VAMPAD

Privacy Policy

Last updated: 2nd January 2026

This privacy policy explains how VAMPAD collects, uses, stores and protects your personal data when you use our website and any VAMPAD application (the Services). It also explains your rights under UK data protection law.

1. Who we are

VAMPAD is a technology business specialising in ecommerce, data and applied AI. For the purposes of UK data protection law, VAMPAD is the data controller.

2. The data we collect

Depending on how you use the Services, we may collect:

  • Contact data such as your name, email address and any information you include in messages to us
  • Account data if an application requires sign-in, such as a user identifier and authentication details (managed securely)
  • Input content you submit to the app, such as text prompts, form entries, and preferences
  • Uploaded images such as photos you upload for processing within the app
  • Generated output produced by the app based on your inputs (for example, results, responses, or generated media)
  • Technical and usage data such as IP address, device type, browser type, app version, pages/screens visited, and timestamps
  • Support and diagnostic data such as error logs and crash reports (where enabled)

We do not intentionally collect special category data. Please do not upload sensitive personal data unless it is necessary for your intended use of the Services.

3. How we use your data

We use personal data to:

  • Provide, operate and maintain the Services
  • Process your inputs (including uploaded images) to deliver the app functionality you requested
  • Respond to enquiries and provide support
  • Monitor performance, maintain security, and prevent misuse or fraud
  • Improve reliability and user experience (for example, via aggregated usage patterns)
  • Comply with legal obligations where applicable

We only use your uploaded images and app inputs for the purpose of providing the app functionality. We do not sell your personal data. We do not share it with third parties for their own marketing purposes.

4. Lawful basis for processing

Under UK GDPR, we rely on one or more of the following lawful bases:

  • Contract: to provide the Services and process your inputs as requested
  • Legitimate interests: to operate, secure and improve the Services
  • Consent: where you choose to provide certain data or enable optional features
  • Legal obligation: where we must comply with legal requirements

5. Data retention and deletion

We keep personal data only for as long as needed for the purposes described in this policy, unless a longer retention period is required by law.

  • Uploaded images: stored securely and deleted within 30 days unless you delete them sooner or a shorter period is stated in-app.
  • Input content and generated output: retained only as needed to provide the feature and support your use of the app
  • Support messages: retained while relevant for support, then deleted or minimised
  • Technical logs: retained for a limited period for security and reliability

You can request deletion of your data by contacting hello@vampad.com. We may need to keep limited information where required for legal, security or fraud-prevention reasons.

6. Sharing your data

We do not sell your personal data and do not share it with third parties for their own use.

We may share data only where necessary to:

  • Operate the Services (for example, hosting and storage providers acting on our instructions)
  • Protect our rights, users and systems (for example, investigating abuse)
  • Comply with legal obligations or lawful requests

Where we use service providers, they are required to protect your data and only process it on our instructions.

7. International transfers

Some service providers may process data outside the UK. Where this happens, we take steps to ensure appropriate safeguards are in place in line with UK data protection law.

8. Cookies

We may use essential cookies or similar technologies required for basic functionality and security. Where optional analytics or other non-essential technologies are used, we will update this policy and, where required, provide choices.

9. Your rights

Under UK GDPR, you have rights including:

  • Right of access
  • Right to rectification
  • Right to erasure
  • Right to restrict processing
  • Right to object
  • Right to data portability
  • Right to withdraw consent (where processing is based on consent)

To exercise your rights, contact hello@vampad.com.

10. Security

We use reasonable technical and organisational measures to protect personal data. No system is completely secure, but we aim to reduce risk through access controls, secure storage, and good engineering practices.

11. Changes to this policy

We may update this policy from time to time. The latest version will be published on this page and the updated date will be shown at the top.

Back to home