GDPR Compliance Vendo AI
Last updated October 30, 2025
Commitment to Data Protection
At Vendo AI LTD (“Vendo AI”, “we”, “us”, or “our”), we are committed to maintaining the highest standards of privacy, transparency, and data protection in compliance with the UK General Data Protection Regulation (UK GDPR), the EU GDPR, and international data protection frameworks.
We design every feature of our AI platform — from sales script generation to interactive presentations and AI meeting agents — with privacy by design and security by default principles at its core.
Who We Are
Company Name: Vendo AI LTD
Company Number: 15081711
Address: Fourth Floor, 4–8 Ludgate Circus, London, United Kingdom, EC4M 7LF
Email: info@vendo-ai.com
Vendo AI operates globally, providing AI-powered solutions that help businesses automate sales, presentations, and communication while maintaining full control of their data.
How We Ensure GDPR Compliance
We implement strict technical and organizational measures to ensure lawful, fair, and transparent data processing. Our GDPR compliance is based on the following core principles:
Lawfulness, Fairness, and Transparency – We process personal data only when there is a legal basis (contract, legitimate interest, consent, or legal obligation).
Purpose Limitation – Data is collected only for specific, explicit, and legitimate purposes related to AI automation services.
Data Minimization – We collect only the minimum data required to deliver and improve our services.
Accuracy – We keep all personal data accurate and up to date.
Storage Limitation – Personal data is stored only for as long as necessary (see table below).
Integrity and Confidentiality – We apply strong encryption, secure cloud infrastructure (AWS/Google Cloud), and restricted access policies.
Accountability – Vendo AI maintains detailed documentation of processing activities and ensures compliance through regular audits.
What Data We Process
| Category of Data | Examples | Purpose of Processing | Retention Period |
|---|---|---|---|
| Identity Data | Name, username | Account creation, user identification | 6 years after account closure |
| Contact Data | Email, phone | Communication, support | 6 years after last contact |
| Company Data | Business name, website, product information, uploaded materials (documents, presentations, videos) | To generate AI sales scripts, visual presentations, and AI agents | Retained for 12 months after last project activity |
| Technical Data | IP address, browser type, device ID, session data | Security, analytics, platform optimization | 24 months |
| Usage Data | Interactions with Vendo AI platform | Performance tracking and service improvement | 36 months |
| Financial Data | Payment info, transaction IDs | Billing, accounting, fraud prevention | 7 years (as required by law) |
| Marketing Data | Preferences, email opt-ins | Communication and promotional updates | Until user unsubscribes or withdraws consent |
Data Subject Rights
Under the UK GDPR and EU GDPR, you have the right to:
Access – Request a copy of your personal data.
Rectification – Correct inaccurate or incomplete data.
Erasure (“Right to be Forgotten”) – Request deletion of your data when legally permissible.
Restriction of Processing – Limit data processing under specific circumstances.
Data Portability – Obtain your data in a machine-readable format.
Objection – Object to processing for legitimate interest or marketing purposes.
Withdraw Consent – Revoke consent at any time without affecting prior processing.
To exercise any of these rights, contact info@vendo-ai.com.
We will respond to all legitimate requests within 30 days.
International Data Transfers
Your data may be processed and stored outside the United Kingdom and the European Economic Area.
We only transfer data to jurisdictions that ensure adequate protection, using Standard Contractual Clauses (SCCs) or equivalent safeguards approved by the UK ICO and European Commission.
Data hosting and processing are performed via trusted partners such as Amazon Web Services (AWS) and Google Cloud, ensuring full GDPR alignment.
Security of Processing
Vendo AI employs enterprise-grade data security measures, including:
End-to-end encryption (AES-256) for data in transit and at rest
Multi-factor authentication for admin access
Continuous monitoring and penetration testing
Regular staff training on GDPR and data ethics
Strict role-based access control (RBAC)
Automated Decision-Making and AI Transparency
Our platform uses artificial intelligence to analyze uploaded materials (e.g., documents, presentations, videos) and generate sales scripts, visual presentations, and AI agents that can autonomously conduct meetings with voice support.
All AI operations are fully explainable and human-overseeable.
Users maintain full ownership of their input data and outputs generated by the system, subject to applicable terms of service.
Data Breach Notification
In the unlikely event of a personal data breach, Vendo AI will:
Notify the relevant supervisory authority within 72 hours (as required by Article 33 GDPR).
Inform affected users without undue delay if the breach poses a high risk to their rights or freedoms.
Contact and Complaints
If you have questions about data protection or GDPR compliance, contact:
Data Protection Officer (DPO)
Vendo AI LTD
Fourth Floor, 4–8 Ludgate Circus
London, United Kingdom, EC4M 7LF
📧 info@vendo-ai.com
You also have the right to lodge a complaint with your local data protection authority or the UK Information Commissioner’s Office (ICO): www.ico.org.uk