Veinera Privacy Policy
Last updated: December 28, 2025
This Privacy Statement explains how Veinera (“Veinera,” “we,” “us”) collects, uses, discloses, and safeguards personal information when you interact with our websites, landing pages, and marketing communications (together, the “Sites”). It also describes the choices available to you and, where applicable, the privacy rights you may have.
Veinera uses a layered privacy approach: this Privacy Statement covers the Sites and general interactions, and it is complemented by service-specific notices (for example, a Products & Services Privacy Supplement and a Data Processing Addendum (DPA) for customers). If there is a conflict between a supplement/DPA and this Privacy Statement for a specific context, the supplement/DPA will apply to that context.
Who we are
For the personal information collected through the Sites, the data controller is:
Legal entity: Veinova CV
Address: Treasury Tower, 31st Floor, Jl. Jend. Sudirman Kav. 52–53, District 8, SCBD, Jakarta 12190
Email: legal@veinera.com
If you are using Veinera’s platform through a business account, Veinera may act as a processor for certain customer-controlled data in accordance with the applicable DPA and service supplement.
Where this Privacy Statement applies
This Privacy Statement applies when you:
visit or browse the Sites
request a demo, submit a form, download materials, subscribe, or contact us
register for webinars/events or participate in surveys
receive marketing communications from us (where permitted)
Product and platform usage data (inside the Veinera application and related services) is addressed primarily in the Products & Services Privacy Supplement and, where applicable, a DPA executed with customers. Those documents describe more limited, service-delivery-focused processing for customer data.
Personal information we collect
The personal information we collect depends on how you interact with us.
Information you provide directly may include your name, email address, phone number, company name, job title, country/region, and any information you include in messages, form fields, or attachments (for example, inquiries, partnership requests, or event registration details).
Information collected automatically when you use the Sites may include device and usage information such as your IP address, browser type, pages viewed, timestamps, referring pages, approximate location derived from your IP address, and cookie or similar technology identifiers.
Information from third parties may include information provided by event partners (if you register through them) and limited marketing/measurement data from advertising or social media partners (for example, aggregated campaign performance, conversion events, or audience measurement signals), to the extent permitted by applicable law and your settings.
We do not intentionally collect “sensitive” information through the Sites (such as health information, biometric data, or information revealing race/ethnicity, religion, or political opinions). Please do not submit sensitive information through public forms unless we explicitly request it and provide a lawful basis and safeguards.
How we use personal information
We use personal information in a manner consistent with the context in which it was collected, including to:
Provide the Sites and communications you request, such as responding to inquiries, processing demo requests, and sending materials you ask for
Operate, maintain, and improve the Sites, including troubleshooting, performance analysis, and user experience improvements
Send marketing communications and updates where permitted by law (and where required, with your consent), and to personalize communications based on your preferences
Measure and improve marketing effectiveness, such as understanding which pages or campaigns are useful and how visitors engage with content
Protect the security and integrity of our Sites, including preventing fraud, abuse, and unauthorized access
Comply with legal obligations and enforce our terms, resolve disputes, and protect our rights and the rights of others
Where feasible, we use aggregated or de-identified information to improve the Sites and our business operations.
Legal bases for processing (GDPR/UK GDPR where applicable)
If you are located in the EEA, the UK, or another jurisdiction that requires a lawful basis, we rely on one or more of the following bases depending on the situation:
Consent (for example, where required for certain cookies or for particular types of marketing).
Contract or pre-contract steps (for example, where you request information necessary to enter into a business relationship).
Legitimate interests (for example, keeping our Sites secure, improving our services, and conducting proportionate B2B marketing where permitted).
Legal obligations (for example, compliance, recordkeeping, responding to lawful requests).
You can withdraw consent at any time where we rely on consent, without affecting the lawfulness of processing before the withdrawal.
Cookies and similar technologies
The Sites use cookies and similar technologies (such as pixels and local storage) to operate properly, remember preferences, analyze traffic, and measure campaign effectiveness.
When required by law, we will present a cookie banner and obtain consent before placing non-essential cookies. You can manage cookies through our cookie banner/preferences tool (if enabled) and through your browser settings. Note that disabling cookies may affect the functionality of the Sites.
How we disclose personal information
We may disclose personal information in limited circumstances, including:
Service providers and vendors who perform services on our behalf (such as hosting, analytics, CRM systems, email delivery, customer support tools, and security monitoring). These providers are authorized to process personal information only as necessary to provide services to us and are subject to appropriate contractual protections.
Professional advisors such as lawyers, auditors, insurers, and consultants where necessary for business, legal, or compliance purposes.
Legal and regulatory authorities where disclosure is required by law, regulation, legal process, or enforceable governmental request, or where we believe in good faith that disclosure is necessary to protect rights, safety, or prevent fraud and abuse.
Business transactions such as a merger, acquisition, financing, reorganization, or sale of assets, where personal information may be transferred as part of that transaction, subject to appropriate confidentiality and notice where required by law.
Veinera does not sell personal information in the traditional sense. If you operate in jurisdictions that define “sale” or “sharing” broadly (such as certain U.S. state privacy laws), we can provide an additional regional disclosure if needed.
International data transfers
Your personal information may be processed in countries other than where you live. Where cross-border transfers are subject to restrictions (for example, transfers of personal data from the EEA), we use appropriate safeguards, which may include Standard Contractual Clauses and supplementary measures where necessary.
Security
We maintain technical and organizational measures designed to protect personal information, such as access controls, security monitoring, and encryption in transit where appropriate. No method of transmission or storage is completely secure, and we cannot guarantee absolute security. If you believe your interaction with us is no longer secure, please contact us promptly at legal@veinera.com.
Data retention
We retain personal information only for as long as reasonably necessary for the purposes described in this Privacy Statement, including to provide requested information, maintain business records, comply with legal obligations, resolve disputes, and enforce agreements. Retention periods vary depending on the type of information, the reason we collected it, and applicable legal requirements.
Your choices and rights
You can opt out of marketing emails at any time by using the unsubscribe link in our emails or by contacting us. In some regions, you may also have legal rights related to your personal information, which may include the right to request access, correction, deletion, restriction, portability, or to object to certain processing. Where processing is based on consent, you may withdraw consent at any time.
We will respond to verified requests in accordance with applicable law. If you have concerns, you may also have the right to lodge a complaint with a data protection authority in your jurisdiction (where applicable).
Children’s privacy
The Sites are not intended for children, and we do not knowingly collect personal information from children under the age required by local law. If you believe a child has provided personal information to us, please contact us so we can take appropriate steps.
Changes to this Privacy Statement
We may update this Privacy Statement from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we do, we will update the “Last updated” date above. If changes are material, we will provide additional notice as required by law.