We respect the privacy of our customers, users and employees. As a business providing enterprise intranets, we need to collect, store and use data relating to our customers and our customers also use our platform for storing and using their own personal data, for instance relating to their employees. Privacy is therefore a matter of high priority to us.
We are committed to processing personal data in compliance with this privacy policy and applicable laws. This privacy policy contains information about what personal data we collect, what are the key principles of processing the data and what rights you have relating to your personal data. Through our enterprise intranets, we also operate from time to time as a data processor for our customers (e.g. company or organizations using our platform), which means that we process personal data based on contracts on behalf of our customers in accordance with their instructions. We would therefore urge you to read our customer’s privacy policy as well.
We may do updates to this privacy policy from time to time associated with development of our business or changes in applicable laws, so please read visit this privacy policy from time to time.
Data controller
The data controller relating to processing of personal data pursuant to this privacy policy is:
Velforo Social Networks
Business ID: 2802188-2
Hermann-Lingg Str. 16
80336 München
Germany
Email: support@velforo.com
We can refer to Velforo Social Networks in this privacy policy also as “Velforo Business Networks”, “we” or “us”. It’s our responsibility to process personal data in accordance with this privacy policy and applicable privacy laws.
Privacy contact, Data Protection Officer: Tim Lavagi
For what purposes is personal data collected and used and what is the legal basis for processing personal data?
We collect, store and process personal data only for predefined purposes. We also always make sure that there is at least one legal basis for processing personal data. The main purposes and the applicable legal basis for processing personal data are:
To provide our services. Personal data is collected and used for managing the entire customer relationship as well as performing our obligations and invoicing the services. The legal basis for this processing is a contract between Velforo Business Networks and the customer.
Sales and marketing. We also collect and use personal data for marketing purposes, including direct marketing and contacting potential customers. We may also use personal data to target or retarget advertising in digital media platforms, such as social media and search engines. The legal basis for this processing is especially our legitimate interest. A person can however at any point prohibit direct marketing by sending email to This email address is being protected from spambots. You need JavaScript enabled to view it.. We do not sell or rent personal data to third parties for marketing purposes.
Customer communications. We also collect and use personal data for customer communication purposes, including handling of support requests and customer feedback as well as notifying users about the service. The legal basis for this processing is fulfilling contractual obligations as well as our legitimate interest.
- Partner co-operation. We may transfer personal data about potential or existing customers to our local business partners and resellers for the purpose of handling contact requests as well as handling Velforo Business Networks' sales, marketing, support and customer service locally. These partners are usually in contractual relationship with Velforo Business Networks and bound by confidentiality obligations. As data controllers, they process personal data in accordance with their own privacy policies. Some of these partners may also be located outside the EU/EEA. In such case we make sure that there are appropriate safeguards in place for the data transfer.
Analytics and business development. We also use the personal data as well as the anonymized data generated from the use of our service to develop our own digital service. The legal basis for this processing is mainly our legitimate interest.
HR and recruiting. Personal data relating to employees and job applicants are mainly collected and used for human resources management purposes, payment of salaries, fulfilling other rights and obligations relating to employment contracts, meeting legal requirements relating to employment as well as evaluating and selecting candidates for open positions. The legal basis for this processing may be fulfilling a contract between Velforo Business Networks and the employee, consent (job applicants) as well as fulfilling legal obligations relating to employment.
What personal data is collected and from which sources?
The personal data we store relate mainly to the following groups of data subjects: potential and existing customers, potential and existing employees as well as various other roles within a customer organization, such as project team members and contract contact person.
The personal data we collect and use is largely provided by the person herself. Some data is also created and generated during the use of our service. For both job candidates and potential customers we also receive personal data from external or public sources, as we constantly search both new employees and also new customers. These include companies or services such as LeedFeader, Fonecta, Dista Oy, Discover.org, and contact lists generated by virtual assistants UpWork.
Regarding potential employees, we could also get information from public sources, such as LinkedIn, Monster, StackOverflow and CV boards. However, regarding job applicants and people we are interviewing we only use information provided by the applicant herself or at her consent from other sources, such as references.
Websites of Velforo Business Networkss
When you visit the websites of Velforo Business Networks, you are not required to provide any personal information. However, when you contact us via the chat function in the websites of Velforo Business Networks, when you sign up to receive information from us, or when you sign up to use our platforms, you are required to provide some Personal Information about yourself, and we may collect some Navigation Information, in accordance with our Cookies Policy.
Personal Information
“Personal Information” refers to any information that you choose to submit to us that identifies you personally. This includes, for example, your name, email address, company name, address, phone number, and other information about you and/or your business. This can also include information about you that is publicly available, information that is available about you online via sites like Facebook, LinkedIn, Twitter, and Google.
In addition to other uses mentioned in this Privacy Policy, we also may use your Personal Information to:
Improve your browsing experience by personalizing the websites of Velforo Business Networks;
Send you information we think may be of interest to you by email or other means;
Link the analytics information we store to Personal Information you submit to us; and
Contact you for marketing purposes related to our business, which we think may be of interest to you.
Navigation Information
This refers to information about your computer, device, visits to the websites of Velforo Business Networks, including your IP address, geographical location, browser type, referral source, length of visits, pages viewed, and heat mapping. We use Navigation Information to operate and improve the Websites of Velforo Business Networks, and may also use it to provide you with personalised information about Velforo Business Networks. Due to the nature of what is being collected, it is possible that Navigation Information may include Personal Information.
Service Providers
The Websites of Velforo Business Networks integrate some services provided by third parties. We may share some of your information with these service providers in order for them to provide their services, including removing repetitive information from prospect lists, analyzing data, providing marketing assistance, conducting customer and/or user profiling, and providing customer service
Velforo Business Networks seeks to conclude data processing agreements with each service provider before third party services are implemented into the Websites of Velforo Business Networks or Services in order to ensure that your Personal Information is used, stored, and transferred securely and in accordance with European Union law. Even so, Velforo Business Networks does not control or assume any responsibility for the content or practices of these service providers, including their data storage and transfer policies, and this Privacy Policy does not apply to these features, which are governed by their own policies and terms.
External Websites of Velforo Business Networkss
The Websites of Velforo Business Networks and Services may contain links to other websites run by third parties. Our provision of these links does not amount to our endorsement of these other websites, nor their content, owners, or practices. This Privacy Policy does not apply to those other websites, which are governed by their own terms and policies. Velforo Business Networks does not control or assume any responsibility for the content or practices of these other.
Customer Testimonials & Quotes
We may publish customer testimonials and quotes on the Websites of Velforo Business Networks, which may contain some Personal Information. Velforo Business Networks obtains consent from each customer and the featured individual prior to posting their name and testimonial.
Data we collect and process relating to our customers:
Company name
Contact person’s name
End user profile information as provided by the customer or the user
Work email and work phone
Invoicing details
Marketing opt-in’s / opt-out’s
Email address for marketing messages
Contact details for support issues
Contact details for invoicing and executing contracts
and similar data.
Data we collect and store relating to our employees:
Name and contact details
Social security number
Email
Details required for payment of salaries and withholding taxes
Health data and trade union membership data only for furthering the legal obligations relating to employment
Data we collect and store relating to our job applicants:
Basic contact details
Application and CV
With consent data from other sources, e.g. LinkedIn, references and previous colleagues or supervisors
Data entered by the users
Our customers and people within their organizations may use the enterprise intranet solution for storing and processing personal data where they are considered the data controller, in these situations we operate as their data processor based on a contract. In these situations, we process personal data only on behalf of the specific customer based on their instructions and only as long as we have a valid contract. More details about this processing can be found from the privacy policies our customers maintain. As a data controller, the customer has full control (and also responsibility) on what personal data it decides to enter in the platform and under what legal basis it has the right to process it and transfer to Velforo Business Networks, including acquiring necessary consents, if required. Velforo Business Networks does not review the data entered by the customer to the platform. For more information about under which terms Velforo Business Networks processes its customer’s personal data, refer to Velforo Business Networks DPA terms and conditions.
Who processes personal data and is it transferred to anyone?
Personal data is mainly stored in electronic format and only authorized personnel within our organization have access to the data. The more sensitive the data, the less people have access to it (e.g. health data related to employees).
We may also use third party services providers for data storage (e.g. cloud storage), digital marketing, processing of payments and other processing of personal data. In these situations, we make sure we have a written contract with the services provider with data processing provisions and also otherwise that the confidentiality of personal data is secured and data is otherwise processed and transferred lawfully. Some of these services providers include at the date of writing this policy Google and Stripe.
We may also disclose or transfer personal data to fulfil legal obligations or when a legal authority requires a disclosure. We may also disclose personal data if we are a party of a business sale, such as a merger or an acquisition.
If any of our services providers or data transferees are located outside the EU, we make sure that the transfer of data fulfils all legal requirements.
We may also transfer pseudonymised or anonymised data where it is not possible to identify a person. If this kind of data is no longer considered personal data, we may provide the data to third parties also for other purposes than those described in this privacy policy.
Is personal data transferred outside the EU?
By default, personal data is not transferred outside the EU. However, in various situations data may be transferred outside the EU if our services provider is located there.
If personal data is transferred outside the EU, we make sure that (1) the transferee is located in a country with adequate safeguards (as decided by the EU commission from time to time), the (2) transferee is Privacy Shield certified (if a US-based company) or (3) the transfer occurs by using model clauses published by the EU commission.
How long is data stored?
We will not store personal data for a longer period than is necessary for its purpose or required by contract or law. The retention periods for personal data may vary based on its purpose and the situation. The retention periods may also be based on applicable laws (e.g. accounting, tax laws, employment contracts act). We may also update data from time to time. Regarding content that our customers enter into a platform we have provided, it is their responsibility to plan the data retention periods.
How is data stored and kept secure?
Personal data is stored and secured in accordance with general industry standards and practices. We consider and keep personal data confidential. Subcontractors that we use for processing personal data are selected also based on their data security measures. For our own systems and data storage, we use only well established services providers and robust software tools. Access to personal data is also protected with user-specific logins, passwords and user rights. Our premises are also safe and secure.
Is it mandatory to provide personal data? What happens if you don’t provide it?
We need to collect and process some amount of personal data in order to provide the service and to ensure that an authorized person concludes a contract on behalf of our customer, to deliver and provide the agreed services as well as to identify the registered users of our platform. Relating to employment we also need to process at least the minimum personal data required to fulfil employment contracts and legal obligations relating to employment.
In recruitment situations it is not mandatory to provide us information. Everything happens on a voluntary basis. However, if you don’t provide necessary information, we may not be able to process your application.
Does the websites of Velforo Business Networks use cookies and what are those?
We use cookies to provide our service. If you disable cookies the service won’t be able to function.
We also use cookies on the different websites of Velforo Business Networks to provide the best possible user experience for our website visitors. Cookies are small text files that are placed on a web user’s computer and are designed to hold a modest amount of data particular to a user. Cookies give us information how users use the websites of Velforo Business Networks. We may use cookies to develop the websites of Velforo Business Networks and services, analyze the websites of Velforo Business Networks use as well as target and optimize marketing efforts. If you do not wish to receive cookies, you may set your web browser to disable them. Please note that most browsers accept cookies automatically. If you disable cookies, you should understand that our services or our websites of Velforo Business Networks may not function correctly.
What rights does a person have relating to her personal data?
Access to data
You have the right to have confirmed if we are processing your personal data and also to know what data we have about you. In addition, you have right to some supplemental information described in the law about the processing activities. For access requests, please contact us as instructed in the next section.
Withdraw your consent
If we process personal data based on your consent, you can at anytime withdraw your consent by notifying us by sending email to This email address is being protected from spambots. You need JavaScript enabled to view it..
Right to have errors corrected
You have the right to request that we correct any inaccurate or outdated personal data we have about you.
Right to prohibit direct marketing
You have the right to request that your personal data is not processed for direct marketing purposes by sending us email to This email address is being protected from spambots. You need JavaScript enabled to view it..
Unsubscribe marketing communications
You may unsubscribe from receiving our marketing communications at any time by clicking on the "unsubscribe" link located on the bottom of our emails, contacting us by email at This email address is being protected from spambots. You need JavaScript enabled to view it.
Right to object processing
If we process your personal data based on public interest or our legitimate interest, you have the right to object processing of your data, to the extent that there is no such significant other reason that would override your rights or the processing is not necessary for handling legal claims. Please notice that in this situation we may not be able to serve you anymore.
Right to restrict processing
In certain situations you have the right to require that we restrict processing of your personal data.
Right to data portability
If we process your personal data based on your consent or fulfilling of a contract, you have the right to require transfer of the data you have provided to us to another services provider in a commonly used electronic format.
How can a person use her rights?
You can execute and use your rights by contacting us by sending email to This email address is being protected from spambots. You need JavaScript enabled to view it.. In such case, we ask you to provide us your name, contact details, phone number as well as something that we can use to verify your identity, such as written and signed (and scanned) request, or a copy of your personal ID, but without social security number and other such information that we don’t need. If you consider that the processing of your personal data is not lawful, you can always also make a notification to a supervisory authority (in Bavaria, Germany please contact the Landesdatenschutzbeauftragte under https://www.lda.bayern.de/en/complaint.html).
Can this privacy policy be updated?
We may make updates to this privacy policy when our operations change or develop. Also changes in law may make it necessary to update this privacy policy. The changes become valid once we have published them in the form of an updated privacy policy. Therefore, please visit this page and read this privacy policy from time to time.