activations
  • Property navigation patterns, time spent in zones, and feature interactions
  • Device information (type, browser, operating system, IP address)
  • Geolocation data (with consent) for location-based features
  • Demographic information and preferences when voluntarily provided

Analytics and Usage Data

We automatically collect technical and usage information:

  • Session duration, page views, and feature usage statistics
  • Error logs, performance metrics, and diagnostic data
  • Referral sources and campaign attribution data
  • Heatmaps, scroll depth, and interaction patterns

2. How We Use Your Information

We use collected information for:

  • Providing and improving our Services and analytics capabilities
  • Generating property intelligence reports and visitor behavior insights
  • Personalizing visitor experiences and property engagement
  • Processing payments and managing accounts
  • Communicating updates, support, and service-related information
  • Ensuring security, preventing fraud, and enforcing our Terms
  • Creating aggregated, anonymized industry benchmarks and insights

3. Legal Basis for Processing (GDPR)

For users in the European Economic Area, our legal bases for processing include:

  • Contractual necessity: Processing required to deliver our Services
  • Consent: Explicit consent for optional features like location services
  • Legitimate interests: Analytics, security, and service improvement
  • Legal obligations: Compliance with tax, accounting, and regulatory requirements

4. Data Sharing and Disclosure

We may share information with:

  • Service providers: Cloud hosting, analytics, payment processing, and email services
  • Property owners and managers: Client access to data collected from their properties
  • Business transfers: In connection with mergers, acquisitions, or asset sales
  • Legal requirements: To comply with laws, regulations, or legal processes
  • Protection: To enforce our rights or protect safety and security

5. Data Retention

We retain personal information for as long as necessary to provide Services, comply with legal obligations, resolve disputes, and enforce agreements. Account data is retained during active subscriptions and for up to 90 days after termination unless longer retention is required by law. Analytics data may be retained in aggregated, anonymized form indefinitely.

6. Data Security

We implement industry-standard security measures to protect your information:

  • Encryption in transit (TLS/SSL) and at rest for sensitive data
  • Access controls, authentication, and role-based permissions
  • Regular security assessments, monitoring, and incident response procedures
  • Secure development practices and third-party security audits

7. Your Privacy Rights

GDPR Rights (EEA Users)

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate or incomplete information
  • Erasure: Request deletion of your data ("right to be forgotten")
  • Restriction: Limit how we process your information
  • Portability: Receive your data in a structured, machine-readable format
  • Objection: Object to processing based on legitimate interests

CCPA Rights (California Users)

  • Know: What personal information we collect and how it's used
  • Access: Request access to your personal information
  • Delete: Request deletion of your personal information
  • Opt-out: Opt out of the "sale" or "sharing" of personal information

To exercise your rights, contact us at privacy@vennue.io. We will respond within 30 days (or as required by applicable law). We do not discriminate against users who exercise their privacy rights.

8. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We use standard contractual clauses, adequacy decisions, or other approved mechanisms to ensure appropriate safeguards for cross-border data transfers in compliance with GDPR and other applicable regulations.

9. Cookies and Tracking Technologies

We use cookies, web beacons, and similar technologies for analytics, authentication, and functionality. For detailed information, please see our Cookie Policy.

10. Third-Party Links and Services

Our Services may contain links to third-party websites or integrate with external services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies.

11. Children's Privacy

Our Services are not directed to children under 16. We do not knowingly collect personal information from children. If we discover we have collected information from a child, we will delete it promptly.

12. Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. We will notify you of material changes via email or prominent notice on our Services. The "Last Updated" date indicates when changes were made.

Contact Us

For privacy-related inquiries or to exercise your data rights, please contact:

Email: privacy@vennue.io
Data Protection Officer: dpo@vennue.io