Vordrix

Privacy Policy

Last updated: April 2026

This Privacy Policy describes how FullySys Global Tec. LLC, a Florida limited liability company ("Vordrix", "we", "us", or "our"), collects, uses, discloses, and protects personal information and customer data when you use the Vordrix platform, websites, and related services (collectively, the "Service"). By using the Service, you agree to the practices described in this Policy.

1. Information We Collect

We collect information you provide directly to us, information generated through your use of the Service, and information from third parties you authorize. This includes:

  • Account information — name, email address, phone number, password, company name, role, and billing details.
  • Customer data processed on your behalf — contacts, conversations, support tickets, email messages and attachments, chat transcripts, notes, and CRM records that you or your end users submit to the Service.
  • Communication data — inbound and outbound emails, messages from connected channels (such as WhatsApp, Instagram, Messenger, and web forms), and metadata associated with those communications.
  • Payment information — processed securely by our third-party payment provider (Stripe). We do not store full card numbers on our servers.
  • Usage data and analytics — log data, IP address, device and browser information, pages viewed, features used, and timestamps.
  • Integration data — information you authorize us to access from connected third-party services.

2. How We Use Your Information

We use the information we collect to:

  • Provide, operate, maintain, and improve the Service.
  • Process transactions, manage subscriptions, and send related confirmations and invoices.
  • Power AI features such as automated replies, suggestions, summaries, routing, and analytics (see Section 8).
  • Send technical notices, security alerts, and administrative or support messages.
  • Respond to your comments, questions, and support requests.
  • Monitor, analyze, and improve usage, performance, and security of the Service.
  • Detect, prevent, and respond to fraud, abuse, security incidents, and other harmful activity.
  • Comply with legal obligations and enforce our Terms of Service.

3. Information Sharing

We do not sell your personal information, and we do not share it for cross-context behavioral advertising. We may share your information in the following circumstances:

  • Service providers and subprocessors — with vendors who process data on our behalf under written agreements (see Section 4).
  • Third-party integrations you authorize — such as Meta (WhatsApp, Instagram, Messenger), email providers, payment processors, and other services you connect to your account.
  • Legal authorities — when required by law, subpoena, court order, or other legal process, or to protect the rights, property, or safety of Vordrix, our users, or the public.
  • Business transfers — in connection with a merger, acquisition, financing, reorganization, or sale of assets, subject to standard confidentiality protections.
  • With your consent — in any other case when you direct us to share information.

4. Subprocessors

We rely on a limited set of trusted subprocessors to operate the Service. Each is contractually bound to confidentiality and data-protection obligations consistent with this Policy:

  • Amazon Web Services (AWS) — object storage (S3), transactional email (SES), and serverless processing (Lambda).
  • Hetzner Cloud — application hosting (Kubernetes cluster) for our API and background workers.
  • Vercel — hosting of our customer-facing web applications.
  • Cloudflare — DNS, CDN, and edge security.
  • OpenAI and Anthropic — large language model inference used for AI features.
  • Pinecone — vector database used for retrieval-augmented AI features.
  • MongoDB — storage for unstructured operational data.
  • Stripe — payment processing and billing.

5. Third-Party Integrations

When you connect a third-party service to your Vordrix account:

  • We access only the data necessary for the integration to function.
  • Credentials and tokens are stored encrypted and used solely to operate the integration on your behalf.
  • You can disconnect any integration at any time.
  • We do not sell or share data obtained through integrations with unrelated third parties.

6. Data Security

We implement industry-standard administrative, technical, and physical safeguards to protect your data, including:

  • Encryption in transit (TLS) and at rest.
  • Strict multi-tenant data isolation — each customer's data is segregated at the database level.
  • Role-based access controls, strong password hashing (Argon2), and support for two-factor authentication.
  • Token blacklisting, session management, and audit logging of sensitive actions.
  • Regular security reviews, dependency updates, and monitoring.
  • Data centers with physical access controls operated by our infrastructure providers.

No method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

7. Data Retention

We retain your data for as long as your account is active or as needed to provide the Service, comply with our legal obligations, resolve disputes, and enforce our agreements. You may request deletion of your data by contacting us or by using account deletion features within the Service. Backup copies may persist for a limited period before being overwritten as part of our routine backup rotation.

8. AI and Automated Processing

The Service uses artificial intelligence to generate replies, suggestions, summaries, categorizations, and routing decisions based on your customer conversations and other content you provide.

  • Customer data is processed on a per-tenant basis and is not used to train third-party foundation models.
  • Tenant-specific AI agents are trained and fine-tuned using only the data of the tenant that owns them.
  • AI outputs may be reviewed, edited, or overridden by human agents before being sent.
  • Where required by law, you have the right to request human review of decisions that have a significant effect on you.

9. Your Rights

Subject to applicable law, you have the right to:

  • Access the personal information we hold about you.
  • Correct inaccurate or incomplete information.
  • Request deletion of your personal information.
  • Export a copy of your data in a portable format.
  • Opt out of marketing communications at any time.

California Residents (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act, as amended by the California Privacy Rights Act:

  • The right to know what personal information we collect, use, disclose, and retain.
  • The right to delete personal information collected from you.
  • The right to correct inaccurate personal information.
  • The right to opt out of the sale or sharing of personal information. Vordrix does not sell or share personal information as defined by the CCPA/CPRA.
  • The right to limit the use of sensitive personal information.
  • The right to non-discrimination for exercising your rights.

To exercise any of these rights, contact us at adm@fullysys.com. We may need to verify your identity before acting on your request.

10. Cookies and Tracking

We use cookies and similar technologies for authentication, session management, preferences, analytics, and to improve your experience. You can control cookies through your browser settings; disabling certain cookies may affect the functionality of the Service. We honor Global Privacy Control (GPC) signals where applicable.

11. Children's Privacy

The Service is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us and we will delete it in accordance with the Children's Online Privacy Protection Act (COPPA).

12. International Data Transfers

Vordrix is operated from the United States and may process data in the United States, the European Union, and other jurisdictions where our subprocessors operate. By using the Service, you understand that your data may be transferred to, stored, and processed in countries other than the one in which you reside. Where required, we rely on appropriate safeguards such as Standard Contractual Clauses.

13. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or through the Service before the changes take effect. The "Last updated" date at the top of this page indicates when the Policy was last revised.

14. Governing Law

This Privacy Policy is governed by the laws of the State of Florida, United States, without regard to its conflict of law principles. Any disputes arising out of or relating to this Policy shall be resolved in the state or federal courts located in Florida.

15. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at adm@fullysys.com.

FullySys Global Tec. LLC
Florida, United States