Get 20% Off Your First yearly Purchase of Ultimate Web Hosting Solution! Limited Time Offer Claim Your Discount Now!

Privacy Policy

Vendorme Technologies > Privacy Policy

Privacy Policy (Expanded Version)

Effective Date: March 27, 2024

1. Introduction

Vendorme Technologies is committed to safeguarding your privacy. This Privacy Policy outlines how we collect, use, disclose, and protect personal information when you visit vendormesys.net or use our services. It complies with the Malawi Data Protection Act 2024, aligning with principles of lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity, and confidentiality.

2. Information We Collect

We collect:

  • Personal Information: Name, email, phone number, company name, billing details (e.g., bank account or payment card information) provided during registration, form submissions, or inquiries.

  • Usage Data: IP address, browser type, pages visited, time spent, and referring URLs to analyze site performance and user behavior.

  • Cookies and Tracking Technologies: Session and persistent cookies, web beacons, and analytics tools (e.g., Google Analytics) to enhance user experience and personalize content.

  • Project-Related Data: Business data, intellectual property, or sensitive information provided for software development, IT consulting, or other services.

  • Sensitive Data: Where necessary (e.g., biometric or health data for specific projects), processed only with explicit consent or legal basis under Section 16 of the Malawi Data Protection Act 2024.

3. How We Use Your Information

We process personal data for:

  • Delivering and maintaining services, including software development and IT consulting.

  • Processing transactions and sending confirmations or invoices.

  • Improving our Site and services through analytics.

  • Sending marketing communications (with opt-in consent).

  • Responding to inquiries or support requests.

  • Complying with legal obligations or protecting our rights.

  • Developing or supporting custom software/systems per client requirements.

Lawful Bases (per Malawi Data Protection Act 2024):

  • Consent: For marketing or sensitive data processing.

  • Contract Performance: To fulfill service agreements.

  • Legitimate Interests: For analytics or service improvements, unless overridden by your rights.

  • Legal Obligation: To comply with laws or regulatory requests.

  • Vital Interests: To protect life or safety.

  • Public Interest: For tasks in the public interest.

4. How We Share Your Information

We do not sell personal data. We may share it with:

  • Third-Party Providers: Hosting, analytics, or payment processors bound by confidentiality agreements.

  • Legal Authorities: In response to subpoenas, court orders, or to comply with laws.

  • Protection of Rights: To safeguard our or users’ rights, safety, or property.

  • Project Teams: Team members or subcontractors, only as necessary for service delivery.

  • With Consent: For specific purposes, such as client referrals.

5. Data Security

We implement technical, administrative, and physical measures, including:

  • Encryption: AES-256 for data at rest; TLS 1.3 for data in transit.

  • Access Controls: Role-based access and multi-factor authentication.

  • Audits: Regular security assessments per ISO 27001 standards.
    In case of a data breach, we will notify MACRA and affected individuals within 72 hours, as required by Section 36 of the Malawi Data Protection Act 2024.

6. Your Rights

Under the Malawi Data Protection Act 2024, you have:

  • Access: Request a copy of your data (Section 19).

  • Rectification: Correct inaccurate data within 14 days (Section 21).

  • Erasure: Request deletion under specific conditions (Section 22).

  • Restriction: Restrict processing if accuracy is contested (Section 23).

  • Objection: Object to processing causing harm (Section 24).

  • Portability: Receive data in a machine-readable format (Section 20).

  • Automated Decisions: Not be subject to solely automated decisions (Section 25).
    To exercise these rights, contact pr*****@ve*********.net. We respond within 30 days.

7. Data Retention

We retain data only as long as necessary for service delivery, legal compliance, or dispute resolution. Data is deleted or anonymized thereafter, per Section 12 of the Malawi Data Protection Act 2024.

8. Cross-Border Data Transfers

Data may be transferred to Zambia, South Africa, or other jurisdictions for service delivery. We ensure adequate protection via standard contractual clauses or binding corporate rules, as per Section 38 of the Malawi Data Protection Act 2024.

9. Cookies and Tracking

We use:

  • Essential Cookies: For site functionality.

  • Analytics Cookies: For usage insights.

  • Marketing Cookies: For personalized ads (with consent).
    Manage preferences at vendormesys.net/cookies.

10. Third-Party Services

Our Site may link to third-party sites. We are not responsible for their privacy practices. Review their policies before sharing data.

11. Client Systems Access

For maintenance or support, we access only necessary client data, handled per this Policy and agreements.

12. Contact Us

For questions, contact:
Email: pr*****@ve*********.net
Phone: [+265-995799348]
Address: Area 25 C Sector 1 EML Complex Lilongwe Malawi 

13. Changes to This Policy

Updates will be posted on this page with a revised “Last Updated” date. Continued use constitutes acceptance.

14. Governing Law

This Policy is governed by Malawi laws.

Right

Description

Response Time

Access

Obtain a copy of your data

30 days

Rectification

Correct inaccurate data

14 days

Erasure

Delete data under conditions

30 days

Portability

Receive data in machine-readable format

30 days