Privacy

Vendistri Privacy Policy

Updated June 8, 2026

This Privacy Policy explains how Vendistri collects, uses, stores, protects, and shares information when you use our website, web application, iOS application, support channels, and related services.

Vendistri is built for vending operations. That means information about your routes, machines, locations, sales, photos, service work, and contacts can be sensitive. We use that information to provide and improve the service, not to sell it or compete with you.

1. Scope

This policy applies to Vendistri services that link to it, including our public website, sign-up and contact forms, web dashboard, mobile applications, billing flows, support communications, and related product features.

When we say "Vendistri," "we," "us," or "our," we mean the Vendistri service and the people operating it. If Vendistri is later operated by a formal legal entity, that entity will be responsible for this policy unless a replacement policy says otherwise.

2. Information We Collect

The information we collect depends on how you use Vendistri. It may include:

  • Account information: name, email address, password credentials, business or organization name, role, account status, invitations, and support preferences.
  • Operational data: vending locations, machines, routes, route stops, schedules, service tasks, inventory, products, prices, commissions, contacts, reports, notes, and related business records.
  • Location and route data: machine and customer location addresses, coordinates, route information, distance calculations, and mobile device location when you allow the iOS app to use it for routing, nearby tasks, at-location work, and service verification.
  • Photos and uploaded files: photos or other materials you upload for task confirmations, machines, service records, imports, support, or related features.
  • Sales, telemetry, and integration data: machine identifiers, card reader identifiers, transaction and sales summaries, telemetry provider settings, API keys or tokens you provide, and data received from vending telemetry or payment-related integrations.
  • Billing information: subscription plan, billing status, payment method summary, charge history, tax or invoice details, and payment processor identifiers. We use payment processors such as Stripe and do not intend to store full raw card numbers on Vendistri servers.
  • Device, usage, and log data: IP address, browser type, device type, operating system, app version, pages or screens viewed, feature use, local storage events, error logs, performance data, and security records.
  • Communications: messages you send through contact forms, support requests, demos, email, feedback, and other communications with us.

3. Location Data

Vendistri uses location data only to provide and support the service. For example, location data helps show nearby tasks, plan routes, calculate distances, support navigation, organize at-location work, and maintain accurate machine and customer records.

Location data can be sensitive. We take measures designed to protect it, limit access to people and systems that need it, and avoid using it for unrelated advertising or resale. You can control mobile device location permissions through your iOS settings, but some routing and nearby-task features may not work correctly without location access.

4. How We Use Information

We use information to:

  • provide, maintain, secure, and improve Vendistri;
  • create accounts, authenticate users, and manage roles;
  • store and sync vending operations data across the web app, backend, and iOS app;
  • plan routes, calculate distance, support navigation, and organize task work;
  • process subscriptions, payments, billing, and notices;
  • send service emails, account notices, support responses, security alerts, and product updates;
  • detect, prevent, and investigate fraud, abuse, security incidents, or unauthorized access;
  • analyze reliability, performance, usage, and feature quality;
  • import, parse, normalize, or summarize operational files or telemetry data, including through automated or AI-assisted processing when a feature requires it;
  • comply with law, enforce our terms, and protect our users, Vendistri, and others.

5. How We Share Information

We share information only as needed for the purposes described in this policy. Recipients may include:

  • Service providers: cloud hosting, database, storage, security, analytics, email, customer support, payment, routing, mapping, and infrastructure providers.
  • Payment processors: Stripe and related payment infrastructure used to process subscriptions and payment methods.
  • Security providers: services such as Cloudflare Turnstile that help protect forms and accounts from spam, bots, and abuse.
  • Communication providers: email services, including Google/Gmail API tooling, used to send account, billing, invite, report, support, and product communications.
  • Mapping and routing providers: services such as Mapbox or map-related tooling used to calculate routes, distances, and navigation-related information.
  • Telemetry and integration providers: vending machine, card reader, sales, telemetry, or other integrations you connect or authorize.
  • Professional and legal parties: lawyers, accountants, auditors, insurers, advisors, courts, regulators, law enforcement, or government authorities when necessary.
  • Business transfers: parties involved in a merger, financing, acquisition, reorganization, sale of assets, bankruptcy, or similar transaction.

We may also share information at your direction, with your organization members, invited users, location contacts, or other people you choose to give access to through Vendistri.

6. Our Privacy Promises

  • We do not sell your personal information.
  • We do not share your personal information with third parties for their own direct marketing.
  • We do not use your customer, route, machine, sales, or operational data to compete with you.
  • We do not use your private operational data to train general-purpose AI models unless we clearly disclose that use and, where required, obtain your consent.
  • We limit internal access to operational and location data to people and systems with a legitimate need to provide, secure, support, or improve Vendistri.

7. Retention

We keep information for as long as reasonably necessary to provide Vendistri, maintain your account, comply with law, resolve disputes, enforce agreements, preserve security, and maintain appropriate business records.

If your account is closed or deleted, we will delete or de-identify account and operational data within a reasonable period, unless we need to retain limited information for legal, tax, billing, backup, security, fraud-prevention, or dispute purposes.

8. Security

We use administrative, technical, and organizational safeguards designed to protect information against unauthorized access, loss, misuse, alteration, and disclosure. These measures may include access controls, encrypted connections, monitoring, authentication, vendor controls, and limited internal access.

No system is perfectly secure. You are responsible for using a strong password, protecting your credentials, and promptly telling us about suspected unauthorized access.

9. Your Choices and Rights

Depending on where you live and how you use Vendistri, you may have rights to access, correct, delete, export, restrict, or object to certain processing of your personal information. You may also have the right to opt out of certain uses where required by law.

You can update some account and organization information inside Vendistri. You can control iOS location permissions in your device settings. You can unsubscribe from marketing emails using the instructions in those emails, but we may still send transactional, security, billing, and account messages.

To make a privacy request, email support@vendistri.com. We may need to verify your identity or authority before acting on a request.

10. Children

Vendistri is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided personal information to us, contact us and we will take appropriate steps to delete it.

11. Cookies and Similar Technologies

We may use cookies, local storage, pixels, and similar technologies to operate Vendistri, keep users signed in, protect against abuse, remember preferences, understand website and app performance, and improve the service. Browser or device settings may allow you to block or delete some of these technologies, but parts of Vendistri may not function correctly.

12. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will provide notice by posting the updated policy, updating the date above, sending an email, or using another reasonable method.

13. Contact

For privacy questions or requests, contact us at support@vendistri.com.