Privacy Notice

This Privacy Policy describes how Vatengi Systems LLC collects, uses, discloses, and retains personal information when you visit our website, create an account, use the Vatengi workspace, API, or related services, and how we process professional contact information in our business directory.

1. Definitions

• Customer — the organization or individual that subscribes to or uses the Service under a workspace.
• User — an individual authorized by a Customer to access the Service (for example, employees or contractors).
• Data Subject — an identified or identifiable natural person whose personal data we process.
• Personal Data — information relating to an identified or identifiable person.
• Directory Data — professional contact and firmographic information about business individuals that we index, store, and make available through the Service.

2. B2B professional data

Directory Data consists of commercial and professional contact information about business individuals — for example, work email addresses, job titles, employers, office phone numbers, and related firmographic attributes. We process this data to support legitimate B2B sales, marketing, and recruiting by our Customers.

The Service is not intended for consumer surveillance, personal non-business use, or processing of consumer household data. Where a personal email address or other identifier appears in our directory, it is processed in a professional or business context for B2B prospecting, not for consumer marketing to individuals in their personal capacity.

3. Information we collect

3.1 Account and billing information

When you register or manage a workspace, we collect information such as your name, business email address, company name, job title, phone number, authentication credentials, billing details, and communications with us.

3.2 Workspace activity

We log how the Service is used, including searches, filters, credit-gated reveals, exports, CRM synchronizations, follow-up sequences, API calls, and audit events. This helps us operate the Service, prevent abuse, and maintain billing records.

3.3 Directory Data

Our directory contains professional information about business individuals, which may include names, job titles, employers, work and personal email addresses, phone numbers, professional social profiles, location information, employment history, and related firmographic attributes. We obtain Directory Data from public sources, licensed data providers, enrichment partners, and our own verification processes. Email and phone verification results may be cached temporarily to reduce redundant checks before being purged according to our retention practices in Section 11.

3.4 Cookies and similar technologies

We use essential cookies and similar technologies to maintain sessions, secure the Service, and remember preferences. Where required by law, we request consent before using non-essential analytics or marketing cookies. We honor Global Privacy Control (GPC) signals as described in Section 14.

3.5 Communications

If you contact support, submit a privacy request, or interact with product emails, we retain the content of those communications.

4. Sources of information

• Directly from you when you register, configure a workspace, or contact us.
• Automatically through your use of the Service (logs, device, and browser information).
• From third-party data suppliers, public professional sources, and enrichment vendors under contract.
• From payment processors and identity providers you choose to connect.

5. How we use information

We use Personal Data and Directory Data to:

• Provide, maintain, and improve the Service, including contact verification and directory search.
• Process subscriptions, credits, reveals, exports, and integrations you request.
• Authenticate users, enforce security, detect fraud, and prevent misuse.
• Comply with law, respond to lawful requests, and enforce our Terms and Acceptable Use Policy.
• Send service-related notices and, where permitted, product communications (you may opt out of marketing emails).
• Analyze aggregated or de-identified usage to improve product quality.

6. Automated processing and AI features

Some workspace features use automated processing or third-party AI services (for example, OpenAI) to assist with filtering, enrichment suggestions, or research columns when enabled by a Customer. In those cases:

• We process only the prompts, workspace context, and identifiers a Customer submits through the feature.
• We do not use Directory Data to train third-party foundation models for general purposes.
• Automated processing supports Customer workflows (search ranking, verification signals, enrichment). It does not produce legal or similarly significant effects on directory subjects without human review by Customers.
• Customers remain responsible for reviewing outputs before outreach, as described in our Terms and Acceptable Use Policy.

7. Legal bases for processing (EEA, UK, and Switzerland)

Where GDPR or equivalent law applies, we rely on one or more of the following bases:

• Contract — to provide the Service you or your organization requested.
• Legitimate interests — to operate and improve a B2B contact intelligence platform, verify data quality, secure the Service, and prevent abuse, balanced against data subject rights.
• Consent — where required for non-essential cookies, certain marketing, or other processing for which consent is the appropriate basis.
• Legal obligation — to comply with applicable law, regulation, or court order.

8. How we share information

We may share information with:

• Service providers — hosting, cloud infrastructure, payment processing, email delivery, enrichment, analytics, and support tools bound by confidentiality and data protection obligations.
• Customers and their authorized users — when Directory Data is revealed, exported, or synced at the Customer's direction.
• Professional advisers — lawyers, auditors, or insurers under confidentiality duties.
• Authorities — when required by law or to protect rights, safety, and integrity of the Service.
• Successors — in connection with a merger, acquisition, or asset sale, subject to this Policy or notice to you.

We do not sell Personal Data about our Users in the conventional sense. Directory Data may be disclosed to Customers as part of the Service; see Section 9 for California and U.S. state disclosures.

9. California and U.S. state privacy notice

This section supplements our Policy for California residents and individuals covered by comprehensive U.S. state privacy laws. Under some laws, making Directory Data available to Customers for commercial prospecting may constitute a "sale" or "share" of personal information.

9.1 Categories of personal information

9.2 Opt out of sale or sharing

California residents and others with applicable rights may opt out using our directory opt-out form, Do Not Sell My Info page, or by emailing privacy@vatengi.com. When your submitted work email matches a directory profile, we suppress it automatically. We honor verifiable requests and Global Privacy Control signals as described in Section 14.

9.3 Illinois and other U.S. state laws

We comply with applicable Illinois privacy and data-security laws, including breach-notification requirements under the Illinois Personal Information Protection Act where they apply to personal information we maintain. We monitor evolving U.S. state privacy frameworks and update this Policy as required.

10. International data transfers

We are based in the United States and may process information in the U.S. and other countries where we or our service providers operate. Where required, we implement appropriate safeguards such as Standard Contractual Clauses approved by the European Commission or UK International Data Transfer Addendum, supplemented by technical and organizational measures as appropriate.

11. Retention

We retain information only as long as needed for the purposes described in this Policy:

• Account and billing data — retained while your workspace is active and as needed for billing, disputes, and legal obligations.
• Directory profiles — maintained in our index and refreshed from sources; when you submit a verified opt-out that matches your profile, we suppress it from reveals and exports immediately.
• Email verification logs — verification results are cached to avoid redundant checks and automatically purged after approximately 90 days.
• Export artifacts — row-level export payloads are cleared after approximately 90 days; export metadata may be retained for audit and billing.
• Support and compliance records — retained as needed to fulfill privacy requests and demonstrate compliance.

12. Security

We implement administrative, technical, and organizational measures designed to protect information, including access controls, encryption of sensitive credentials, tenant isolation, and audit logging. No method of transmission or storage is completely secure; we cannot guarantee absolute security.

13. Your privacy rights

Depending on your location, you may have the right to:

• Access personal information we hold about you.
• Correct inaccurate information.
• Delete information, subject to legal exceptions.
• Restrict or object to certain processing.
• Receive a portable copy of information you provided.
• Withdraw consent where processing is consent-based.
• Opt out of sale, sharing, or targeted advertising where applicable.
• Lodge a complaint with a supervisory authority (EEA/UK).

14. How to exercise your rights

Self-service forms

• Directory opt-out — use our opt-out form (fastest for removal from the professional directory).
• Other privacy rights — use our privacy request form for access, deletion, portability, or restriction.
• Email — contact privacy@vatengi.com.

Authorized agents

You may designate an authorized agent to submit a request on your behalf. We may require written proof of authorization and direct verification of your identity unless the agent provides valid power of attorney under applicable law.

Global Privacy Control (GPC)

If your browser or device sends a GPC signal, we treat it as a valid request to opt out of sale/sharing on our marketing website to the extent required by applicable law. GPC alone cannot identify a specific directory profile; please also submit our opt-out form with your work email for directory suppression.

We may verify your identity before fulfilling a request. We aim to respond within 30 days, or as required by applicable law, and will not discriminate against you for exercising rights permitted by law.

15. Data sourcing and methodology

We obtain Directory Data from public professional sources, licensed data providers, enrichment APIs, and our own verification pipeline. For a plain-language overview of how we source, verify, and govern contact data, see our Data Methodology page and Trust Center.

16. Children's privacy

The Service is intended for business use and is not directed to individuals under 18 years of age. You may not create an account or use the Service if you are under 18. We do not knowingly collect personal information from individuals under 18. If you believe we have collected information from someone under 18, contact us and we will take appropriate steps to delete it.

17. Changes to this Policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top reflects the current version. If we make material changes, we will provide notice through the Service, by email, or by other reasonable means. Continued use after the effective date constitutes acceptance where permitted by law.

Contact us

Company

Vatengi Systems LLC

980 N Michigan Ave Ste 1090
PMB 705344
Chicago, Illinois 60611-4521

Phone 1-312-942-0505

Website vatengi.com

Email

• Compliance compliance@vatengi.com
• Privacy privacy@vatengi.com
• Legal legal@vatengi.com
• Abuse abuse@vatengi.com
• Support support@vatengi.com

Privacy request form · Directory opt-out