Privacy Policy

When you use Vendium, we collect the following information:

• Account Information: Email, password, vendor name, subdomain
• Store Information: Store name, description, logo, banner, colors, template preferences
• Contact Information: WhatsApp number (optional), support contact details
• Product Data: All products, descriptions, images, prices, inventory
• Customer Data: Orders, customer emails, delivery addresses (managed by you)
• Payment Information: Processed by Paystack (we do not store card details)
• Analytics: IP addresses, browser type, pages visited, device information
• Communication: Support tickets, emails, WhatsApp messages

We use collected data for:

• Account authentication and security
• Store customization and display
• Payment processing and settlement via Paystack
• WhatsApp notifications for orders and updates
• Platform analytics and improvement
• Customer support and dispute resolution
• Compliance with legal and regulatory requirements

Your data is stored on secure cloud infrastructure. We implement:

• Encryption for data in transit and at rest
• Secure password encryption
• Secure session authentication
• Regular security updates and patches
• Access controls and role-based permissions (Owner/Staff)
• Performance optimization measures

However, no security system is 100% secure. We are not liable for data breaches caused by factors beyond our reasonable control.

We use third-party services for:

• Payment processing through Paystack
• Image hosting and optimization
• Email notifications for orders and updates
• Analytics and platform improvement
• Notifications and alerts (when applicable)

These services have their own privacy policies. We recommend reviewing them.

As a vendor, you are responsible for:

• Protecting customer data collected through your store
• Complying with data protection laws (GDPR, CCPA, etc.) in your jurisdiction
• Providing clear privacy disclosures to your customers
• Obtaining consent before collecting customer data
• Not sharing customer data with third parties without consent

We retain your data as long as your account is active. Upon account deletion, we:

• Provide option to export your product and order data
• Delete personal information within 30 days (where legally permitted)
• Retain anonymized audit logs for compliance purposes
• May retain data if required by law

See our Cookies Policy for details on how we use cookies and tracking technologies.

Depending on your location, you may have the right to:

• Access your personal data
• Correct inaccurate information
• Delete your account and data
• Export your data in a portable format
• Opt-out of certain data uses
• Lodge complaints with data protection authorities

To exercise these rights, contact us via the support page.

We may update this policy periodically. We will notify you of material changes via email.