VrilsoftApi

Privacy Policy

How Vrilsoft Api and related platform services collect, process, store, and protect personal data in compliance with GDPR and other applicable privacy laws.

Last updated: May 26, 2026

1. Who We Are

Vrilsoft Api and related platform services ("Vrilsoft", "we", "us", or "our") are operated from within the European Union.

Our infrastructure may include servers and cloud systems located within the European Economic Area (EEA), including infrastructure hosted in Paris, France and other EU regions for redundancy, scalability, backups, and operational continuity.

We do not publicly publish a physical postal address on this site. Contact options are available within the application or through our official website.

2. Scope of This Policy

This Privacy Policy applies to:

  • User accounts and authentication systems.
  • Messaging and communications features.
  • Company pages, brand pages, organization profiles, and public communities.
  • APIs, developer tools, and integrations.
  • Websites, applications, and hosted platform services operated by Vrilsoft.

3. What Data We Collect

We intentionally minimize the personal data we collect.

Depending on how you use the Service, we may collect:

  • Email address for authentication, account recovery, security alerts, and communications.
  • Username, display name, and profile information that you choose to provide.
  • Password hashes generated using modern cryptographic algorithms. Passwords are never stored in plain text.
  • Authentication and session data, including login timestamps, active sessions, MFA status, and device identifiers.
  • Technical and usage data, including IP addresses, browser types, operating systems, device metadata, crash reports, diagnostics, and interaction logs.
  • Messaging and uploaded content, including messages, media, files, reactions, comments, or posts transmitted through the Service.
  • Company page and brand page information, including organization names, logos, public descriptions, links, administrator activity, and business-related content.
  • API and developer activity, including API requests, rate limits, access tokens, and abuse monitoring data.
  • Security and moderation signals, including abuse reports, suspicious login attempts, spam detection indicators, and automated risk assessments.

We do not intentionally collect special category data unless you choose to submit it through content or profile features.

4. Legal Bases for Processing (GDPR)

Under the GDPR, we rely on the following legal bases:

  • Contractual necessity — to create accounts, authenticate users, provide messaging, operate company pages, deliver APIs, and maintain requested services.
  • Legitimate interests — to maintain platform security, prevent abuse, detect fraud, enforce policies, improve reliability, and protect users and infrastructure.
  • Consent — where legally required for optional notifications, marketing communications, analytics preferences, or similar features.
  • Legal obligations — where processing is required by applicable laws, regulations, legal requests, or law enforcement obligations.

5. Messaging, Content, and Company Pages

Content you submit through messaging systems, public communities, company pages, brand pages, comments, or uploads may be processed to operate and secure the Service.

Public-facing content may be visible to other users, search engines, administrators, moderators, or third-party visitors depending on your visibility settings and platform functionality.

If you manage a company page or organization profile, information associated with that page may be visible publicly, including:

  • Company or brand names.
  • Descriptions and logos.
  • Posts and announcements.
  • Public administrator or representative information.
  • Follower counts and engagement metrics.

You are responsible for ensuring you have rights to publish content, branding assets, and business information associated with your pages.

6. Security and Data Protection

We use administrative, technical, and organizational safeguards designed to protect personal data from unauthorized access, disclosure, alteration, or destruction.

Security measures may include:

  • HTTPS/TLS encryption in transit.
  • Password hashing and credential hardening.
  • Encrypted backups and infrastructure protections.
  • Access controls and least-privilege principles.
  • Monitoring, logging, and abuse detection systems.
  • Rate limiting and automated threat mitigation.

Despite reasonable safeguards, no platform or transmission method can be guaranteed completely secure.

7. Cookies and Similar Technologies

We may use cookies, local storage, tokens, or similar technologies for:

  • User authentication and session management.
  • Security and fraud prevention.
  • Preferences and settings storage.
  • Performance monitoring and diagnostics.
  • Limited analytics and operational insights.

We do not use third-party advertising cookies on the platform unless explicitly disclosed in a separate notice or consent flow.

8. Data Sharing and Processors

We do not sell personal data.

We may share limited information with trusted service providers that assist with infrastructure, hosting, email delivery, analytics, security, moderation, logging, backups, or customer support.

Third-party processors are contractually required to protect data and process it only for authorized purposes.

Where data is transferred outside the EU/EEA, we use safeguards such as:

  • European Commission adequacy decisions.
  • Standard Contractual Clauses (SCCs).
  • Equivalent lawful transfer mechanisms.

9. Data Retention

We retain personal data only for as long as reasonably necessary for operational, contractual, legal, security, and legitimate business purposes.

Retention periods may vary depending on:

  • Account activity and status.
  • Security investigations and abuse prevention.
  • Legal obligations and dispute resolution.
  • Backup and disaster recovery requirements.

When accounts are deleted, data may be removed, anonymized, pseudonymized, or retained where legally required.

10. Your Rights Under GDPR

Subject to applicable law, you may have the right to:

  • Access your personal data.
  • Correct inaccurate or incomplete information.
  • Delete personal data in certain circumstances.
  • Restrict or object to certain processing activities.
  • Withdraw consent where processing relies on consent.
  • Receive portable copies of applicable data.
  • Lodge complaints with your local supervisory authority.

We may request identity verification before processing certain requests.

11. Children's Privacy

The Service is not directed toward children under the minimum age of 16 or permitted by applicable law. We do not knowingly collect personal data from children in violation of legal requirements.

12. Automated Moderation and Abuse Detection

We may use automated systems to detect spam, fraud, abuse, malicious activity, platform manipulation, or violations of our policies and Terms of Service.

Such systems may analyze metadata, behavioral signals, technical indicators, or reported content to maintain platform integrity and user safety.

13. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our services, legal obligations, infrastructure, or operational practices.

When material changes occur, we may notify users through the application, website, email, or account notifications where appropriate.

14. Contact

Questions, requests, or privacy-related concerns may be submitted through the support and contact channels available within the application or on our official website.