Privacy Policy

01.Introduction & scope#

This policy describes how Vaast handles personal information across the marketing site, the Vaast platform, and related services. It applies to prospective customers, registered users, and any individuals whose data is processed through the platform on behalf of hotel customers.

02.Who we are#

Vaast operates as the data controller for personal information collected through this site and our marketing activities. For guest data processed on behalf of hotel customers, Vaast acts as a data processor under our customers' instructions.

Our registered address and data protection contact details are available on our Contact page. For privacy-specific enquiries, write to privacy@vaast.tv.

03.Information we collect#

The categories of data we process include, broadly:

• Account information from customers signing up to the platform (name, email, company, role)
• Usage and device telemetry from the Vaast platform and connected screens
• Guest data processed on behalf of hotel customers (e.g. check-in events from PMS)
• Marketing site analytics and inquiry form submissions
• Support and communications records when you contact us

We do not knowingly collect sensitive personal data (special category data under GDPR) unless explicitly provided in a support context.

04.How we use information#

We use the information we collect to:

• Provide, operate, and improve the Vaast platform and related services
• Process account registrations, bookings, and support requests
• Send transactional communications (billing, security notices, service updates)
• Send marketing communications where you have opted in or where a legitimate interest applies
• Analyse usage to understand how the platform is performing and where it can be improved
• Comply with legal obligations

We do not sell personal data to third parties, and we do not use it for purposes incompatible with those stated at the point of collection.

05.Legal bases for processing#

Where GDPR applies, we process personal data on the following bases:

• Contract — processing necessary to deliver the services you have signed up for
• Legitimate interests — product analytics, fraud prevention, direct marketing to existing customers
• Legal obligation — tax records, regulatory compliance
• Consent — marketing communications to prospective customers, non-essential cookies

You may withdraw consent at any time by contacting privacy@vaast.tv or using the unsubscribe link in any marketing email.

06.Sharing & disclosure#

We work with sub-processors and service providers to operate the platform. Categories include cloud infrastructure, payment processing, analytics, and customer communications. A current sub-processor list is available on request.

We do not sell or rent personal data. We may disclose data where required by law, court order, or to protect the rights and safety of Vaast or its users. In the event of a merger or acquisition, data may be transferred as part of the transaction with appropriate notice to affected individuals.

07.Cookies & tracking technologies#

The Vaast marketing site uses cookies and similar technologies for:

• Essential operation — session management, security tokens (always active)
• Analytics — understanding how visitors use the site (opt-in)
• Marketing — measuring campaign effectiveness (opt-in)

You can manage cookie preferences through the cookie banner on first visit or by adjusting your browser settings. Disabling non-essential cookies will not affect your ability to use the site.

08.Data retention#

We retain personal data for as long as necessary to provide the services and meet our legal obligations. Key periods:

• Active account data — retained for the duration of the customer relationship
• Billing and financial records — 7 years (legal requirement)
• Support communications — 3 years from last interaction
• Marketing analytics — 26 months from collection

On account closure, customer data is deleted or anonymised within 90 days unless a longer retention period is required by law.

09.Your rights#

Depending on your location, you may have rights including:

• Access — request a copy of the personal data we hold about you
• Rectification — ask us to correct inaccurate or incomplete data
• Erasure — request deletion of your data where there is no overriding legal basis for retention
• Restriction — ask us to limit how we process your data in certain circumstances
• Portability — receive your data in a structured, machine-readable format
• Objection — object to processing based on legitimate interests or for direct marketing

To exercise any right, contact privacy@vaast.tv. We will respond within 30 days. You also have the right to lodge a complaint with your local data protection authority.

10.International data transfers#

Vaast and some of its sub-processors operate across multiple jurisdictions. Where personal data is transferred outside the UK or EEA, we ensure appropriate safeguards are in place — including Standard Contractual Clauses (SCCs) approved by the relevant supervisory authority, or transfers to countries with an adequacy decision. Details of transfer mechanisms are available on request.

11.Children's privacy#

The Vaast platform and marketing site are intended for business users aged 18 and over. We do not knowingly collect personal data from children. If you believe a child has provided us with personal information, please contact privacy@vaast.tv and we will delete it promptly.

12.Security of your information#

We implement technical and organisational measures appropriate to the risk — including encryption in transit and at rest, access controls, and regular security reviews. Details on our security practices are published on our Security page.

In the event of a data breach that is likely to result in a high risk to individuals, we will notify affected parties and relevant supervisory authorities in accordance with applicable law.

13.Changes to this policy#

We may update this policy from time to time to reflect changes in our practices or applicable law. We will post the revised policy on this page with an updated date. For material changes, we will notify registered users by email at least 14 days before the change takes effect. Continued use of the platform after that date constitutes acceptance of the updated policy.

14.Contact us#

For privacy questions, to exercise your rights, or to raise a concern, contact us at privacy@vaast.tv. You can also write to us at the address on our Contact page. We aim to respond to all privacy enquiries within 5 working days.