top of page

Privacy Policy

Privacy Policy & Legal Notice
Last updated: 5 August 2025
 
At Vevirtual (“we”, “our”, “us”) we safeguard your privacy and handle your personal information securely and responsibly. By using our website, applications and virtual assistants (the “Services”), you agree to the practices described below.
 
1. Data We Collect
Personal data you provide directly
Name, email address, phone number and associated company or business.
Usage data
Interactions within the platform (pages visited, clicks, date and time of access).
Data obtained via Google OAuth
When you choose Sign in with Google we request only the email and profile scopes, which give us your name, email address and profile photo.
We also use the scope https://www.googleapis.com/auth/spreadsheets to read from or write to the single spreadsheet whose URL you manually supply during setup. We do not access any other files in your Google Drive.
 
2. Purposes of Processing

  1. Provision and improvement of the Service (automating responses, synchronising the designated spreadsheet, generating reports).

  2. Personalisation (remembering user preferences).

  3. Operational support and notifications.

  4. Legal compliance and fraud/abuse prevention.
     

3. Legal Basis

  • Performance of a contract: to create your account and deliver the contracted service.

  • Consent: to sign in with Google and access the spreadsheet you specify.

  • Legitimate interest: to maintain security and improve service quality.
     

4. Principle of Least Access & Google API Services User Data Policy Compliance

  • We comply with the Google API Services User Data Policy (Limited Use).

  • Data obtained via authorised scopes is used exclusively for the functions described here and is never sold or shared without your explicit consent.

  • Spreadsheet access is limited to the document you specify; we do not perform bulk access to Google Drive.
     

5. Information Sharing
We disclose your data only when:

  • Required to operate the service (hosting providers, transactional email, analytics tools) under confidentiality agreements;

  • Required by law or a competent authority;

  • In a merger, acquisition or corporate restructuring, ensuring the same level of protection.
     

6. Security

  • TLS/HTTPS encryption for all communications.

  • AES-256 encryption for stored OAuth credentials and tokens.

  • Automatic token rotation every 60 days and immediate revocation upon account closure.

  • Role-based access control and internal security audits every 90 days.

  • Encrypted backups retained for a maximum of 30 days.
     

7. Retention & Deletion

  • We retain your data while your account remains active or as needed to provide the Service.

  • Upon account cancellation or a deletion request, we erase data and revoke OAuth tokens within 30 days.
     

8. International Transfers
Data may be hosted on servers outside your country. We apply Standard Contractual Clauses or other adequacy mechanisms to ensure an equivalent level of protection.
 
9. Your Rights
You may exercise, free of charge:

  • Access, rectification and update;

  • Erasure (cancellation);

  • Objection or restriction of processing;

  • Data portability (where technically feasible).

Send your request to soluciones@vevirtual.com; we will respond within 10 days.
 
10. Cookies & Similar Technologies
We use first- and third-party cookies for analytics and functionality. You may disable them in your browser; some features may then be limited.
 
11. Changes to This Policy
We will post any changes at vevirtual.com/privacy-policy and, for material changes, notify you by email at least 7 days in advance.
 
12. Contact
Vevirtual 
Marsella 71, Hermosillo, Sonora 83260, Mexico
Email: soluciones@vevirtual.com
 
Esta política también está disponible en español.

bottom of page