← Back to registration

Privacy Policy

Last updated: 15.03.2026

1. Who we are

This Privacy Policy explains how Varox ("Varox", "we", "us") processes personal data when you use our website, platform, and related services.

We are committed to handling personal data responsibly and in accordance with applicable laws, including the General Data Protection Regulation (EU) 2016/679 ("GDPR").

For any questions, you can contact us at: [email protected]

2. What data we collect

When you use Varox, we may collect the following types of information:

Account details

When you create an account, we collect:

  • your email address
  • your organization name
  • a password (stored securely in hashed form)

Technical information

When you access the platform, certain technical data is automatically generated, such as:

  • IP address
  • browser and device type
  • request logs (pages accessed, timestamps, response status)

Usage information

We also process information about how the platform is used, including:

  • login activity
  • actions performed within the system
  • execution of forecasts, jobs, and integrations

Uploaded data

You may upload datasets (e.g. sales, inventory, pricing). These are processed strictly for the purpose of delivering the service.

3. Why we use this data

We use the information above to:

  • provide access to the platform
  • authenticate users and manage accounts
  • process uploaded data and generate results
  • maintain system stability and security
  • detect misuse or unauthorized activity
  • improve performance and reliability

4. Legal basis

Under GDPR, we rely on:

  • performance of a contract – to deliver the service you requested
  • legitimate interest – for security, monitoring, and system improvement

5. Cookies

We use a single essential cookie for authentication:

  • name: varox_token
  • purpose: keeping you logged in
  • type: HTTP-only, secure
  • duration: up to 7 days

We do not use advertising or tracking cookies by default.

6. Sharing of data

We do not sell personal data.

In order to operate the service, we may use third-party providers such as:

  • hosting infrastructure
  • cloud services
  • monitoring tools
  • AI providers (if enabled)

These providers process data under appropriate contractual safeguards.

7. International transfers

Some of our service providers may be located outside the EU.

Where this is the case, we ensure appropriate safeguards are in place (such as standard contractual clauses).

8. Data retention

We keep data only as long as necessary:

  • account data – for as long as the account exists
  • system logs – typically up to 90 days
  • uploaded datasets – until removed by the user

9. Security

We take reasonable steps to protect data, including:

  • secure password hashing
  • encrypted storage of sensitive information
  • access control between tenants
  • token-based authentication

However, no system can be guaranteed to be completely secure.

10. AI processing

If AI functionality is used, certain data may be processed by external providers in order to generate results.

This data is used only for the requested functionality and not for independent purposes.

11. Your rights

Under GDPR, you have the right to:

  • access your data
  • request correction
  • request deletion
  • restrict or object to processing
  • receive a copy of your data

You can exercise these rights by contacting us at [email protected].

12. Changes

We may update this Privacy Policy from time to time. The latest version will always be available on this page.

13. Contact

Varox

[email protected]