vlastERPvlastERPBack to site

Privacy Policy

Last updated: March 29, 2026

1. Introduction

Vlast Software und Systementwicklung UG, operating under the brand vlastERP ("we", "us"), is committed to protecting your personal data. This Privacy Policy explains how we collect, use, and protect your information when you visit our website and sign up for our waitlist or newsletter, in compliance with the General Data Protection Regulation (GDPR) and applicable data protection laws.

Vlast Software und Systementwicklung UG (haftungsbeschränkt) is currently being incorporated. This policy will be updated once the company is registered in the commercial register (Handelsregister).

2. Data Controller

Vlast Software und Systementwicklung UG
Email: [email protected]

3. Data We Collect

3.1 Waitlist / Newsletter

When you sign up for our waitlist, we collect:

  • Email address
  • Name (if provided)
  • Company name (if provided)
  • Signup timestamp

3.2 Contact Form

If you contact us via email, we store the content of your message, your email address, and any information you voluntarily provide, solely to respond to your inquiry.

3.3 Website Usage

We automatically collect:

  • IP address (anonymized, for security purposes)
  • Browser type and version
  • Pages visited and referrer URL
  • Timestamps of access

We use Plausible Analytics, a privacy-focused analytics tool that does not use cookies and does not collect personal data. All analytics data is aggregated and anonymous.

4. Legal Basis for Processing

  • Consent (Art. 6(1)(a) GDPR): When you sign up for our waitlist or newsletter, you explicitly consent to receiving communications about vlastERP. You can withdraw consent at any time.
  • Legitimate interests (Art. 6(1)(f) GDPR): Website security, spam prevention, and service improvement based on aggregated, anonymous usage data.

5. Data Storage and Security

All data is stored on servers located within the European Union. We use TLS encryption for all data in transit and implement appropriate technical and organizational measures to protect your data against unauthorized access, loss, or alteration.

We do not transfer personal data outside the EU/EEA.

6. Data Sharing

We do not sell, rent, or trade your personal data to third parties.

We may share data only with:

  • Email service provider — to send waitlist confirmations and product updates (EU-based, under a Data Processing Agreement)
  • Hosting provider — EU-based infrastructure (under a Data Processing Agreement)
  • Legal authorities — only when required by law or valid court order

7. Data Retention

  • Waitlist data: Retained until you unsubscribe or until the product launches and you either create an account or request deletion.
  • Contact inquiries: Retained for 12 months after the last communication, then deleted.
  • Server logs: Automatically deleted after 90 days.

8. Your Rights

Under GDPR, you have the right to:

  • Access your personal data (Art. 15)
  • Rectify inaccurate data (Art. 16)
  • Erase your data ("right to be forgotten") (Art. 17)
  • Restrict processing (Art. 18)
  • Data portability — receive your data in a structured format (Art. 20)
  • Object to processing based on legitimate interests (Art. 21)
  • Withdraw consent at any time (Art. 7)

To exercise any of these rights, email us at [email protected]. We will respond within 30 days.

To unsubscribe from the waitlist, click the unsubscribe link in any email or email us directly.

9. Cookies

Our website uses only strictly necessary cookies (e.g., cookie consent preference). We do not use tracking cookies, advertising cookies, or third-party analytics cookies. See our Cookie Policy for details.

10. Changes to This Policy

We may update this Privacy Policy from time to time, particularly when the company is formally incorporated or when we launch the product. Material changes will be communicated via email to waitlist subscribers. The "Last updated" date at the top reflects the most recent revision.

11. Supervisory Authority

You have the right to lodge a complaint with a data protection supervisory authority. As we operate from Spain, the competent authority is the Agencia Española de Protección de Datos (AEPD). If you are based in Germany, you may also contact your local Landesdatenschutzbeauftragte.

12. Contact

For privacy-related inquiries:
Email: [email protected]
Email: [email protected]