Referrals & Support
Privacy Policy
How Vyredo Ltd collects, uses, stores, and protects personal data when you use the Service. Contact: support@vyredo.co.
Last Updated: 4 April 2026 Effective Date: 4 April 2026 Company: Vyredo Ltd ("Vyredo", "we", "us", "our") Contact: support@vyredo.co
1. Introduction
1.1. This Privacy Policy explains how Vyredo Ltd collects, uses, stores, shares, and protects your personal information when you access or use the Vyredo platform, website, and all related services (collectively, the "Service").
1.2. We are committed to protecting your privacy and processing your personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and, where applicable, the EU General Data Protection Regulation (EU GDPR).
1.3. By accessing or using the Service, you acknowledge that you have read and understood this Privacy Policy. This Policy should be read alongside our Terms and Conditions.
1.4. For the purposes of data protection law, Vyredo Ltd is the data controller for personal data we collect about you in connection with your use of the Service.
2. Information We Collect
2.1. Information You Provide to Us
- Account information: name, email address, and password when you register for an account.
- Authentication data: if you sign up or log in via a third-party provider (e.g., Google), we receive the information you authorise that provider to share (typically name and email address).
- Payment information: billing details and payment method information processed through our third-party payment processor. We do not store full payment card numbers on our servers.
- Content: any files, images, text, metadata, or other materials you upload to the Service.
- Brand and profile information: business name, logo, and other branding assets you choose to provide.
- Communications: any messages, enquiries, or feedback you send to us via email or the Service.
2.2. Information We Collect Automatically
- Usage data: pages visited, features used, actions taken within the Service, frequency and duration of use.
- Device and technical data: IP address, browser type and version, operating system, device type, screen resolution, and language preferences.
- Log data: server logs including access times, referring URLs, and error information.
- Analytics data: aggregated and individual usage patterns collected through our analytics tools.
- Cookies and similar technologies: as described in Section 8 below.
2.3. Information from Third Parties
- Authentication providers: identity information from third-party sign-in services you choose to use.
- Payment processor: transaction confirmation, billing status, and fraud-prevention signals from our payment processor.
3. How We Use Your Information
3.1. We process your personal data for the following purposes and on the following legal bases under the UK GDPR:
| Purpose | Legal Basis (Article 6 UK GDPR) |
|---|---|
| Providing, operating, and maintaining the Service | Performance of contract (Art. 6(1)(b)) |
| Processing payments and managing your Subscription | Performance of contract (Art. 6(1)(b)) |
| Creating and managing your account | Performance of contract (Art. 6(1)(b)) |
| Communicating with you about your account, support requests, and service updates | Performance of contract (Art. 6(1)(b)) |
| Sending service-related notifications (e.g., billing, security alerts, Terms updates) | Performance of contract / Legitimate interest (Art. 6(1)(b)/(f)) |
| Improving, developing, and optimising the Service | Legitimate interest (Art. 6(1)(f)) |
| Monitoring usage patterns and analysing trends | Legitimate interest (Art. 6(1)(f)) |
| Detecting, preventing, and addressing fraud, abuse, and security issues | Legitimate interest (Art. 6(1)(f)) |
| Complying with legal obligations (e.g., tax, regulatory reporting) | Legal obligation (Art. 6(1)(c)) |
| Enforcing our Terms and Conditions and protecting our rights | Legitimate interest (Art. 6(1)(f)) |
| Sending marketing communications (only with your consent) | Consent (Art. 6(1)(a)) |
3.2. Where we rely on legitimate interest as a legal basis, we have carried out a balancing assessment to ensure that our interests do not override your fundamental rights and freedoms. You may request details of these assessments by contacting us at support@vyredo.co.
4. How We Share Your Information
4.1. We do not sell your personal data. We will never sell, rent, or trade your personal information to third parties for their marketing purposes.
4.2. We may share your personal data with the following categories of recipients, only to the extent necessary for the purposes described in this Policy:
4.2.1. Service Providers
We engage trusted third-party companies to perform services on our behalf, including hosting, data storage, payment processing, analytics, and customer support. These providers process your data solely on our instructions and are bound by contractual obligations to protect your data and use it only for the purposes for which it was disclosed.
4.2.2. Legal and Regulatory Disclosures
We may disclose your information where required or permitted by law, including:
- (a) To comply with a legal obligation, court order, or regulatory request;
- (b) To protect and defend our rights, property, or safety, or that of our users or the public;
- (c) To detect, prevent, or address fraud, security issues, or technical problems;
- (d) To enforce our Terms and Conditions.
4.2.3. Business Transfers
In the event of a merger, acquisition, reorganisation, sale of assets, or insolvency, your personal data may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on the Service of any change in ownership or uses of your personal data.
4.2.4. With Your Consent
We may share your information with other parties where you have given us explicit consent to do so.
5. International Data Transfers
5.1. Your personal data may be transferred to, stored, and processed in countries outside the United Kingdom and the European Economic Area (EEA) where our third-party service providers operate.
5.2. Where we transfer personal data outside the UK or EEA, we ensure appropriate safeguards are in place, including:
- (a) Transfers to countries that the UK Secretary of State or the European Commission has deemed to provide an adequate level of data protection;
- (b) Standard Contractual Clauses (SCCs) approved by the UK Information Commissioner's Office (ICO) or the European Commission;
- (c) Other legally recognised transfer mechanisms under the UK GDPR or EU GDPR.
5.3. You may request further information about the safeguards we use for international transfers by contacting us at support@vyredo.co.
6. Data Retention
6.1. We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by law.
6.2. General retention periods:
| Data Category | Retention Period |
|---|---|
| Account information | Duration of account plus 30 days after deletion |
| Content you upload | As described in our Terms and Conditions (Section 12) |
| Payment and transaction records | Up to 7 years after the transaction (for tax and legal compliance) |
| Usage and analytics data | Up to 26 months from the date of collection |
| Communications and support records | Up to 3 years after the most recent communication |
| Server and access logs | Up to 12 months |
6.3. When personal data is no longer required, we will securely delete or anonymise it. Anonymised data (from which you cannot be identified) may be retained indefinitely for analytical and statistical purposes.
7. Your Rights
7.1. Under the UK GDPR and the Data Protection Act 2018, you have the following rights in relation to your personal data:
7.1.1. Right of Access (Article 15)
You have the right to request a copy of the personal data we hold about you and information about how it is processed.
7.1.2. Right to Rectification (Article 16)
You have the right to request that we correct any inaccurate or incomplete personal data we hold about you. You may also update certain information directly through your account settings.
7.1.3. Right to Erasure (Article 17)
You have the right to request the deletion of your personal data in certain circumstances, such as when the data is no longer necessary for its original purpose or you withdraw consent. This right is not absolute and is subject to legal exceptions (e.g., where we are required to retain data for legal compliance).
7.1.4. Right to Restriction of Processing (Article 18)
You have the right to request that we restrict the processing of your personal data in certain circumstances, such as while we verify the accuracy of your data following a dispute.
7.1.5. Right to Data Portability (Article 20)
You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit it to another controller, where technically feasible.
7.1.6. Right to Object (Article 21)
You have the right to object to the processing of your personal data where we rely on legitimate interest as the legal basis. We will cease processing unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms.
7.1.7. Rights Related to Automated Decision-Making (Article 22)
You have the right not to be subject to a decision based solely on automated processing (including profiling) that produces legal or similarly significant effects concerning you. We do not currently engage in automated decision-making of this nature.
7.1.8. Right to Withdraw Consent
Where we process your data on the basis of consent, you may withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing carried out before the withdrawal.
7.2. How to exercise your rights: Contact us at support@vyredo.co. We will respond within one (1) calendar month of receiving your request, as required by law. In complex cases or where we receive a high volume of requests, we may extend this period by a further two (2) months, in which case we will inform you of the extension and the reasons for it.
7.3. Identity verification: We may ask you to verify your identity before processing your request, to protect your data from unauthorised access.
7.4. No fee (usually): You will not normally be charged for exercising your rights. However, we may charge a reasonable fee or refuse to act on a request if it is manifestly unfounded or excessive.
7.5. Right to lodge a complaint: If you are dissatisfied with how we handle your personal data, you have the right to lodge a complaint with the UK Information Commissioner's Office (ICO):
- Website: ico.org.uk
- Helpline: 0303 123 1113
- Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
If you are located in the EEA, you may also contact your local supervisory authority.
8. Cookies and Similar Technologies
8.1. What Are Cookies
Cookies are small text files stored on your device when you visit a website. They help the website recognise your device and remember information about your visit.
8.2. How We Use Cookies
We use cookies and similar technologies for the following purposes:
| Cookie Type | Purpose | Legal Basis |
|---|---|---|
| Strictly necessary | Essential for the Service to function (e.g., authentication, security, session management) | Exempt from consent (necessary for service delivery) |
| Performance / Analytics | Help us understand how users interact with the Service, identify errors, and improve performance | Consent or Legitimate interest |
| Functional | Remember your preferences and settings (e.g., language, display preferences) | Consent or Legitimate interest |
8.3. Third-Party Cookies
Our analytics and service providers may set cookies on your device when you use the Service. These third parties process data in accordance with their own privacy policies.
8.4. Managing Cookies
You can control and manage cookies through your browser settings. Most browsers allow you to refuse or delete cookies. Please note that disabling certain cookies may affect the functionality of the Service.
For more information about managing cookies, visit aboutcookies.org or allaboutcookies.org.
8.5. Do Not Track
Some browsers send a "Do Not Track" (DNT) signal. There is currently no industry standard for how websites should respond to DNT signals. We do not currently alter our data practices in response to DNT signals.
9. Data Security
9.1. We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include, but are not limited to:
- (a) Encryption of data in transit (TLS/SSL);
- (b) Access controls restricting data access to authorised personnel on a need-to-know basis;
- (c) Regular review of data collection, storage, and processing practices;
- (d) Security measures on our infrastructure and that of our service providers.
9.2. While we take reasonable precautions, no method of electronic transmission or storage is completely secure. We cannot guarantee absolute security of your data.
9.3. You are responsible for maintaining the confidentiality of your account credentials and for any activity that occurs under your account.
10. Children's Privacy
10.1. The Service is not directed at, and is not intended for use by, anyone under the age of eighteen (18). We do not knowingly collect personal data from children under 18.
10.2. If we become aware that we have collected personal data from a child under 18, we will take reasonable steps to delete that data as soon as practicable.
10.3. If you believe we have inadvertently collected data from a child, please contact us immediately at support@vyredo.co.
11. Content Containing Third-Party Personal Data
11.1. Where you upload Content to the Service that contains personal data of third parties (e.g., identifiable individuals in media files), you act as the data controller for that personal data. You are solely responsible for:
- (a) Ensuring you have a lawful basis for processing such data;
- (b) Obtaining all necessary consents from the individuals concerned;
- (c) Complying with all applicable data protection laws in respect of such data.
11.2. We act as a data processor on your behalf in respect of personal data contained within your Content. We process such data only as necessary to provide the Service and in accordance with your instructions.
11.3. Business customers who require a formal data processing agreement under Article 28 of the UK GDPR should contact us at support@vyredo.co. See also Section 11A of our Terms and Conditions.
12. Third-Party Links and Services
12.1. The Service may contain links to third-party websites or integrate with third-party services. This Privacy Policy does not apply to those third parties.
12.2. We are not responsible for the privacy practices or content of any third-party website or service. We encourage you to read the privacy policies of any third-party services you access.
13. Changes to This Privacy Policy
13.1. We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.
13.2. Material changes will be communicated to you via email and/or a prominent notice on the Service at least thirty (30) days before they take effect.
13.3. Your continued use of the Service after the effective date of any updated Policy constitutes your acknowledgement of the changes. If you do not agree with the updated Policy, you should stop using the Service and contact us about deleting your account.
13.4. We encourage you to review this Policy periodically.
14. Contact Us
For any questions, concerns, or requests relating to this Privacy Policy or how we handle your personal data, please contact us at:
Vyredo Ltd Email: support@vyredo.co
Data Protection enquiries: Data Protection Officer / Contact: support@vyredo.co
UK Information Commissioner's Office (ICO): Website: ico.org.uk Helpline: 0303 123 1113
This Privacy Policy was last reviewed on 4 April 2026. This document does not constitute legal advice. You are advised to seek independent legal counsel to ensure compliance with all applicable laws in your jurisdiction.