Who controls your data
Vendably Ltd. is the data controller for personal data processed on trust.vendably.com. We are registered with the Information Commissioner's Office (ICO) under registration number: [TODO: ICO registration number].
Our data protection contact is: [TODO: privacy@vendably.com or whichever DPO contact email]. Our registered office is: [TODO: Vendably Ltd. registered address].
This policy applies only to trust.vendably.com and the data flows associated with it: reviewer personal information, review content, invitation tokens, IP and access logs, and cookies set on the trust subdomain. It is not the master Vendably privacy policy for the merchant platform. For merchant platform data, see vendably.com/privacy/.
What personal data we collect
When you submit a review or interact with trust.vendably.com, we may collect the following personal data:
Reviewer identity data
- Your name (as provided in your review submission or invitation)
- Your email address (from the invitation or open-submission flow)
- Your country and language preference
Review content
- Review text, star rating, and optional title
- Any optional purchase context provided, such as an order reference or transaction ID (supplied by the merchant invitation)
- The verified-purchase flag, which indicates that the review was submitted via a valid invitation token tied to a real purchase
Technical data
- IP address (collected from access logs and from review submission, used for spam and fraud protection)
- User agent string (browser type and version, used for spam protection)
Cookies
We set first-party session and CSRF cookies only. [TODO: confirm no analytics cookies are set on trust.vendably.com; proposed: session cookie + CSRF token only]. We do not set third-party advertising or tracking cookies.
How we use your data
| Purpose | Data used | Lawful basis |
|---|---|---|
| Hosting your review on the merchant's trust profile | Name, rating, review content, verified-purchase flag | Contract (you submitted the review for publication) |
| Sending review-status notifications (published, flagged, removed) | Email address | Legitimate interests (you have a reasonable expectation of being informed about changes to your review) |
| Spam and fraud protection during review submission | IP address, user agent, invitation token | Legitimate interests (protecting the integrity of the review platform) |
| Aggregate analytics for moderation insight and platform improvement | Anonymised review data | Legitimate interests (improving moderation quality and platform reliability) |
| Responding to legal requests and exercising or defending legal claims | All relevant data | Legal obligation / legitimate interests |
Who we share your data with
The merchant
The merchant whose trust profile you reviewed will be able to see your review content, your reviewer name, your country, and (depending on their plan) your email address. They will not have access to your IP address, user agent, or any other technical data.
Public visitors
Your review is public unless it is removed or you request anonymisation. The reviewer name and country you provided are visible to anyone who visits the merchant's trust profile. Your email address is never displayed publicly.
Review aggregators
Where Vendably has contracted to syndicate review content to third-party surfaces (for example, Google's Product Review Feed or JSON-LD markup on the merchant's own website), your review content, star rating, reviewer name, and country may appear on those surfaces. This syndication is part of the service you agreed to when submitting your review.
Sub-processors
We use sub-processors to operate the platform. See the full list below at sub-processors.
Law enforcement and legal process
We may disclose your personal data if required to do so by law, court order, or other legitimate legal process, or to protect Vendably's rights, property, or safety, or the rights, property, or safety of others.
Sub-processors
[TODO: confirm full sub-processor list; proposed list below.]
| Processor | Purpose | Location |
|---|---|---|
| DigitalOcean | Platform hosting and database storage | [TODO: confirm region: EU, UK, or US?] |
| [TODO: confirm ESP: Postmark / SendGrid / Mailgun] | Sending invitation emails and review notification emails | [TODO: confirm location] |
| Perspective API (Google) | Toxicity scoring on submitted reviews (automated moderation) | United States |
| OpenAI | Sentiment analysis on submitted reviews | United States |
| [TODO: confirm any analytics provider] | [TODO: confirm purpose] | [TODO: confirm location] |
We will update this list when sub-processors change. You can request a current copy of this list at any time by contacting us.
International transfers
Some of our sub-processors operate outside the UK and EU. Where personal data is transferred to a country without an adequacy decision from the UK ICO or the European Commission, we rely on Standard Contractual Clauses (SCCs) or equivalent appropriate safeguards to protect your data.
[TODO: confirm specific transfer mechanisms for each sub-processor that operates outside UK/EU, particularly Perspective API and OpenAI.]
You can request further information about the specific safeguards in place for any international transfer by contacting us at [TODO: privacy@vendably.com or whichever DPO contact email].
How long we keep your data
| Data | Retention period |
|---|---|
| Published review (content, name, rating) | [TODO: confirm; proposed: indefinite while published; the merchant has a contractual right to continued public display] |
| Removed review content (moderation audit log) | [TODO: confirm; proposed: 7 years in audit log, then anonymised] |
| Reviewer email and name after review removal or account closure | [TODO: confirm; proposed: anonymised within 30 days of removal/closure] |
| IP address and user agent (access and submission logs) | [TODO: confirm; proposed: 90 days] |
| Backups | [TODO: confirm; proposed: 30 days] |
Your rights
Under UK GDPR and EU GDPR, you have rights over the personal data we hold about you. For a full explanation of each right and how to exercise it, see our GDPR / Data Subject Rights page.
Your rights include: access, rectification, erasure, restriction, portability, the right to object, and the right not to be subject to automated decision-making. You also have the right to lodge a complaint with the ICO at ico.org.uk.
Security
We take the security of your personal data seriously. Our security measures include:
- TLS encryption for all data in transit
- Encryption at rest for database storage
- Role-based access controls, so staff can access only the data they need for their role
- Audit logging of access to personal data
- Regular security reviews
[TODO: confirm certifications, e.g. ISO 27001 alignment, penetration testing cadence.]
No system is perfectly secure. If you believe you have found a security vulnerability in our platform, please contact us promptly at [TODO: privacy@vendably.com or security contact email].
Breach notification
In the event of a personal data breach, Vendably will notify the ICO within 72 hours of becoming aware of the breach, where required to do so under UK GDPR Article 33.
Where a breach is likely to result in a high risk to your rights and freedoms, we will also notify you without undue delay, providing information about the nature of the breach, the data likely affected, the likely consequences, and the measures we have taken or propose to take.
Contact
For data protection queries relating to trust.vendably.com, contact us at: [TODO: privacy@vendably.com or whichever DPO contact email].
If you are not satisfied with our response, you have the right to complain to the ICO at ico.org.uk or by calling 0303 123 1113.
Changes to this policy
Material changes to this policy will be notified at least 30 days before they take effect, by email to all merchant account Owners and by a banner on this page. The version date below will be updated on any change.
This policy was last updated: 2 May 2026. Working draft, pending legal review.