Privacy Policy

1. Introduction

Vaxlin Pte. Ltd. ("Vaxlin," "we," "us," or "our") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your data when you use our AI-powered quote and order automation platform and related services (collectively, the "Services"). By using our Services, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Information You Provide

We collect information that you provide directly to us, including:

• Account information (name, email address, phone number, company name)
• Business information (industry, company size, product catalogs)
• Payment and billing information
• Communications with our support team
• Quote and order data processed through our platform
• Customer and supplier information you upload to our system

2.2 Automatically Collected Information

When you use our Services, we automatically collect:

• Usage data (features used, time spent, frequency of use)
• Device information (IP address, browser type, operating system)
• Log data (access times, pages viewed, errors encountered)
• Cookies and similar tracking technologies

2.3 Information from Third Parties

We may receive information from third-party services you connect to our platform, such as ERP systems (SAP, Oracle, NetSuite), CRM systems (Salesforce), and email providers.

3. How We Use Your Information

We use the collected information for the following purposes:

• Providing and maintaining our AI-powered Services
• Processing quotes, orders, and customer requests
• Training and improving our AI models specifically for your use
• Analyzing usage patterns to enhance user experience
• Communicating with you about updates, security alerts, and support
• Processing payments and preventing fraud
• Complying with legal obligations and enforcing our terms
• Generating analytics and insights for your business performance

4. Data Security and Infrastructure

We implement industry-leading security measures to protect your data:

• Hosting: All data is hosted on Microsoft Azure data centers in Frankfurt, Germany
• Certifications: DIN ISO/IEC 27001 and DIN ISO/IEC 27018 certified infrastructure
• Encryption: Data encrypted in transit (TLS 1.3) and at rest (AES-256)
• Access Control: Role-based access control with multi-factor authentication (MFA)
• Data Separation: Multi-tenant architecture ensures complete client data isolation
• Monitoring: 24/7 security monitoring and regular security audits
• Backup: Automated daily backups with 30-day retention

5. AI Model Training and Data Usage

Important: Your data is never used to train external AI models or shared with third-party AI providers. We create custom, client-specific AI models that are trained exclusively on your data and used only for your organization. Your proprietary information, product catalogs, and customer data remain completely confidential.

6. Data Sharing and Disclosure

We do not sell your personal data. We may share your information only in the following circumstances:

• With your consent: When you explicitly authorize us to share information
• Service providers: With trusted third-party vendors who assist in operating our Services (subject to strict confidentiality agreements)
• Legal requirements: When required by law, court order, or government regulation
• Business transfers: In connection with a merger, acquisition, or sale of assets
• Protection of rights: To protect our rights, privacy, safety, or property

7. Your Rights Under GDPR

If you are located in the European Economic Area (EEA), you have the following rights:

• Right of access: Request a copy of your personal data
• Right to rectification: Correct inaccurate or incomplete data
• Right to erasure: Request deletion of your personal data
• Right to restriction: Limit how we use your data
• Right to data portability: Receive your data in a structured, machine-readable format
• Right to object: Object to processing of your data for certain purposes
• Right to withdraw consent: Withdraw consent at any time
• Right to lodge a complaint: File a complaint with your local data protection authority

To exercise these rights, please contact us at privacy@vaxlin.com

8. Data Retention

We retain your personal data for as long as necessary to provide our Services and fulfill the purposes outlined in this Privacy Policy. Specific retention periods include:

• Account data: Duration of account plus 12 months
• Transaction records: 7 years (for tax and accounting purposes)
• Usage data: 24 months
• Support communications: 3 years

9. International Data Transfers

Your data is primarily stored and processed in the European Union (Frankfurt, Germany). If we transfer data outside the EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

10. Children's Privacy

Our Services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal data, please contact us immediately.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: