Effective date: 2023-03-10 Last updated: 2023-03-10
This Privacy Policy describes how Vernix.one (operated by [COMPANY LEGAL NAME], registered in [COUNTRY], registration number [NUMBER]) collects, uses, and protects information in connection with vernix.one and the Vernix.one platform.
1. The short version.
Vernix.one is a self-hosted product. When you deploy Vernix.one in your environment, the infrastructure data it processes stays in your environment. We never see it.
This policy covers the data we do collect — when you visit vernix.one, fill in a contact form, or correspond with us by email.
2. What we collect and why.
Website visitors
When you visit vernix.one, we may collect standard web server logs including IP addresses, browser type, operating system, referring URL, and pages visited. We use this data to understand how the site is used and to improve it. Logs are retained for [30/60/90] days and then deleted.
Contact and demo requests
When you submit a contact form or request a demo, we collect your name, work email address, company name, job title, and any information you include in the message. We use this to respond to your inquiry and schedule demos. This data is stored in [INSERT CRM / EMAIL TOOL] and retained for as long as the business relationship is active or for [X] years after last contact, whichever is later.
Email correspondence
If you email us directly, we retain that correspondence as long as it is relevant to our business relationship with you.
Cookies
We use cookies on vernix.one. See our Cookie Policy for details.
3. What we do not collect.
We do not collect or process any data from inside your Vernix.one deployment. Your infrastructure topology, architecture models, compliance results, IaC code, and change history are processed entirely within your environment. Vernix.one does not phone home. We never see your infrastructure data.
4. Legal basis for processing (GDPR).
We process personal data on the following legal bases:
- Legitimate interests — analyzing website traffic to improve the site
- Contract performance — processing contact and demo requests to provide the service you requested
- Consent — where we rely on consent (such as for non-essential cookies), you can withdraw it at any time
5. Who we share data with.
We do not sell personal data. We may share data with:
- Legal and regulatory authorities — where required by law
All processors are bound by data processing agreements. We do not use any processor that would create unauthorized international data transfers under GDPR.
6. International transfers.
Where we transfer personal data outside the EU/EEA, we ensure adequate safeguards are in place, including standard contractual clauses where required.
7. Your rights.
Under GDPR, you have the right to:
- Access the personal data we hold about you
- Correct inaccurate data
- Request deletion of your data
- Object to or restrict processing
- Data portability
- Lodge a complaint with a supervisory authority
To exercise any of these rights, contact us at privacy@vernix.one. We will respond within 30 days.
8. Data retention.
We retain personal data only as long as necessary for the purposes described in this policy. Contact and sales data is retained for [X] years after last contact. Website logs are retained for [30/60/90] days. You can request deletion at any time.
9. Contact.
Data controller: [COMPANY LEGAL NAME], [ADDRESS].
For privacy questions: privacy@vernix.one
For general questions: hello@vernix.one
10. Changes to this policy.
We may update this policy from time to time. When we do, we will update the ‘Last updated’ date at the top. Material changes will be communicated via email to customers and via a notice on vernix.one.