Vaendora

Privacy Policy

Last updated: February 21, 2026

1. Introduction

Vaendora ("we," "us," or "our") is a digital commerce operating system operated by Junn Digital Ltd, a company registered in Lagos, Nigeria. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform, including our website at vaendora.com, merchant dashboard, business websites, APIs, chatbot services, and any related services (collectively, the "Platform").

By accessing or using our Platform, you agree to this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access the Platform.

2. Information We Collect

2.1 Merchant Information

When you register as a merchant on Vaendora, we collect:

  • Business name, address, and contact information
  • Email address and password (hashed)
  • Bank Verification Number (BVN) for identity verification
  • Settlement account details (bank name, account number)
  • Business registration documents and KYC information
  • Product listings, pricing, and inventory data
  • Branding assets (logos, banners, store images)

2.2 Customer Information

When customers interact with merchant business websites, we may collect:

  • Name, email address, and phone number
  • Shipping and billing addresses
  • Order history and transaction details
  • Product reviews and ratings
  • Wishlist items and browsing preferences
  • Chat conversations with AI-powered customer support

2.3 Payment Information

We process payments through third-party payment processors. We collect transaction details including payment amounts, dates, and status. We do not directly store complete bank account credentials or payment card numbers on our servers. Payment verification is handled through our payment processing partners.

2.4 Social Media and Messaging Data

When merchants connect their social media accounts (Instagram, Facebook) to our Platform for omnichannel messaging, we collect:

  • Instagram and Facebook Page access tokens (securely stored)
  • Instagram Business Account and Facebook Page identifiers
  • Direct messages and conversations received through connected accounts
  • Instagram comment data for comment automation features
  • Customer profile information from social media interactions (name, username, profile picture)

2.5 Automatically Collected Information

  • IP address and browser type
  • Device information and operating system
  • Pages visited and time spent on the Platform
  • Referring URLs and search terms
  • Cookies and similar tracking technologies

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our Platform and services
  • Process transactions and send related information (order confirmations, receipts, shipping updates)
  • Create and manage merchant accounts and business websites
  • Verify merchant identity and complete KYC requirements
  • Enable AI-powered chatbot responses and customer support
  • Facilitate omnichannel messaging (Instagram DMs, Facebook Messenger, website chat)
  • Process Instagram comment automations and keyword-triggered responses
  • Send email notifications, marketing campaigns, and automated sequences
  • Manage custom domains, DNS settings, and email hosting
  • Process subscription billing and recurring payments
  • Generate analytics, dashboards, and business reports for merchants
  • Detect, investigate, and prevent fraudulent transactions and unauthorized access
  • Comply with legal obligations and resolve disputes

4. Third-Party Services and Integrations

We integrate with the following third-party services to provide our Platform functionality:

4.1 Meta Platforms (Instagram and Facebook)

Our Platform integrates with Meta Platforms, Inc. ("Meta") to enable Instagram Direct Message and Facebook Messenger integrations. When merchants connect their accounts:

  • We request access to manage messages, view pages, and manage page metadata through Meta's OAuth flow
  • We receive and process incoming messages via Meta's Webhook API
  • Message data is used solely to facilitate AI-powered chatbot responses and merchant customer support
  • We store access tokens securely and use them only for authorized messaging operations
  • Merchants can disconnect their accounts at any time, which revokes our access
  • Our use of Meta data complies with the Meta Platform Terms and Developer Policies

4.2 Payment Processing

We work with licensed payment processing partners to handle bank transfer verification and payment processing. Payment data is processed in accordance with our partners' privacy policies and applicable financial regulations.

4.3 Cloud Storage

We use Cloudflare R2 for secure storage of merchant branding assets, product images, and other media files. Files are stored with appropriate access controls and served through Cloudflare's global network.

4.4 Domain and Email Services

We partner with domain registrars and email hosting providers to enable custom domain registration, DNS management, and email mailbox provisioning for merchants.

5. Data Sharing and Disclosure

We may share your information in the following circumstances:

  • With Service Providers: We share data with third-party service providers who perform services on our behalf, such as payment processing, cloud hosting, domain registration, and email delivery.
  • Between Merchants and Customers: Order information, shipping details, and communications are shared between merchants and their customers as necessary to fulfill orders and provide customer support.
  • For Legal Compliance: We may disclose information when required by law, regulation, legal process, or governmental request.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.
  • With Your Consent: We may share your information for any other purpose with your explicit consent.

We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

6. Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit using TLS/SSL
  • Secure hashing of passwords
  • Token-based authentication for API access
  • Encrypted storage of third-party access tokens and secrets
  • Regular security reviews and access controls
  • Database-level access restrictions and audit logging

While we strive to protect your personal information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

7. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you services. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

  • Account Data: Retained for the duration of your account and up to 12 months after account deletion.
  • Transaction Records: Retained for a minimum of 7 years as required by financial regulations.
  • Chat and Message Data: Retained for 24 months from the date of the conversation, unless the merchant deletes it sooner.
  • Social Media Tokens: Deleted immediately upon disconnection of the social media account.
  • Analytics Data: Retained in aggregated, anonymized form indefinitely.

8. Your Rights

Depending on your location, you may have the following rights regarding your personal information:

  • Access: You can request a copy of the personal data we hold about you.
  • Correction: You can request that we correct inaccurate or incomplete personal data.
  • Deletion: You can request that we delete your personal data, subject to legal retention requirements.
  • Data Portability: You can request your data in a structured, machine-readable format.
  • Objection: You can object to the processing of your personal data for certain purposes.
  • Withdrawal of Consent: You can withdraw consent at any time where processing is based on consent.

To exercise any of these rights, please contact us at [email protected].

9. User Data Deletion

You may request deletion of your data at any time. For merchants, this includes all account information, business website data, product listings, and associated customer data.

To request data deletion:

  • Email us at [email protected] with the subject line "Data Deletion Request"
  • Include the email address associated with your account
  • We will process your request within 30 days and confirm deletion

For Meta (Instagram/Facebook) data: When a merchant disconnects their Instagram or Facebook account from our Platform, we immediately delete the associated access tokens and stop receiving messages. Previously received message data will be deleted within 30 days of disconnection, unless required for legal compliance.

You may also request data deletion through Meta's platform settings, which will notify us to remove any data obtained through the Meta integration.

10. Cookies and Tracking

We use cookies and similar technologies to enhance your experience on our Platform. These include:

  • Essential Cookies: Required for the Platform to function, including authentication and session management.
  • Analytics Cookies: Help us understand how visitors interact with our Platform to improve user experience.
  • Preference Cookies: Remember your settings and preferences across visits.

You can control cookie preferences through your browser settings. Note that disabling certain cookies may affect the functionality of the Platform.

11. Children's Privacy

Our Platform is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal data from a child under 18, we will take steps to delete that information promptly.

12. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. We take appropriate measures to ensure that your personal information remains protected in accordance with this Privacy Policy.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically for any changes.

14. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at:

Vaendora by Junn Digital Ltd

Lagos, Nigeria

Email: [email protected]

Privacy Inquiries: [email protected]

Website: vaendora.com