Consumer Privacy Notice
Last Updated: August 14, 2024
Vori, Inc. (“Vori,” “we,” “us,” or “our”) has prepared this Consumer Privacy Policy to explain (1) what personal information we collect directly from consumers who interact with our Services, (2) how we use and share that information, and (3) your choices concerning our privacy and information practices.
Applicability of this Privacy Policy
We provide a comprehensive operating system platform designed to assist our grocery store and retailer customers (each a “Vori Customer”) with their point-of-sale systems, managing shopper marketing and loyalty, and other back office operations (the “Services”).
This Consumer Privacy Policy applies to personal information that we collect from individuals who interact with us through a Vori Customer, such as when the individual engages with a Vori point-of-sale system or signs up for a loyalty program with one of our Vori Customers. This Privacy Policy describes how we use your personal information in providing our Services to the Vori Customer that you are interacting with. Vori provides the Services solely as a service provider and data processor, and only uses the personal information collected at the direction of Vori Customer. This Privacy Policy does not apply to any websites, applications or other online services that do not link to this policy, including other services provided by Vori Customer; nor does this Privacy Policy apply to the Vori Customer’s subsequent use of information collected in connection with the Services. Please contact corresponding Vori Customer to learn about how they use your personal information.
If you are an individual with whom Vori engages in your capacity as a representative of a business, or if you are a visitor to our website (www.vori.com), please refer to our Privacy Policy (Vori Customers and Website Visitors) available at (www.vori.com/privacy).
Personal information we collect
Information you provide to us:
- Identification information, such as your name, email address, mailing address, phone number, and signature (for example, when you sign a receipt at a Vori Customer).
- Payment information: When you make purchases with a Vori Customer, you may need to provide us with payment information, such as credit card or debit card information, banking information, or a billing address. We may use third-party payment providers to process payments on the Services. In particular, credit card and debit card information is stored and processed by our payment providers on our behalf.
- Feedback or correspondence, such as information you provide when you contact Vori or a Vori Customer in connection with the Services.
- Loyalty program and marketing information. We assist Vori Customers in managing their customer loyalty programs and marketing campaigns. If you sign up for a loyalty program or to receive marketing communications with a Vori Customer, we may process certain personal information, such as your preferences for receiving communications about our activities, services, newsletters, and publications, and details about how you engage with our communications.
- Other information that we may collect which is not specifically listed here, but which we will use in accordance with this Privacy Policy or as otherwise disclosed at the time of collection.
Information we obtain from third parties.
- Social media information. Our Vori Customer may maintain pages on social media platforms, such as Facebook, LinkedIn, Instagram, and other third-party platforms. When you visit or interact with these pages on those platforms, the platform providers’ privacy policies will apply to your interactions and their collection, use and processing of your personal information. You or the platforms may provide us (on behalf of the Vori Customer) with information through the platform, and we will treat such information in accordance with this Privacy Policy.
- Other Sources. We may obtain your personal information from other third parties, such as third party analytics services, the Vori Customer’s marketing partners, publicly-available sources and data providers.
Automatic data collection. We and our service providers may automatically log information about you, your computer or mobile device, and your interaction over time with our Services, our communications and other online services, such as:
- Device data, such as your computer’s or mobile device’s operating system type and version, manufacturer and model, browser type, screen resolution, RAM and disk size, CPU usage, device type (e.g., phone, tablet), IP address, unique identifiers (including identifiers used for advertising purposes), language settings, mobile device carrier, radio/network information (e.g., WiFi, LTE, 4G), and general location information such as city, state or geographic area.
- Online activity data, such as pages or screens you viewed, how long you spent on a page or screen, browsing history, navigation paths between pages or screens, information about your activity on a page or screen, access times, and duration of access, and whether you have opened our marketing emails or clicked links within them. We may use third party tools to assist with capturing online activity data.
- Email Open/Click Information. We may use pixels in email campaigns that we operate on behalf of our Vori Customers that allow us to collect your email and IP address as well as the date and time you open an email or click on any links in the email that we may send to you.
We may use the following tools for automatic data collection:
- Cookies, which are text files that websites store on a visitor’s device to uniquely identify the visitor’s browser or to store information or settings in the browser for the purpose of helping you navigate between pages efficiently, remembering your preferences, enabling functionality, helping us understand user activity and patterns, and facilitating online advertising.
- Local storage technologies, like HTML5, that provide cookie-equivalent functionality but can store larger amounts of data, including on your device outside of your browser in connection with specific applications.
- Web beacons, also known as pixel tags or clear GIFs, which are used to demonstrate that a webpage or email was accessed or opened, or that certain content was viewed or clicked.
For additional details, please see our Cookie Policy below.
How we use your personal information
To operate our Services:
- Provide, operate, maintain, secure and improve our Services.
- Communicate with you about our Services, including by sending announcements, updates, security alerts, and support and administrative messages.
- Respond to your requests, questions and feedback.
Marketing and advertising. We may from time-to-time send you direct marketing communications on behalf of our Vori Customer, as permitted by law, including, but not limited to, notifying you of special promotions, offers and events via email. You may opt out of our marketing communications as described in the “Opt out of marketing communications” section below.
For research and development. We may use your personal information for research and development purposes, including to analyze and improve our Services and our business. As part of these activities, we may create aggregated, de-identified, or other anonymous data from personal information we collect. We make personal information into anonymous data by removing information that makes the data personally identifiable to you. We may use this anonymous data and share it with third parties for our lawful business purposes, including to analyze and improve our Services and promote our business.
Compliance and protection. We may use personal information to:
- Comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities.
- Protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims).
- Audit our internal processes for compliance with legal and contractual requirements and internal policies.
- Enforce the terms and conditions that govern our Services.
- Prevent, identify, investigate and deter fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity theft.
How we share your personal information
We do not “sell” any personal information (as defined under applicable laws), and we may share your personal information as described below and as described elsewhere in this Privacy Policy.
Vori Customers. We may share your personal information with the Vori Customer you are interacting with and to service providers of that Vori Customer, as directed by our Vori Customer. If you have interacted with us through different Vori Customers, we do not share information you provided to one Vori Customer with any other Vori Customer, unless you have provided us with express permission to do so.
Service providers. We may share your personal information with third party companies and individuals that provide services on our behalf or help us operate our Services (such as lawyers, bankers, auditors, insurers, and service providers that assist with hosting, analytics, email delivery, marketing, and database management).
Authorities and others. We may disclose your personal information to law enforcement, government authorities, and private parties, as we believe in good faith to be necessary or appropriate for the compliance and protection purposes described above.
Business transfers. We may transfer or otherwise share some or all of our business or assets, including your personal information, in connection with a business transaction (or potential business transaction) such as a corporate divestiture, merger, consolidation, acquisition, reorganization or sale of assets, or in the event of bankruptcy or dissolution. In such a case, we will make reasonable efforts to require the recipient to honor this Privacy Policy.
Affiliates. We may share personal information with our current and future first-party affiliates, meaning an entity that controls, is controlled by, or is under common control with us. Our affiliates may use the personal information we share in a manner consistent with this Privacy Policy. However, no personal information will be shared with third parties/affiliates for marketing/promotional purposes.
Cross-border processing of your personal information
We are headquartered in the United States. To provide and operate our Services, it is necessary for us to process your personal information in the United States. If we transfer personal information across borders such that we are required to apply appropriate safeguards to personal information under applicable data protection laws, we will do so. Please contact us for further information about any such transfers or the specific safeguards applied.
Your choices
Personal information requests: In certain circumstances (including based on where you are located), you may have the following rights in relation to your personal information:
- the right to learn more about what personal information of yours is being processed, how and why such information is processed and the third parties who have access to such personal information. We have made this information available to you without having to request it by including it in this Privacy Policy;
- the right to access your personal information;
- the right to rectify/correct your personal information;
- the right to restrict the use of your personal information where permitted under applicable law;
- the right to request that your personal information is erased/deleted where permitted under applicable law;
- the right to data portability (i.e. receive your personal information or have it transferred to another controller in a structured, commonly-used, machine readable format) where permitted under applicable law; and
- the right to object to processing of your personal information or to direct us not to share your personal information with a non-affiliated third party where permitted under applicable law.
If you wish to exercise your rights, please contact the corresponding Vori Customer as we process your personal information solely as a service provider and data processor on behalf of such Vori Customer.
Opt out of marketing communications. You may opt out of email communications by following the opt-out or unsubscribe instructions at the bottom of the email.
Online tracking opt-out. You may opt out of having your online activity and device data collected through our Services in the following ways:
- Blocking cookies in your browser. Most browsers let you remove or reject cookies, including cookies used for interest-based advertising. To do this, follow the instructions in your browser settings. Many browsers accept cookies by default until you change your settings. For more information about cookies, including how to see what cookies have been set on your device and how to manage and delete them, visit www.allaboutcookies.org.
Use the following links to learn more about how to control cookies and online tracking through your browser:
- Blocking advertising ID use in your mobile settings. Your mobile device settings can provide functionality to limit use of the advertising ID associated with your mobile device for interest-based advertising purposes.
- Using privacy plug-ins or browsers. You can block our websites from setting cookies used for interest-based ads by using a browser with privacy features, like Brave, or installing browser plugins like Privacy Badger, Ghostery, or uBlock Origin, and configuring them to block third party cookies/trackers.
- Platform opt-outs. Some advertising companies offer opt-out features that let you opt out of use of your information for interest-based advertising, including:some text
Note that because these opt out mechanisms are specific to the device or browser on which they are exercised, you will need to opt out on every browser and device that you use.
Do Not Track. Some Internet browsers can be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to “Do Not Track” or similar signals. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.
Data Retention
We may retain your personal information for as long as it is reasonably needed in order to maintain and expand our relationship and provide you with our services; in order to comply with our legal and contractual obligations; or to protect ourselves from any potential disputes. To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of such information, the potential risk of harm from unauthorized use or disclosure of such information, the purposes for which we process it, and the applicable legal requirements.
Other sites, mobile applications, and services
Our Services may contain links to other websites, mobile applications, and other online services operated by third parties. These links are not an endorsement of, or representation that we are affiliated with, any third party. In addition, our content may be included on web pages or in mobile applications or online services that are not associated with us. We do not control third party websites, mobile applications or online services, and we are not responsible for their actions. Other websites and services follow different rules regarding the collection, use and sharing of your personal information. We encourage you to read the privacy policies of the other websites and mobile applications and online services you use.
Security practices
We use reasonable organizational, technical and administrative measures designed to protect against unauthorized access, misuse, loss, disclosure, alteration and destruction of personal information we maintain. Unfortunately, data transmission over the Internet cannot be guaranteed as completely secure. Therefore, while we strive to protect your personal information, we cannot guarantee the security of personal information. In the event that we are required to notify you about a situation involving your data, we may do so by email or telephone to the extent permitted by law.
Children
Our Services are not intended for children, and we do not intend to collect personal information from them. In connection with this Privacy Policy, we define “children” as anyone under 13 years old. If we learn we have collected or received personal information from a child without verification of parental consent, we will delete the information. If you believe we might have any information from or about a child, please contact us via the contract information noted below.
Changes to this Privacy Policy
We reserve the right to modify this Privacy Policy at any time. If we make material changes to this Privacy Policy, we will notify you by updating the date of this Privacy Policy and posting it on our Services. We may also provide notification of changes in another way that we believe is reasonably likely to reach you, such as via e-mail (if you have an account where we have your contact information) or another manner through our Services.
Any modifications to this Privacy Policy will be effective upon our posting the new terms and/or upon implementation of the new changes on our Services (or as otherwise indicated at the time of posting). In all cases, your continued use of the Services after the posting of any modified Privacy Policy indicates your acceptance of the terms of the modified Privacy Policy.
How to contact us
If you have any questions or concerns, you can reach us by email at privacy@vori.com.