Skip to content
Get a Demo
    Get a Demo

      Privacy Policy (Oct 2024 Archived)

      Updated: October 16, 2024. The current version of our Privacy Policy is available at www.vodori.com/privacy-policy/. If you want to view the previous version, please click here.  

      This Privacy Policy (“Policy” or “Notice”) describes the privacy practices of Vodori, Inc. (“Vodori”, “we”, “us” or “our”) in connection with the https://www.vodori.com/ website (“Site”), the Vodori applications (“Application”, “Products” or “Service”) that link to this Privacy Policy, and our marketing activities and social media pages as described in this Policy. This Policy also describes your rights and choices with respect to the Personal Information we collect. Additional important information for individuals located in the European Economic Area (“EEA”), Switzerland, and the United Kingdom (“UK”) is provided in the ‘Notice to European Users’ section.

      We respect and understand that our website visitors, customers, and their employees have concerns about privacy. Vodori wants to assure you through this Policy that we take reasonable steps to ensure that any information we receive is handled in a safe and responsible manner.

      Our Site and Applications are designed for companies and their representatives. We do not offer products or services for use by individuals for their personal, family or household purposes. Accordingly, we treat all Personal Information we collect as pertaining to individuals in their capacities as representatives of the relevant company and not their individual capacities.

      Our customers and their registered users maintain responsibility for the use of our Applications and control what data is placed within and processed by our Applications. Our applications are not intended to manage Personal Information within content uploaded to the application. Personal Information collected as part of delivering our services is retained pursuant to the contracts between the parties and processed in accordance with this Policy.

      Personal information we collect

      Vodori collects information that can identify, relate to, describe, be associated with, or be reasonably capable of association with a consumer or household (“Personal Information”). Vodori is not subject to any statutory requirements to collect personal data, meaning we only collect information as identified below. 

      Information you provide to us. Personal Information you may provide to us through the Site, Service or otherwise includes:

      • Business and personal contact information, such as your first and last name, email and mailing addresses, phone number, professional title and company name.
      • Registration information, such as information that may be related to a publication or an event you register for.
      • Profile information, such as your user ID, password, personal identification number (“PIN”), profile picture, job title and department, and time zone within the Application.
      • Feedback or correspondence, such as information you provide when you contact us with questions, feedback, or otherwise correspond with us online.
      • Transaction information, such as information about payments from you for products or services you have purchased from us.
      • Usage information, such as any content you upload to the Application or otherwise submit to us, including information you provide when you use any interactive features of the Application.
      • Marketing information, such as your preferences for receiving communications about our activities, events, and publications, and any information you provide when you engage with our communications.
      • Other information that we may collect which is not specifically listed here, but which we will use in accordance with this Privacy Policy or as otherwise disclosed at the time of collection.
      • Sensitive Personal Information (e.g., information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or trade union membership) should never be provided to us on or through the Service, or otherwise to us. If you provide us with any Sensitive Personal Information to us when you use the Service, you must consent to our processing and use of such sensitive Personal Information in accordance with this Privacy Policy. If you do not consent to our processing and use of such Sensitive Personal Information, you must not submit such Sensitive Personal Information through our Service.

      Information designated system owners provide to us. Personal Information designated system owners may provide for registered users of the Service includes:

      • Business and personal contact information, such as your first and last name, email and mailing addresses, phone number, professional title and company name.
      • Profile information, such as your username, password, and profile picture within the Application.

      Information we obtain from social media platforms. We may maintain pages for our Company on social media platforms, such as LinkedIn, Facebook, Twitter, Google, YouTube, Instagram, and other third-party platforms. When you visit or interact with our pages on those platforms, the platform provider’s privacy policy will apply to your interactions and their collection, use and processing of your Personal Information. You or the platforms may provide us with information through the platform, and we will treat such information in accordance with this Privacy Policy.

      Information we obtain from other third parties. We may receive Personal Information about you from third-party sources, such as our business customers, marketing partners, publicly-available sources and data providers. Our use of any information obtained from our business customers is restricted by our agreements with those business partners. We will treat such information in accordance with this Privacy Policy.

      Automatic data collection. We, our service providers, and our business partners may automatically log information about you, your computer or mobile device, and your interaction over time with the Service, our communications and other online services, such as:

      • Device data, such as your computer or mobile device’s operating system type and version, manufacturer and model, browser type, screen resolution, RAM and disk size, CPU usage, device type (e.g., phone, tablet), IP address, unique identifiers (including identifiers used for advertising purposes), language settings, mobile device carrier, radio/network information (e.g., Wi-Fi, LTE, 3G), and general location information such as city, state or geographic area.
      • Online activity data, such as pages or screens you viewed, how long you spent on a page or screen, the website you visited before browsing to the Service, navigation paths between pages or screens, information about your activity on a page or screen, access times and duration of access, and whether you have opened our emails or clicked links within them.
      • Communication interaction data such as your interactions with our email, text or other communications (e.g., whether you open and/or forward emails).

      Cookies and other technologies. Some of the automatic collection described above is facilitated by cookies and other technologies.  For more information, see our ‘Cookie Notice’ section below.

      Referrals. Users of the Service may have the opportunity to refer contacts to us. If you are an existing user, you may only submit a referral if you have permission to provide the referral’s contact information to us so that we may contact them.

      How we use your Personal Information

      We may use your Personal Information for the following purposes and lawful bases under the General Data Protection Regulation (GDPR) and as otherwise described in this Privacy Policy or at the time of collection:

      Purpose of Processing

      Lawful Basis

      To operate the Service. We may use your Personal Information to:

      • provide, operate and improve the Service;
      • provide information about our products and services;
      • establish and maintain your user profile on the Service;
      • communicate with you about the Service, including by sending you announcements, updates, security alerts, and support and administrative messages;
      • communicate with you about virtual or in-person events in which you participate;
      • understand your needs and interests, and personalize your experience with the Service and our communications;
      • provide support and maintenance for the Service; and
      • respond to your requests, questions and feedback.

      Contract

      For research and development. We may use your Personal Information for research and development purposes, including to analyze use of the Service, improve the Service and develop new products and services, including by studying user demographics and use of the Service.

      Legitimate interests

      Marketing and advertising. We, our service providers and our third-party advertising partners may collect and use your Personal Information for marketing and advertising purposes:


      • Direct marketing. We may send you Vodori-related direct marketing communications as permitted by law. You may opt-out of our marketing communications as described in the ‘Your choices’ section below.
      • Retargeting. We may engage third-party advertising partners who use cookies and web beacons on our Site to serve you with advertising when you are visiting other sites, known as retargeting. Each of these advertising partners has their own privacy policy and opt-out procedures, which are outlined below.
        • Google Ads: Google Ads provides a retargeting service that connects the activity of Vodori with the Google Ads advertising network and the DoubleClick cookie. Learn more about Google’s privacy policy. Opt out of Google’s use of cookies for ads personalization and/or disable all the DoubleClick cookies by visiting Google Ads Settings.
        • LinkedIn: LinkedIn provides a retargeting service that matches website visitors to members on LinkedIn for further engagement via ad content on LinkedIn. Learn more about LinkedIn’s privacy policy. Opt out of LinkedIn’s use of cookies for ads personalization by visiting LinkedIn Unsubscribe Settings.

      Consent (where required by law); Legitimate interests

      To comply with law. We may disclose Personal Information when we believe it is necessary or appropriate to:

      • Enforce our legal rights;
      • Protect the rights and safety of our customers, registered users, or others; 
      • Comply with applicable laws, lawful requests, and legal process, such as responding to subpoenas, investigations or requests from government authorities.

      Legal obligations

      For compliance, fraud prevention, and safety. We may use your Personal Information and disclose it to law enforcement, government authorities, and private parties as we believe necessary or appropriate to: (a) protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims); (b) audit our internal processes for compliance with legal and contractual requirements or our internal policies; (c) enforce the terms and conditions that govern the Service; and (d) protect, identify, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity theft.

      Legal obligations; Legitimate interests

      With your consent. In some cases we may specifically ask for your consent to collect, use or share your Personal Information, such as when required by law.

      Consent

      To create anonymous, aggregated or de-identified data. We may create anonymous, aggregated or de-identified data from your Personal Information and other individuals whose Personal Information we collect. We make Personal Information into anonymous, aggregated or de-identified data by removing information that makes the data personally identifiable to you. We may use this anonymous, aggregated or de-identified data and share it with third parties for our lawful business purposes, including to analyze and improve the Service and promote our business. If we anonymize or de-identify Personal Information, we will not attempt to re-identify any such data for purposes other than delivering the Service and as permitted by law.

      Legitimate interests

      How we share your Personal Information

      We may share your Personal Information with the following third parties and as otherwise described in this Privacy Policy or at the time of collection:

      Service providers. We may share your Personal Information with third party companies and individuals that provide services on our behalf or help us operate the Service. For your reference, a list of our sub processors and nature of processing can be found in the ‘Sub-processors’ section below and in our Vodori Trust Center at https://trust.vodori.com/.

      Advertising partners. Third-party advertising companies for the retargeting purposes described above.

      Professional advisors. We may disclose your Personal Information to professional advisors, such as lawyers, bankers, auditors and insurers, where necessary in the course of the professional services that they render to us.

      For compliance, fraud prevention and safety. We may share your Personal Information for the compliance, fraud prevention and safety purposes described above.

      Business transfers. We may disclose Personal Information in the context of actual or prospective business transactions (e.g., investments in Vodori, financing of Vodori, public stock offerings, or the sale, transfer or merger of all or part of our business, assets or shares), for example, we may need to share certain Personal Information with prospective counterparties and their advisors. We may also disclose some or all of your Personal Information to an acquirer, successor or assignee of Vodori as part of any business transaction (or potential business transaction) such as a corporate divestiture, merger, consolidation, acquisition, reorganization, sale of assets, or similar transaction, and/or in the event of bankruptcy, dissolution, or receivership in which Personal Information is transferred to one or more third parties as one of our business assets.

      No sale of Personal Information

      We do not sell Personal Information to third parties.

      Your choices

      In this section, we describe the rights and choices available to all users. Users located in the EEA, Switzerland and the UK can find additional information about their rights below in the ‘Notice to European Users’ section.

      Access or Update Your Information. If you have registered for an account with us, you may review and update certain Personal Information in your account profile by logging into the Application.

      Opt-out of marketing communications. You may opt-out of marketing-related emails by following the opt-out or unsubscribe instructions at the bottom of the email, emailing at privacy@vodori.com or calling or writing to us. Our current contact information is posted at www.vodori.com/about/contact. Note that even if you opt out of our email marketing list, if your email address is associated with an active user of our applications, you will still receive service or policy-related communications. To the extent any user remains listed as a contact for any content within an application, it is up to the user or customer administrator to delete the email.

      Cookies. Most browser settings let you delete and reject cookies placed by websites. Many browsers accept cookies by default until you change your settings. If you do not accept cookies in your browser settings, you will not be able to use all functionality of the Application and it will not work properly. All Application cookies are strictly necessary for the Application to function. We use Google Analytics to help us understand user activity in the Application. You can learn more about Google Analytics cookies at https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage and about how Google protects your data at https://policies.google.com/privacy.

      On the Site, you can either ignore or decline the Site cookie notification banner to block all cookies except strictly necessary cookies. However, if you accept the cookie notification, then all Site cookies will be enabled. We use HubSpot to help us understand user activity on the Site.  You can learn more about HubSpot cookies at https://knowledge.hubspot.com/privacy-and-consent/what-cookies-does-hubspot-set-in-a-visitor-s-browser and how HubSpot protects your data at https://legal.hubspot.com/privacy-policy.

      You have additional options with third-party advertising partner cookies as listed in the retargeting purposes described above.

      For more information about cookies, including how to see what cookies have been set on your browser and how to manage and delete them, visit https://www.allaboutcookies.org.

      Do Not Track. Some Internet browsers have incorporated the World Wide Web Consortium “Do Not Track” (“DNT”) standard. This standard, when implemented, sends a signal or preference (the “DNT Signal”) to the websites you visit indicating that you do not wish to be tracked. Because there is not yet a common understanding of how to interpret DNT Signals, nor a common definition of “tracking,” we do not currently respond to DNT Signals on the Website. To find out more about “Do Not Track,” please visit https://www.allaboutdnt.com.

      Declining to provide information. We need to collect Personal Information to provide certain services. If you do not provide the information we identify as required or mandatory, we may not be able to provide those services.

      Cookie notice

      Unless otherwise specified, a reference to the “website” or “websites” shall be deemed to refer to the Vodori Site and Applications.

      As you navigate the websites, we may collect information through the use of commonly-used information-gathering tools, such as cookies and web beacons. Information collected may include standard information from your web browser (such as browser type and browser language), your Internet Protocol (“IP”) address, and the actions you take on the website (such as the web pages viewed and the links clicked). If this information is reasonably related to you, we consider it Personal Information. If this information cannot be reasonably related to you or your household, it is not Personal Information and not subject to this Policy.

      A few important things you should know about our use of these technologies are:

      • We offer certain features that may be available only through the use of these technologies.
      • We use these technologies to help identify you (or your business) to us.
      • Some cookies are “session cookies,” meaning that they are automatically deleted from your hard drive at the end of a session.
      • Other cookies are “persistent cookies” meaning that they are deleted from your hard drive once the cookie expiration date is reached.

      We also use web beacons to compile information about visitor interaction with e-mails from Vodori.

      There are four main types of cookies:

      Strictly Necessary cookies: These cookies are essential to enable you to login, navigate around the website and use its features, such as accessing secure areas of the website. Vodori does not need to obtain your consent in order to use these cookies. Without these cookies, services you have requested cannot be provided.

      Functionality cookies: These cookies allow the website to remember choices you make and to provide enhanced and personalized features.

      Performance cookies: These cookies collect information about how you use the websites, for example which pages you visit and duration of your visit. These cookies are used for analytics, research and to perform statistics based on aggregated anonymized information.

      Targeting cookies: These cookies are used to collect information about your browsing habits in order to make advertising relevant to you and your interests. They remember the web pages you have visited and that information is shared with the third-party advertising partners for the retargeting purposes described in the ‘How we use your Personal Information’ section above. In the ‘How we use your Personal Information’ section above, you can also learn more about how to manage third-party advertising partner cookies.

      Sub-processors

      Vodori may engage and share your Personal Information with third party vendors (“Sub-processors”) to support delivery of our Services. This page provides important information about the identity, location and role of each Sub-processor. Prior to engaging any third party Sub-processor, Vodori performs diligence to evaluate their privacy, security and confidentiality practices, and executes an agreement implementing its applicable obligations to ensure they adhere to the same standards as Vodori to protect your Personal Information against unauthorized access, alteration, disclosure, destruction or loss.

      Sub-Processor
      Purpose
      Location

      AlertLogic

      Network monitoring

      United States

      Amazon Web Services

      Cloud infrastructure & services

      United States

      Auth0

      Product identity & authentication provider

      United States

      ChurnZero

      Customer success account management

      United States

      Elastic Enterprise Search

      Search engine

      United States

      Fivetran

      Data integration

      United States

      Hubspot

      CRM & communication services

      United States & Germany

      Mailgun Technologies

      Communication services

      United States

      Mode Analytics

      Product analytics

      United States

      Productboard

      Product management

      United States

      Sentry

      Application monitoring

      United States

      Snowflake

      Data warehouse

      United States

      SupportYourApp

      Customer support

      Ukraine

      TSG Talent Solutions Limited

      Software engineering 

      Ukraine, Germany, Poland, and Spain

      Zendesk

      Customer support

      United States

      Sub-processor updates

      As our business grows and evolves, the Sub-processors we engage with may also change. We will endeavor to provide the owner of the customer's account with notice of any new Sub-processors to the extent required under the Agreement, along with posting such updates here and the Vodori Trust Center at https://trust.vodori.com/. Please check back frequently for updates.

      Security practices and retention

      Vodori maintains appropriate security procedures and technical and organizational measures to protect your Personal Information against accidental or unlawful destruction, loss, disclosure, alteration, or use. Note that security risk is inherent in all internet and information technologies and we cannot absolutely guarantee the security of your Personal Information, and Vodori expressly disclaims any such obligation.

      Customer Personal Information is stored and processed within secure state-of-the-art data centers within the U.S.  Security measures are implemented to reduce the risk of loss, misuse, unauthorized access, disclosure and alteration of customer Personal Information. Personal Information collected as part of delivering our Services is retained pursuant to the contracts between the parties. At the close of a customer contract, data is returned to the customer and/or removed/destroyed from Vodori's systems within 30 days or as agreed-upon between Vodori and the customer. Production backups are excluded from this timeframe as they will be retained for at least 90 days following data deletion activities as they are systematically aged off in accordance with our backup and retention policies.

      Your Personal Information will be retained as long as necessary to fulfill the purposes for which we collected the personal data. When we have no ongoing legitimate business need nor lawful legal ground to process your personal data, we will delete, anonymize, or aggregate it. If you want to know more about retention periods applicable to your particular circumstance, please email Vodori’s Data Protection Officer (DPO) at privacy@vodori.com.

      Learn more about our technical and organizational measures at https://www.vodori.com/security.

      International data transfers

      Vodori is a company operating globally. If you are accessing this Site or Application from outside of the United States (“U.S.”) please be advised that by using and providing Personal Information to this Website or Application, you consent to the transfer, processing and/or use of the information to the U.S. and/or through a cloud consistent with the terms of this Privacy Policy.

      Vodori does not voluntarily or actively transfer or disclose our customers’ Personal Information to the government or law enforcement authorities (“Authorities”) and/or otherwise grant any Authorities access to your Personal Information. In the event of a legally binding request for a customer’s personal data from an Authority, Vodori will notify the customer before disclosing the information. To the extent permissible under the request and/or applicable law, this Policy will describe the personal data requested, the authority making the request, the legal basis of the request, and any response already provided. This Policy gives the customer an opportunity to pursue a legal remedy, such as filing an objection with a court or the requesting authority.

      Notice to European users

      Vodori may transfer Personal Information from the EEA, Switzerland, and the UK to the U.S. and other countries, including Personal Information we receive from individuals residing in the EEA/UK/Switzerland who visit our Websites and/or who may use our services or otherwise interact with us. Please note that the term Personal Information used in this Policy is equivalent to the term “personal data” under applicable EU and UK data protection laws for individuals located in the EU or the UK.

      Data Privacy Framework Notice

      The information provided in this Notice applies only to individuals in the EEA, Switzerland, and the UK. 

      Vodori complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF (UK Extension), and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) (collectively, the “Data Privacy Framework”) as set forth by the U.S. Department of Commerce.  Vodori has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the EEA in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension.  Vodori has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF.  If there is any conflict between the terms in this Privacy Policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern.  

      The following U.S. based entity is adhering to the EU-U.S. DPF Principles, the UK Extension to the EU-U.S. DPF, and Swiss-U.S. DPF Principles and is covered by Vodori’s DPF submission:

      Vodori, Inc. 333 N. Green Street, Suite 808, Chicago, Illinois 60607, USA

      To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

      Data processed. Vodori creates cloud-based software making it easier for customers to collaborate, ensure compliance, and create quality content. Vodori’s Application is a purpose-built promotional and medical information review and approval solution that empowers Life Science companies to bring products to market faster while ensuring regulatory compliance, with connectivity to adjacent platforms. Optional products and services include an integrated sales enablement solution that provides current versions of approved materials and analytics on usage. We also offer materials import from legacy systems and connectors to deliver materials to downstream systems (i.e., CRM, sales enablement, LMS, websites).

      In providing these products and services, Vodori processes the data listed in the above ‘Personal Information we collect’ section.

      Purposes of data processing. Vodori processes data submitted by customers for the purposes listed in the above ‘How we use your Personal Information’ section.

      Inquiries and complaints. If you believe Vodori maintains your personal data in one of the services within the scope of our Data Privacy Framework certification, you may direct any inquiries or complaints concerning our Data Privacy Framework compliance to Vodori’s Data Protection Officer (DPO) at privacy@vodori.com. Vodori will respond within 45 days. If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://www.jamsadr.com/DPF-Dispute-Resolution. If neither Vodori nor our dispute resolution provider resolves your complaint, you may have the possibility to engage in binding arbitration through the Data Privacy Framework Panel. For more information on this option, please see Annex I of the EU-U.S. Data Privacy Framework Principles.

      Accountability for Onward Transfers. Vodori uses a limited number of third party service providers to assist us in providing our services to customers. These third party providers offer customer support to our customers, customer relationship management, perform application and network monitoring, data storage and hosting, software engineering, and other technical operations. The types of third parties with whom Vodori may share your personal data are set out in the section of this Privacy Policy entitled ‘How we share your Personal Information’. Vodori remains liable under the Data Privacy Framework if a third party service provider processes personal data covered by this Privacy Policy in a manner inconsistent with the Data Privacy Framework Principles, except where Vodori can demonstrate that we are not responsible for the event giving rise to the damages.

      Your rights to access, to limit use, and to limit disclosure. EU, UK and Swiss individuals have rights to access, to limit the use and disclosure of any personal data about them. With our Data Privacy Framework self-certification, Vodori has committed to respect those rights. You may be able to correct, amend, or delete Personal Information that we hold where it is inaccurate, or has been processed in violation of the Principles, except where the burden or expense of providing access would be disproportionate to the risks to your privacy in the case in question, or where other persons rights would be violated.

      Because Vodori personnel have limited ability to access data our customers submit to our services, if you wish to exercise your rights, please provide the name of the Vodori customer who submitted your data to our services and send your request to Vodori’s Data Protection Officer (DPO) at privacy@vodori.com. We will refer your request to that customer and will support them as needed in responding to your request.

      U.S. Federal Trade Commission enforcement. Vodori’s commitments under the Data Privacy Framework are subject to the investigatory and enforcement powers of the United States Federal Trade Commission.

      Compelled disclosure. Vodori may be required to disclose Personal Information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

      Your Right to Lodge a Complaint with your Supervisory Authority. In addition to your rights outlined above, if you are not satisfied with our response to a request you make, or how we process your Personal Information, you can make a complaint to the data protection regulator in your habitual place of residence.

      External links

      Our Site and Applications may include links to other websites and online services operated by third parties whose privacy policies we do not control. These links are not an endorsement of, or representation that we are affiliated with, any third party. In addition, our content may be included on web pages or online services that are not associated with us. We do not control third party websites, or online services, and we are not responsible for their actions. Other websites and services follow different rules regarding the collection, use and sharing of your Personal Information. We encourage you to read the privacy policies of the other websites and online services you use. If you can’t find the privacy policy of any of these websites via a link from the website’s homepage, you should contact the website directly for more information.

      Children

      The Service is not directed to, and we do not knowingly collect Personal Information from, anyone under the age of 18. If we learn that anyone under the age of 18 has unlawfully provided Personal Information, Vodori will delete such information from our files in a timely manner.

      Changes to Privacy Policy

      We may change this Privacy Policy from time to time. If so, any such changes will be posted on this page and we will note the date the Privacy Policy was most recently revised. We recommend that you review this Privacy Policy on a regular basis. Your continued use of the Site and/or Applications shall constitute your acceptance of such revised Policy. 

      Contacting us

      If you have any questions about this Privacy Policy, our privacy practices, or if you would like to exercise your rights under this Policy, you can email Vodori’s Data Protection Officer (DPO) at at privacy@vodori.com. We may ask you for information to confirm your identity in order to act upon your request.