This Privacy Policy describes how Virtuas, Inc. (including its affiliates and service providers) may collect, use, share, and retain information in connection with our applications, services, websites, and related offerings (collectively, the “Services”).

1. Scope

  1. This Policy applies to information we process in the course of providing the Services to our customers and partners. It does not replace or limit any separate agreement we have with a customer (e.g., a contract, SOW, DPA, or NDA). Where there is a conflict, the executed agreement controls.
  2. We may update this Policy at any time. Changes are effective upon posting to the Services or another reasonable notice method.

2. Information We May Collect

  1. Account & business contact data: names, work emails, phone numbers, roles, employer information, billing details.
  2. Operational data: configuration data, logs, telemetry, usage metrics, support tickets, and communications related to the Services.
  3. Technical and device data: IP address, identifiers, browser type, operating system, app version, timestamps, cookies or similar technologies.
  4. Content provided by you: files, records, metadata, and information submitted or integrated into the Services by you or at your direction.
  5. Partner/3rd‑party data: information from vendors, analytics, identity providers, and integrations used with the Services.

3. How We May Use Information

We may use information for only lawful business purposes, including but not limited to:

  1. Providing, operating, supporting, securing, and improving the Services.
  2. Configuring deployments; performing analytics; troubleshooting; testing; R&D; and developing new offerings.
  3. Communicating with you (service notifications, transactional messages, and other business communications).
  4. Protecting Company, customers, users, and the Services (fraud, abuse, security, and compliance activities).
  5. Complying with applicable laws and responding to lawful requests.

We may combine information across Services and sources and may further process de‑identified or aggregated data.

4. How We May Share Information

  1. Affiliates and service providers: to enable delivery, support, hosting, security, analytics, and related operations.
  2. Partners and integrations: as directed or enabled by the customer’s configuration of the Services.
  3. Professional advisors and authorities: as necessary for audits, compliance, or lawful requests.
  4. Corporate transactions: in connection with mergers, acquisitions, reorganizations, financing, or asset transfers.

5. Retention

We may retain information for as long as we determine is reasonably necessary for the purposes described in this Policy, our contracts, operations, and compliance requirements.

6. Security

We implement measures we consider appropriate to help protect information.

7. Customer Administration & End‑User Requests

  1. The customer (your organization) controls its environment within the Services and is responsible for user provisioning, access, and data submitted to the Services.
  2. End‑users seeking to exercise privacy requests (access, deletion, etc.) should contact their organization’s administrator. We may refer or decline requests that must be handled by the customer or are not required by applicable law.

8. International Transfers

We may process and store information in any country where we or our service providers operate. Where required, we may use appropriate contractual or other safeguards.

9. Children

The Services are provided for business and professional use and are not directed to minors.

10. Third‑Party Services

The Services may enable or rely on third‑party products (e.g., identity or analytics tools) subject to those parties’ terms and privacy practices.

11. Contact

For questions about this Policy, please contact your account team or use the contact method provided within the Services or on our website.