Privacy Policy

Last Updated: June 18, 2025

At Vepien ("we," "us," or "our"), we are committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy explains how we collect, use, disclose, store, and protect your personal data when you use our server rental, web development, maintenance, and related services ("Services") offered through our operations in Dubai’s freezone. By using our Services, you agree to the practices described in this Privacy Policy. If you do not agree, please do not use our Services.

This Privacy Policy complies with applicable data protection laws, including but not limited to the UAE Federal Law No. 45 of 2021 on Personal Data Protection, DIFC Data Protection Law No. 5 of 2020, Turkey’s Personal Data Protection Law (KVKK, Law No. 6698), the General Data Protection Regulation (GDPR), and the California Consumer Privacy Act (CCPA).

1. Information We Collect

We collect the following types of information to provide and improve our Services:

1.1 Personal Data You Provide:

• Contact Information: Name, email address, phone number, and billing address provided during registration or when contacting us.
• Account Information: Username, password, and other credentials used to access our Services.
• Payment Information: Credit card details, bank account information, or other payment methods processed through secure third-party payment processors.
• Support Requests: Information provided when you contact our support team, such as inquiries or technical issue descriptions.

1.2 Automatically Collected Data:

• Usage Data: Information about how you interact with our Services, including IP address, browser type, device information, operating system, and access times.
• Server Logs: Technical data generated by your use of our servers, such as bandwidth usage, server activity logs, and error reports.
• Cookies and Tracking Technologies: We use cookies, web beacons, and similar technologies to enhance your experience, analyze usage, and deliver personalized content. You can manage cookie preferences through your browser settings.

1.3 Third-Party Data:

• Data received from third-party service providers (e.g., payment processors or analytics providers) to facilitate our Services.

2. How We Use Your Information

We use your personal data for the following purposes, as permitted by applicable law:

• To provide, maintain, and improve our Services, including server rental, technical support, and web development.
• To process payments and manage billing.
• To communicate with you, including responding to inquiries, providing support, and sending service-related updates.
• To monitor and analyze usage patterns to enhance Service performance and user experience.
• To ensure the security of our Services, including detecting and preventing fraud, unauthorized access, or cyberattacks.
• To comply with legal obligations, such as responding to lawful requests from authorities or maintaining records as required by law.
• To deliver personalized content or marketing communications, where you have provided consent (if required by law).

3. Legal Basis for Processing (GDPR)

For customers in the European Union, we process personal data based on the following legal grounds under GDPR:

• Contractual Necessity: To fulfill our obligations under our Terms and Conditions (e.g., providing Services, processing payments).
• Legitimate Interests: To improve our Services, ensure security, and prevent fraud, where such interests do not override your rights.
• Consent: For marketing communications or non-essential cookies, where you have provided explicit consent.
• Legal Obligation: To comply with applicable laws or regulatory requirements.

4. How We Share Your Information

We do not sell your personal data. We may share your data in the following circumstances:

• Service Providers: With trusted third-party providers (e.g., payment processors, hosting providers, or analytics services) who assist us in delivering our Services, subject to strict confidentiality agreements.
• Legal Compliance: When required by law, court order, or government authority, such as to comply with UAE, Turkish, or international regulations.
• Business Transfers: In connection with a merger, acquisition, or sale of assets, where your data may be transferred to a successor entity under similar privacy protections.
• With Your Consent: When you explicitly authorize us to share your data with third parties.

5. Data Security

We implement industry-standard security measures to protect your personal data, including:

• Encryption of data in transit and at rest (e.g., SSL/TLS protocols).
• Regular security audits and compliance with ISO 27001 and PCI DSS standards.
• Firewalls, DDoS protection, and access controls to prevent unauthorized access.
• Staff training on data protection and cybersecurity best practices.

Despite these measures, no system is completely secure. In the event of a data breach, we will notify affected users and relevant authorities as required by applicable law (e.g., within 72 hours under GDPR).

6. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy or as required by applicable law:

• Account and billing data are retained for the duration of your use of our Services and up to 7 years thereafter, as required by tax and accounting laws in the UAE and Turkey.
• Server logs and usage data are retained for up to 12 months for security and performance analysis, unless required for legal purposes.
• You may request deletion of your data (see Section 7), subject to legal retention obligations.

7. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

7.1 Under GDPR (EU Residents):

• Access: Request a copy of your personal data.
• Rectification: Correct inaccurate or incomplete data.
• Erasure: Request deletion of your data, subject to legal obligations.
• Restriction: Limit the processing of your data in certain circumstances.
• Data Portability: Receive your data in a structured, machine-readable format.
• Objection: Object to processing based on legitimate interests or for direct marketing.
• Withdraw Consent: Withdraw consent for processing where consent is the legal basis.

7.2 Under CCPA (California Residents):

• Know: Request information about the categories and specific pieces of personal data collected, used, or shared.
• Delete: Request deletion of your personal data, subject to exceptions.
• Opt-Out: Opt out of the sale of personal data (note: Vepien does not sell personal data).
• Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.

7.3 Under KVKK (Turkey Residents):

• Access and rectification rights similar to GDPR.
• Request information about data processing and third-party sharing.
• Object to processing that may cause harm.

7.4 Under UAE Laws:

• Request access, correction, or deletion of your data, as provided by UAE Federal Law No. 45 of 2021 and DIFC Data Protection Law.

To exercise your rights, contact us at [email protected] . We will respond within 30 days (or as required by law, e.g., 72 hours for UAE requests). We may require identity verification to process your request.

8. International Data Transfers

As Vepien operates from Dubai’s freezone and sources servers from Turkey, your data may be transferred to and processed in countries outside your jurisdiction. We ensure that such transfers comply with applicable data protection laws:

• For EU customers, we use Standard Contractual Clauses (SCCs) or other GDPR-approved mechanisms for transfers to non-EEA countries.
• For UAE and Turkish data, we comply with local regulations on cross-border data transfers.
• All service providers involved in data transfers are bound by agreements ensuring equivalent protection.

9. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience and analyze Service usage. Categories include:

• Essential Cookies: Necessary for the operation of our Services (e.g., authentication).
• Performance Cookies: Collect anonymized data to improve Service performance.
• Marketing Cookies: Used for personalized ads, only with your consent.

You can manage cookie preferences through your browser or our cookie consent tool. Disabling cookies may affect the functionality of our Services.

10. Third-Party Links

Our Services may contain links to third-party websites or services not operated by Vepien. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies.

11. Children’s Privacy

Our Services are not intended for individuals under 16 years of age. We do not knowingly collect personal data from children. If we become aware of such data, we will take steps to delete it, unless required to retain it by law.

12. Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. We will notify you of material changes via email or a notice on our website at least 30 days before they take effect. Your continued use of our Services after such changes constitutes your acceptance of the updated Privacy Policy.

13. Contact Information

For questions, concerns, or to exercise your data protection rights, contact our Data Protection Officer:

• Email: [email protected]  
• Address: Vepien L.L.C, Meydan Grandstand, 6th Floor, Meydan Road, Nad Al Sheba, Dubai, UAE

If you are not satisfied with our response, you may contact the relevant data protection authority in your jurisdiction, such as:

• UAE: UAE Data Protection Office
• Turkey: Kişisel Verileri Koruma Kurumu (KVKK)
• EU: Your local Data Protection Authority
• California: California Attorney General’s Office

Your Trust Matters
At Vepien, we are dedicated to safeguarding your privacy and ensuring transparency in how we handle your personal data. Thank you for choosing us as your trusted technology partner.