Privacy Policy

last update 29/04/2026

Introduction

This Privacy Policy explains how VODO (“the Platform”, “we”, or “us”) collects, uses, processes, and shares your data when you use our services, including the VODO ERP system and any related services, applications, or integrations (collectively referred to as the “Service”).

VODO services are operated through a distributed operating model that includes:

The technical platform (VODO), which provides the system infrastructure
Authorized agents or partners who provide operational and support services within their respective geographic or operational scopes
Billing entities responsible for issuing invoices and collecting payments, which may vary depending on the user’s location or the service provider

This Policy applies to all users who access or use the Service, including:

System users
Participants in the VODO initiative based on the performance-driven operational enablement model
Parties involved within supply chains and integrations inside the system

By using or registering for the Service, you acknowledge and agree to the collection and use of your data as described in this Policy, in conjunction with:

The general Terms and Conditions of the Service
The terms of participation in the VODO initiative (if applicable)

Certain services may be provided or delivered through authorized agents or partners, and invoicing and payment collection may be handled by different billing entities depending on the country or service scope, without affecting the management and processing of data within the framework of this Policy.

Responsibility for data processing within the Service depends on the entity that actually provides the Service to the user, based on the adopted operating model, which may include VODO, authorized agents or partners, or billing entities.

Accordingly, the entity responsible for data processing may vary depending on the scope of the Service, the country, or the service provider, and the user acknowledges this upon using or registering for the Service.

2) Definitions

For the purposes of this Privacy Policy, the following terms shall have the meanings assigned to them below, unless the context requires otherwise:

2.1 Platform
Refers to the VODO system and any related services, applications, or integrations that provide the technical infrastructure for managing operations and data.

2.2 User
Any individual or legal entity that accesses or uses the Service, whether directly or on behalf of a legal entity.

2.3 Participant
A User who utilizes the Service within the VODO initiative based on the performance-driven operational enablement model, and is subject to the initiative’s participation terms.

2.4 Authorized Agents or Partners
Independent operational entities or authorized partners that provide support, implementation, or operational services to users within defined geographic or operational scopes.

2.5 Billing Entity
The entity responsible for issuing invoices and collecting payments for the use of the Service, which may be the owning company, an authorized agent, or a partner, depending on the user’s location or the scope of service delivery.

2.6 Personal Data
Any information relating to an identified or identifiable natural person, whether directly or indirectly.

2.7 Operational Data
Data generated through the use of the system in managing operations, including but not limited to invoices, transactions, activity logs, and customer and supplier data.

2.8 Performance Data
Data related to the use of the Service that is used to measure activity levels, transaction volumes, and indicators associated with the operational enablement model.

2.9 Supply Chains
Interactions and processes that take place between users within the system, including suppliers, customers, and parties involved in operational activities.

2.10 Integrations
Any technical connection between the Service and external systems or platforms through various integration methods.

2.11 Service Providers
Any third party that provides technical, operational, or analytical services on behalf of VODO or in integration with it.

2.12 Permissions
Settings or approvals defined by the user within the system to control data sharing, integrations, or access to information.

2.13 Service
Refers to all VODO services, including the system, applications, tools, and related integrations.

3) Data Ownership and Use

All data entered, created, or processed by the user through the Service shall remain the property of the user or the entity they represent. VODO does not acquire any ownership rights over such data.

However, the user grants VODO the right to access, use, and process such data to the extent necessary to operate, provide, and improve the Service, including:

Operating the system and executing related processes
Managing accounts and providing technical support
Analyzing operational data to improve performance and develop the Service
Measuring usage indicators associated with the operational enablement model

VODO may use data in aggregated or anonymized form for analysis, statistical purposes, and service improvement, provided that no personal or sensitive information is disclosed.

Data is processed within the scope of the Service and in accordance with the permissions defined by the user within the system, including data sharing settings and integrations.

VODO shall not use or share user data outside the scope of operation or the purposes defined in this Policy, unless the user’s consent is obtained or such use is required by applicable laws.

The nature of data processing may vary depending on how the Service is used. VODO or the entities involved in delivering the Service may act as a data controller where they determine the purposes and means of processing, or as a data processor on behalf of the user where the user inputs or manages data for their own purposes, within the scope of operating the Service. The user acknowledges this upon using the system.

4) Types of Data Collected

VODO collects and processes various types of data depending on the nature of the Service usage, including but not limited to the following:

4.1 Data Provided by the User
Includes data entered directly by the user when creating an account or using the Service, such as:

Name and contact information
Account data
Company or entity information
Any other data voluntarily provided by the user

4.2 Operational Data
Includes data generated through the use of the system in managing daily operations, such as:

Invoices and transactions
Customer and supplier data
Activity logs and system records
Data related to supply chains

4.3 Performance Data
Includes data used to measure the level of Service usage, such as:

Volume of processed transactions
Activity and usage indicators
Data related to the operational enablement model

4.4 Automatically Collected Data
Certain technical data may be collected automatically when using the Service, such as:

IP address
Device and browser type
Operating system
Dates and times of usage
Pages or features accessed within the system

4.5 Integration Data
When the user connects the Service with external systems or platforms, data may be collected or exchanged within the scope of such integrations, based on the settings defined by the user.

4.6 Financial Data
Includes data related to financial transactions resulting from the use of the Service, such as invoices, payments, payment methods, balances, and credit limits associated with the account.

4.7 Communication and Support Data
Includes data resulting from interactions between the user and VODO or its agents, such as support messages, chats, calls, and interaction records related to service delivery.

4.8 Usage Behavior Data
Includes data related to how the user interacts with the Service, such as system activities, usage preferences, and feature interactions, for the purpose of improving user experience and developing the Service.

4.9 Marketing and Platform Integration Data
May include data related to platforms connected by the user, such as social media or marketing tools, within the scope of integrations defined by the user, and may be used to enhance marketing efforts or provide services related to the user’s business activities.

4.10 Third-Party Related Data
Users may input or manage data related to third parties within the Service, such as customers, suppliers, or contacts, including names, phone numbers, and other contact details, as part of using the system to manage operations.

The user bears full responsibility for any third-party data entered, managed, or processed through the system, including customer or supplier data, and acknowledges having the necessary legal rights to use and share such data within the scope of the Service. VODO shall not be held responsible for such data or for how it is used by the user.

5) Data Collection Methods

VODO collects data from multiple sources depending on the nature of Service usage, as follows:

5.1 Data Provided Directly by the User
Data is collected when the user creates an account, enters information into the system, or uses any Service functions.

5.2 Data Generated Through Service Usage
Operational data is collected automatically as a result of using the system and managing activities within it.

5.3 Automatically Collected Data
Certain technical data is collected automatically, such as device information, IP address, and usage data.

5.4 Data from Integrations
Data may be collected when the user connects the Service to external systems or platforms, within the scope of the selected integration.

5.5 Data from Third Parties
Data may be obtained from third parties such as partners or service providers when delivering integrated or related services.

6) Use of Data

VODO uses collected and processed data strictly for purposes related to operating, delivering, improving, and securing the Service, as follows:

6.1 Service Operation and Management
To operate the system, execute processes, manage user accounts, and enable the full functionality of the Service.

6.2 Support and Communication
To communicate with users, provide technical support, respond to inquiries, and resolve issues related to the Service.

6.3 Improvement and Development
To analyze system usage, identify performance trends, enhance functionality, and improve overall user experience.

6.4 Performance Analysis
To measure activity levels, transaction volumes, and operational indicators associated with the use of the Service.

6.5 Supply Chain Operations
To enable interactions and transactions between users, including customers, suppliers, and other operational parties within the system.

6.6 Integrations
To facilitate data exchange and synchronization with external systems or platforms selected and activated by the user.

6.7 Marketing Purposes
To provide relevant offers, services, or content related to the user’s activities within the Service, within the scope of service-related communications and subject to available user controls where applicable.

6.8 Legal and Regulatory Compliance
To comply with applicable laws, regulations, legal processes, and to protect the rights, security, and integrity of VODO, users, and related parties.

6.9 Security and Fraud Prevention
To monitor usage, detect suspicious or unauthorized activities, prevent misuse, and ensure the security and stability of the Service.

6.10 Legal Basis for Processing
Data processing is carried out based on one or more of the following legal grounds:

Contractual necessity
Legal obligations
Legitimate operational interests
User consent, where required

7) Data Sharing

VODO may share data only to the extent necessary for operating, delivering, and supporting the Service, and in accordance with the purposes outlined in this Policy, as follows:

7.1 Within the System
Data may be shared between users within the system as part of operational processes, in order to enable transactions and interactions between related parties, such as customers, suppliers, or other relevant entities, limited to the data necessary to complete such operations.

7.2 With Agents or Partners
Data may be shared with authorized agents or partners who provide support, implementation, or operational services to users, strictly within the scope required to deliver or manage the Service.

7.3 With Billing Entities
Data may be shared with entities responsible for issuing invoices and collecting payments, in order to carry out financial operations related to the use of the Service.

7.4 With Service Providers
Data may be shared with third-party service providers that support technical, operational, or analytical functions, to the extent necessary to perform their roles, under appropriate data protection obligations.

7.5 Through Integrations
Where the user activates integrations with external systems or platforms, data may be transferred or shared with such entities based on the nature of the integration. The user is responsible for selecting these integrations and understanding their implications.

7.6 Aggregated and Anonymized Data
VODO may use or share data in aggregated or anonymized form that does not allow identification of the user, for purposes such as analytics, statistics, and service improvement.

7.7 Service-Related Marketing
Data may be used or shared within the scope of providing service-related communications, offers, or content relevant to the user’s activities, subject to applicable controls where available.

7.8 Legal and Regulatory Requirements
Data may be disclosed where required by applicable laws or regulations, in response to lawful requests from authorities, or to protect the rights, security, or integrity of VODO, users, or other parties.

7.9 Operational Model Transfers
Due to the distributed operating model, data may be shared between entities involved in delivering the Service, including agents, partners, and service providers, to ensure operational continuity and system integration.

7.10 Sharing Limits
VODO limits data sharing strictly to what is necessary for the purposes described above and does not share data beyond this scope except as required by law or permitted under this Policy.

8) Permissions and Data Control

VODO provides users with a set of mechanisms that enable them to control certain aspects of data usage and sharing within the system, in a manner consistent with the nature of the Service and its operational scope.

8.1 Scope of Control
User control is limited to aspects that can be configured through system settings, such as managing integrations, defining certain access permissions, or setting communication preferences, without compromising the requirements of service operation or legal obligations.

8.2 Permission Settings within the System
Users may modify, enable, or disable certain permissions related to data sharing, integration with external systems, or granting access to other parties within the system, through the tools available in the user interface.

8.3 Control over Integrations
Users have the right to enable or disable integrations with external systems or platforms. This will result in the start or termination of data exchange with such entities, depending on the nature of the integration.

8.4 Communication Controls
Users may control certain types of communication related to the Service, such as notifications or non-operational messages, through the available settings.

8.5 Limits of Control
User control does not extend to data or processes that are necessary for operating the Service, executing core system functions, or complying with legal or regulatory obligations.

8.6 Regulatory and System Constraints
Certain functions and data within the system are subject to restrictions that cannot be modified or overridden by the user due to legal, regulatory, or technical considerations, including but not limited to restrictions related to invoices, financial records, or any data requiring integrity or compliance with applicable regulations.

8.7 VODO’s Right to Restrict or Suspend
VODO reserves the right to restrict or disable certain permissions, functions, or access to data where it deems necessary to ensure compliance with applicable laws, protect system integrity, safeguard data and users, or prevent misuse.

8.8 User Responsibility for Permissions
The user is responsible for any settings or permissions they enable or grant within the system, including granting access to third parties or activating external integrations.

8.9 Logging of Permissions and Changes
VODO may log permissions that are enabled or modified within the system, including the date and time of such changes, for operational, security, and monitoring purposes.

9) Data Minimization Principle

VODO is committed to collecting and processing data only to the extent necessary to achieve the purposes related to operating and delivering the Service, in accordance with the following principles:

9.1 Data Minimization
Only data that is necessary for operating the system and executing related processes is collected, without collecting unnecessary or unrelated data.

9.2 Purpose Limitation
Data is used solely for the purposes specified in this Policy and is not processed beyond what is required to deliver, improve the Service, or comply with applicable laws.

9.3 Limited Sharing
Data is shared only to the minimum extent necessary to complete operations or provide services, in proportion to the nature of use.

9.4 Storage Limitation
Data is retained only for the period necessary to fulfill the purposes for which it was collected or to comply with legal or regulatory obligations.

9.5 Protection of Sensitive Data
Data that may be considered sensitive or of a special nature is handled under additional safeguards aimed at restricting access and protecting it from unauthorized use.

10) Data Transfer

Data may be transferred, processed, or stored inside or outside the country where the user resides, as part of operating and delivering the Service, and in accordance with the technical infrastructure and operational model adopted by VODO.

10.1 Scope of Transfer
Data transfer may include movement between servers, systems, or operational entities, including agents, partners, or service providers, in order to ensure service continuity and integration.

10.2 Cross-Border Transfer
Data may be transferred to other countries that may have different levels of data protection, particularly when using external services, technical infrastructures, or integrations, or when the Service is operated through multiple entities.

10.3 Safeguards
VODO is committed to implementing appropriate measures to protect data during transfer or processing, including technical and organizational safeguards designed to prevent unauthorized access or unlawful use.

10.4 Transfer within Integrations
When the user activates integrations with external systems or platforms, data may be transferred to those entities based on the nature of the integration. The user is responsible for selecting such entities and understanding their privacy policies.

10.5 Transfer within the Operational Model
Due to VODO’s distributed operating model involving multiple operational entities, data may be transferred between these entities as part of delivering the Service, ensuring system integration and operational continuity.

11) Data Retention

VODO retains and manages data in accordance with the purposes for which it was collected, the operational requirements of the Service, and applicable legal and regulatory obligations, while ensuring that retention is limited to what is necessary and proportionate to such purposes.

11.1 Retention Period
Data is retained as long as the user’s account remains active, or as long as the data is required to provide, operate, improve the Service, or to fulfill related obligations.

11.2 Retention for Legal or Regulatory Purposes
Certain data may be retained for longer periods where required to comply with applicable laws or regulations, resolve disputes, enforce agreements, or protect the rights of VODO, users, or related parties.

11.3 Operational and Financial Data
Data related to transactions or operational and financial records is retained for the period required by the nature of such data, including documentation, auditing, compliance, or financial obligation tracking requirements.

11.4 Retention After Service Termination
Upon termination of the Service, account closure, or suspension of access for any reason, VODO may retain data for a limited period for archiving, compliance, protection of rights, or to provide a reasonable transition period, before deletion or destruction in accordance with applicable procedures.

11.5 Account Suspension and Inactivity
In the event of service inactivity, account suspension, or lack of user response to notifications or follow-up requests, VODO may archive, restrict access to, or delete data after a reasonable period of time, taking into account the nature of the Service, operational requirements, and storage costs, while complying with any legal or regulatory obligations requiring longer retention.

11.6 Disputes and Claims
Where an account or data is subject to a dispute, claim, legal proceeding, or outstanding financial obligation, VODO may retain the relevant data until the dispute is resolved or until retention is no longer required by legal or contractual obligations.

11.7 Data Deletion or Destruction
VODO commits to deleting or destroying data once it is no longer needed, unless retention is required by applicable laws, regulations, or legitimate purposes related to Service operation or protection of rights.

12) User Rights

VODO aims to enable users to exercise their rights related to data, in accordance with the nature of the Service and applicable laws, as follows:

12.1 Right of Access
Users may access their data through the system or through means provided by VODO, within the limits permitted by the nature of the Service.

12.2 Right to Rectification
Users may modify or update their data within the system to ensure its accuracy and completeness, subject to restrictions on certain data that cannot be modified due to operational or regulatory requirements.

12.3 Right to Data Portability
Users may request a copy of their data or transfer it to another entity, within the limits permitted by the system and available integrations.

12.4 Right to Erasure
Users may request deletion of their data, subject to the nature of the Service and provided that such deletion does not conflict with legal, regulatory, or contractual obligations requiring data retention.

12.5 Limitations of Rights
The exercise of these rights is subject to limitations related to service operation, data protection, and compliance with applicable laws, including cases where data must be retained for legal, financial, or operational purposes.

12.6 Handling of Requests
VODO reviews user requests related to data and takes appropriate action based on the nature of the request, operational requirements, and applicable laws.

12.7 Identity Verification
VODO may require proof of identity before processing any request related to data, in order to ensure data protection and prevent unauthorized access.

13) Data Security

VODO is committed to implementing appropriate measures to protect data against unauthorized access, unlawful use, loss, alteration, or disclosure, in a manner proportionate to the nature of the data and the scope of the Service.

13.1 Technical and Organizational Measures
VODO adopts a range of technical and organizational measures designed to safeguard data, including security systems, access management, access controls, and monitoring of activities within the system.

13.2 Access Control
Access to data is restricted to authorized individuals or entities only, whether within VODO or among agents or service providers, based on operational requirements and in a manner that minimizes unauthorized access.

13.3 Protection During Transfer and Storage
VODO implements appropriate measures to protect data during transmission and storage, including the use of technical safeguards to secure communications and prevent interception or unauthorized access.

13.4 Activity Monitoring
VODO may monitor activities within the system for security purposes, including detecting abnormal usage, attempted breaches, or misuse.

13.5 User Responsibility
The user is responsible for maintaining the confidentiality of their login credentials and must not share them with any unauthorized party. The user is also responsible for any activity carried out through their account as a result of negligence or misuse.

13.6 Limitations of Security
Despite implementing appropriate measures, VODO cannot guarantee absolute security of data against all risks, and the user acknowledges this upon using the Service.

14) Limitations and Liability

This Policy defines the scope of VODO’s liability in relation to the use of data and the Service, as follows:

14.1 Use Limitations
The Service is provided on an “as-is” basis and in accordance with its available features and capabilities. VODO shall not be liable for any use of the Service that is inconsistent with its intended purpose, outside its scope, or in violation of this Policy or the applicable terms.

14.2 No Guarantee of Results
VODO does not guarantee any specific results from the use of the Service, including operational, financial, or business outcomes, as such results depend on how the user utilizes the system and manages their operations.

14.3 Responsibility for Input Data
The user bears full responsibility for all data entered, managed, or processed within the system, including its accuracy, completeness, and lawful use, as well as any data relating to third parties.

14.4 User Use of Data
VODO shall not be responsible for how the user uses or shares data with third parties, whether within or outside the system, and such use shall be solely at the user’s responsibility.

14.5 Integrations and Third Parties
VODO shall not be responsible for any data transferred to or processed by external systems or platforms connected by the user, nor for the privacy policies or practices of such entities.

14.6 Availability and Continuity
VODO does not guarantee uninterrupted or error-free availability of the Service, and the Service may be subject to temporary interruptions due to technical, operational, or external factors beyond its control.

14.7 Limitation of Liability
In all cases, VODO’s liability for any direct damages arising from the use of the Service shall not exceed the maximum amount equivalent to the fees paid by the user for the Service during a specified period, as defined in the applicable terms or agreements.

14.8 Protection of the System and Data
VODO reserves the right to take any measures it deems necessary to protect the system, data, or users, including restricting or suspending access or modifying certain functionalities, in cases of suspected misuse, security risks, or violations of applicable laws

15) Integrations and Third Parties

VODO may enable the Service to connect with external systems, platforms, or services in order to extend system functionality or allow users to manage their operations in an integrated manner, as follows:

15.1 Scope of Integrations
Users may activate integrations with external systems or platforms through tools available within the system. This may include data exchange, synchronization, or usage within the scope of such integrations.

15.2 User Responsibility for Integrations
The user is responsible for selecting and activating any integration with external parties, as well as reviewing and understanding the terms of use and privacy policies of such entities.

15.3 Data Exchange with External Parties
Upon activating any integration, data may be transferred or shared with the external party based on the nature of the integration, within the technical and operational limits necessary to perform the required functions.

15.4 Limitation of VODO’s Liability
VODO shall not be responsible for how data is used or processed by external parties after it has been transferred to them, nor for any damages or losses resulting from their use of such data.

15.5 Agent or Partner Integrations
Some integrations may be implemented through authorized agents or partners, and will be subject to the scope of services provided by each entity, in alignment with the general framework of this Policy.

15.6 Restriction or Suspension of Integrations
VODO reserves the right to restrict or suspend any integration with an external party if risks are identified relating to security, privacy, regulatory compliance, or service stability.

16) Supply Chains Within the System

VODO supports the execution of operations between users within the system through an integrated environment that enables the management of operational relationships among different parties, as follows:

16.1 Nature of Supply Chains Within the System
Supply chains include interactions and processes that occur between users, such as relationships between customers, suppliers, or other relevant parties, within the framework of using the system to manage operations.

16.2 Data Sharing Within Operations
Data may be made available or shared among parties involved in a specific transaction or process, to the extent necessary to execute that process, such as displaying order details, invoices, or transaction status.

16.3 Scope of Sharing
Data sharing within supply chains is limited to the information necessary to complete operations and is not extended beyond what is required by the nature of use.

16.4 User Responsibility for Relationships
The user is responsible for managing their relationships with other parties within the system, including entering their data, interacting with them, and ensuring the lawful use of such data.

16.5 Limitation of VODO’s Liability
VODO shall not be responsible for any transactions or agreements between users within the system, nor for any use of data by any party after it has been shared within the scope of a process.

16.6 Access Control
Access to data within supply chains is managed according to roles and permissions defined within the system, ensuring that access is limited to authorized users.

17) Updates and Modifications

VODO reserves the right to modify or update this Policy from time to time in accordance with the evolution of the Service or operational or legal requirements, as follows:

17.1 Right to Modify
VODO may modify or update this Policy at any time, including adding, removing, or amending any of its provisions, in line with the nature of the Service or changes in regulations or operating models.

17.2 Notification of Changes
Users will be notified of any material changes to this Policy through available channels, such as email, in-system notifications, or by publishing the updated version on the website.

17.3 Effectiveness of Changes
Changes shall take effect from the date of publication or from the date specified in the updated version. Continued use of the Service after such date constitutes implicit acceptance of the changes.

17.4 Policy Review
Users are responsible for reviewing this Policy periodically to stay informed of any updates or modifications.

18) Contact

VODO provides official communication channels that enable users to make inquiries or submit requests related to data or this Policy, as follows:

18.1 Communication Channels
Users may contact VODO through approved channels, such as email or communication tools available via the website or within the system.

18.2 Data-Related Requests
Users may submit requests related to their data, including requests for access, modification, portability, or deletion, in accordance with this Policy.

18.3 Handling of Requests
VODO reviews submitted requests and takes appropriate action based on the nature of the request, operational requirements, and applicable laws.

18.4 Identity Verification
VODO may require proof of identity before processing any request related to data, in order to ensure data protection and prevent unauthorized access.

18.5 Official Notification Channels
Communication channels used by VODO, such as the user’s registered email address or in-system notifications, shall be considered official means for delivering notices or updates related to this Policy.