Vasion Privacy Policy

Vasion takes data privacy seriously and is committed to managing your personal data professionally and in compliance with all applicable data protection laws. We have a global policy that we follow worldwide, which is based on EU and United Kingdom data protection principles.
This privacy policy applies to:
  • People who use our website
  • People who inquire about our company, goods or services
  • People who purchase,  use or who might be interested in our goods or services
  • People who have expressed an interest in working at our organization.
This policy applies to both Vasion, Inc. and its global subsidiary companies. Vasion, Inc. and/or any of its subsidiary companies are collectively referred to as “Vasion”, “we”, “us”, or “our”).
NOTE: Any questions that you may have relating to your personal data and your rights as it pertains to that personal data that Vasion processes as a data processor by and/or on behalf of our customers and/or personal information submitted by individuals for processing through the platforms hosted by Vasion for the purposes of providing a service to our customers should be directed to the applicable customer and not to Vasion. 
Any personal data Vasion may process in connection with any of our services for and/or on behalf of our customers is addressed in our Master Software Agreement and its accompanying data processing addendum between Vasion and its customer.
If you are a business customer using our product, on your instructions and within the framework of the service provision, personal data is collected, processed and/or used by us. The customer is responsible for complying with the data protection rules to ensure that we process your personal data collected by our product in accordance with your instructions and data protection laws. The customer can fulfil this obligation by concluding a Data Processing Agreement Addendum with us which meets the legal requirements of the data protection laws. We have incorporated a Data Processing Agreement Addendum into our service provision agreements and will ask you to agree to this at the time of purchase.
1. Our Commitment
Part of our commitment is to ensure that there is transparency about how we process personal data.  This policy includes an explanation of:
  • What data we are processing
  • Why we are processing it,what we do with it and how long we will keep it
  • Whether we will share it with anyone else
  • The additional safeguards we have put in place to ensure your data is always protected regardless of different data protection laws in different countries
  • How we keep your data safe; and
  • Your rights as data subjects under applicable data protection laws.
We hope you find this privacy policy helpful. If you have any questions, please contact us via the contact information listed below.
2. Our Contact Information
For any queries concerning your data, please contact the Data Protection Officer by email at legalteam@vasion.com or at the contact information listed below.
Vasion, Inc.   
432 S. Tech Ridge Drive
St. George, Utah, 84770
USA
Phone: 435.652.1288
Our European Vasion subsidiaries contact information:
Vasion Tech Limited Vasion GmbH
16 Great Queen Street Daimlerring 4
Covent Garden 65205 Wiesbaden
London WC2B 5AH  Germany
United Kingdom
Phone: + 44 (0) 20 3899 3222 Phone: +49 (6122) 7783900
Amtsgericht Königstein HRB 9411
USt-Ident-Nr./VAT Nr.: DE307290479
Geschäftsführer | Managing Director: Ryan Wedig
In each case please address your correspondence to the Data Protection Coordinator, you mail also contact us using the email privacysupport@printerlogic.com
3. What personal data do we collect about you?
3.1 We may collect the following personal data from you:
  • Contact information, such as your name, email address, mailing address or phone number
  • Unique Identifiers, such as username, or password
  • Call recordings (including voicemail on individual machines) as well as video conferences used for purposes such as product demonstrations, feedback surveys or product support;
  • CVitae or similar including work history, current salary and benefits, references and other information that you choose to share with us and/or our recruitment partners, as well as identification and records to evidence your right to work;
  • Information about your business such as your company name and website;
  • Data on how you navigate around our website.
3.2 We may receive information about you from other sources, including publicly available databases or third parties from whom we have purchased data, and combine this data with information we already have about you for example: name, email, phone number and employer. This helps us to update, expand and analyze our records, to identify new customers, to create more tailored advertising and products and to provide products and services that may be of interest to you. If you provide us personal data about others, or if others give us your personal data, we will only use that information for the specific purpose for which it was provided to us.
As part of the recruitment process, we may seek additional information from publicly available resources such as social media accounts. In addition, with your consent, we may obtain references from your prior workplaces and conduct other background checks including credit and criminal record checks where appropriate. 
3.3 If you use our products, we may collect the following personal data:
3.3.1 PrinterLogic Print Management Product
  • If you use the print management SaaS version of our product, the software will ask the customer’s IT administrator to create an Active Directory of users which will include such user identifying information as the IT administrator chooses to include. Typically, this is username, email address, pin number, and ID number.
  • If you use the print management SaaS or on-premises version of our product, the software will also collect the following metadata information relating to each user’s usage in order to provide our customer with a report, which if you are using the SaaS version will also be shared with Vasion for the purposes of providing you with the product:  job title, user, page count, and destination printer. For authorization, we collect and store usernames, names, and email addresses. In the event a customer is not using an identity provider, we store authentication user information including passwords. We do not store any document content; however, the title of each document printed may or may not, at the user’s discretion, contain personal data and/or sensitive or Special Category data.
    3.3.2 Vasion’s Document Capture, Automated Workflow, Electronic Signature and Content Management Products
  • You may be a user of our product either because your employer has purchased our product and made it available to you or because a third party who is using our product has asked you to upload or otherwise submit content to them and is using our platform to receive that content from you, e.g. an online web form which you are asked to complete and submit. In both cases, your content may or may not, at your discretion (and depending on the instructions of whomever has asked you to submit the content) contain personal data which our product will process on behalf of the employer or the third party that is our customer (“Content Personal Data”). The personal data may be your own in which case you will be the “data subject”, or it may be that you may submit personal data about other individuals. In both cases we collect the Content Personal Data and will store it for workflow, retrieval, and archive purposes depending on the instructions of our customer or the user.
  • The types of Content Personal Data processed by us are at the discretion of the user and may or may not also contain Special Category data.
4. How do we use your personal data and what is our lawful basis for doing so?
4.1. Vasion may collect and use personal data to allow us to pursue our legitimate interests including to:
  • assess the needs of your business to determine suitable products;
  • provide you with any requested company, product or service information;
  • provide you with other marketing information about our company, products or services (or those of our selected partners) to keep you informed of any events or promotions that we think may interest you;
  • send product updates and warranty information;
  • personalize your user experience or to improve our site (refer to section 5 about cookies);
  • run a promotion, contest, survey or other site feature, and notify you if you win;
  • undergo corporate restructure or reorganization or sale of our business or assets;
  • enforce our legal rights or to defend legal proceedings and for general administration purposes;
  • comply with our legal obligations including assisting law enforcement, tax authorities or other authorized agencies;
  • pursue any employment enquiry you may make with us.
    4.2. Where we are required to do so to perform our contract with you, to:
    • administer your customer account and any orders you place with us;
    • provide our customer with our product and any associated services including technical support;
    • respond to customer service requests or other questions or concerns;
    • process personal data about you which is uploaded into our product by or on behalf of our customer (“Content Personal Data’) to comply with our contractual obligations to our customer. 
5. How long do we keep your personal data?
  • 5.1. In accordance with our Data Retention Policy which is available upon request, we may retain your personal information for as long as your account is active or as needed to provide you or your company services, comply with our legal obligations, resolve disputes and enforce our agreements.
  • 5.2. If you have expressed an interest in buying products or services from us or from our selected partners, we will retain your contact details and related information concerning your inquiry for three (3) years from the date that we last had contact with you.
  • 5.3. If you have expressed an interest in working with us, then unless you are subsequently engaged by us, we will retain your personal data for a reasonable period of time depending on the role you have applied for but not exceeding two years.
  • 5.4. If you have purchased goods or services from us or from our selected partners:
    • 5.4.1. We will keep the data relating to that purchase (e.g. order forms and invoices and related correspondence) for seven (7) years from the date of the contract.
    • 5.4.2. We will keep the data you have provided to us for as long as your account is active; and
    • 5.4.3. If there is a dispute, we will keep the data you have provided to us for as long as is necessary until such dispute is resolved and finally settled.
    • 5.5 Voicemail recordings and voice recordings of video or voice calls are kept for one (1) year.

    • 5.6 If you are using our product:
      • The data collected by the SaaS version of our product will be retained for the duration of the software license and sixty (60) days thereafter or any earlier date when the customer chooses to delete it. A copy of the data is retained in our data center for back-up purposes only for a further period of six (6) months.
      • All Content Personal Data will be deleted either at the discretion of the user (where the customer provides such access to the user) or will be automatically deleted by us no later than sixty (60) days after the customer’s service contract with us terminates.
  • 5.7 If you have requested that we do not send you marketing information, we will always retain sufficient information to ensure that we are able to comply with your request.
  • 5.8 The periods stated in this section 5 may be extended if we are required by law to keep your data for a longer period or in the event that we need to protect our legal rights.
6. Cookies, Links to Other Websites & Social Plug-ins
  • 6.1. We use cookies and similar tracking technologies to analyze trends and track users’ site movements only after obtaining explicit consent, and we will provide clear options for you to opt-out at any time. Our use of cookies and other tracking technologies in our marketing operations is based on the choices you make in our preference centers which you may access from the footer of our Websites or by clicking on a cookie icon that appears on our Websites. 

  • 6.2. We process your Personal Information through the tools provided to us by Amplitude, Adobe Analytics, Adobe Search Cloud (integrated into Google Ads) and 6sense to provide and enhance our advertising services and deliver content or ads of interest. Our use of Personal Information collected for marketing operations is limited to the following purposes:
    • Targeting specific audiences based on users’ location and interests related to the search query.
    • Personalizing the ads that users see based on their search queries.
    • Optimizing our campaigns based on front-end metrics provided by Google Ads (e.g. clicks and webpage impressions).
    • Tracking the performance of our campaigns and measuring key metrics such as clicks, conversions, and return on investment to understand how our campaigns are performing and make data-driven decisions.
    • Adopting Brand Safety protection: ensuring we are not displaying our ads on unsafe or inappropriate websites, to protect our brand reputation.
    • Adopting of fraud prevention in our campaigns to protect our campaigns from online fraud (e.g. click fraud)
  • 6.3. For more information about cookies generally and how to disable them you can visit: www.allaboutcookies.org. 

  • 6.4. As is true of most websites, we gather certain information automatically. This information may include Internet protocol (IP) addresses, browser type, Internet service provider (ISP), referring/exit pages, the files viewed on our site (e.g., HTML pages, graphics, etc.), operating system, date/time stamp, and/or clickstream data to analyze trends in the aggregate and administer the site.

  • 6.5. Our site may contain links to and from other websites (e.g. social media sites such as Twitter, Flickr, YouTube and Facebook). Unless we own such websites, we accept no responsibility for the way in which they process your personal data. You are recommended to check the privacy policy of each website before you submit any personal data to it.

  • 6.6. We use so-called social plugins (buttons) of social networks such as Facebook, Google+ and Twitter.

  • 6.7. When you visit our site, these buttons are deactivated by default, i.e. without your intervention they will not send any data to the respective social networks. Before you can use these buttons, you must activate them by clicking on them. They then remain active until you deactivate them again or delete your cookies. 

  • 6.8 After their activation, a direct link to the server of the respective social network is established. The contents of the button are then transmitted from the social network directly to your browser and incorporated in the site.

  • 6.9 After activation of a button, the social network can retrieve data, independently of whether you interact with the button or not. If you are logged on to a social network, the network can assign your visit to the site to your user account. 

  • 6.10 If you are a member of a social network and do not wish it to combine data retrieved from your visit to our site with your membership data, you must log out from the social network concerned before activating the buttons.
  • 6.11. We have no influence on the scope of data that is collected by the social networks through their buttons. The data use policies of the social networks provide information on the purpose and extent of the data that they collect, how this data is processed and used, the rights available to you and the settings that you can use to protect your privacy.
7. Will we share your personal data with any third parties?
  • 7.1. We may share your personal data with our subsidiaries as identified above in section 2 but only to process the data for those purposes identified within this Policy.
  • 7.2. We partner with a third party to display advertising on our website or to manage our advertising on other sites. Our third-party partner may use cookies or similar technologies in order to provide you with advertising based upon your browsing activities and interests. If you wish to opt out of interest-based advertising, click here, or if located in the European Union, click here. Please note you will continue to receive generic ads.
  • 7.3. We may share your information with third party service providers who process personal information on our behalf for the purposes of providing services to us or to you directly on our behalf, e.g. advertising agencies, digital marketing service providers or administrative service providers. When we use third party service providers, we only share any personal data that is necessary for them to provide their services, and we have a contract in place that requires them to keep your data secure and not to use it other than in accordance with our specific instructions. These services may include:

    • Payment Processing
    • Providing customer service
    • Sending marketing communications
    • Conducting research and analysis
  • These third parties include our payment processing providers (e.g., Stripe), website analytics providers (e.g., Amplitude and Adobe), providers of tools we use to prevent spam and other security risks related to the abusive automated software (e.g., Cloudflare), online activities, product feedback or help desk software providers (e.g., Salesforce), CRM service providers (e.g., Salesforce), providers of solutions we use to facilitate transactions (e.g., Tackle.io), providers of tools to track marketing campaigns (e.g. LinkedIn Revenue Attribution), and e-mail service providers (e.g., Twilio).
  • You can obtain further details relating to our third-party service providers by contacting us using the details set out in section 2.
  • 7.4. If you use our products and services:
    • 7.4.1. We will share your personal data in order to provide cloud computing infrastructure. For the SaaS version of our product, a client is installed locally that communicates with our product which is hosted in Amazon Web Services which customers may elect to be stored on servers in the United States, or in the EEA. For more information about Amazon Web Services please refer to Compliance Resources – Amazon Web Services (AWS).
    • 7.4.2. We may share certain personal data, typically metadata, collected by our product with our staff in order to provide you with services or support as may be requested by you. Your data will be shared with only those staff who have a need to know in order to provide you with such services or support. All staff are bound by confidentiality agreements which are subject to labor laws.
    • 7.4.3. Content Personal Data is stored on AWS servers, and we have contractual provisions in place with AWS to ensure that the Content Personal Data is adequately protected to the standards required by EU and UK data protection laws.
    • 7.4.4. If you are a user within the administrative console, self service portal and/or the Automate platform of our product we will also share certain Personal Data with third party providers as listed in the table below.
Company
Type of data shared with Company
Purpose
Data Location
Intercom, Inc.
https://www.intercom.com
username, user ID, email and Vasion instance URL for the Vasion SaaS admin console users only
In-application messaging and automation tool for improved customer experience
Data hosted in the US
SalesForce, USA
https://www.salesforce.com
name, title, email address for Vasion SaaS admin console users only
Storage of admin user contact information used to engage with admin users for support and feedback
Data hosted in the US
Sprig, Inc.
https://www.sprig.com
username, user ID, email and Vasion instance URL for Vasion SaaS admin console users only
To facilitate feedback surveys with admin users
Data hosted in the US
Testing
  • 7.5 In certain situations, Vasion may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements or as otherwise required by law such as to comply with a subpoena or other legal processes. We will disclose personal data to public authorities only when and to the extent legally required to do so and will take all feasible measures to notify you of such request unless prohibited by law. If Vasion is involved in a (potential) merger, acquisition, or sale of all or a portion of its assets with a third party, we may transfer your personal data to that party to ensure that it can continue to provide information that you have requested or for any of the other purposes that we have noted above. We may also disclose your personal data to any other third party with your prior consent.
8. Transferring your data outside of the European Economic Area (“EEA”)
  • 8.1. Your information, including Personal Information, may be transferred to – and maintained on – computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction.
  • 8.2. If you are located outside the United States and choose to provide information to us, please note that we transfer information to the United States for processing. If you are located in the European Union, Switzerland, or the United Kingdom, and to the extent the data protection laws in the United States are deemed by your country to have inadequate data protection, we have put in place certain measures designed to ensure that your Personal Information is subject to suitable safeguards in such transfer outside the European Union, Switzerland, or the United Kingdom (e.g., the Data Privacy Framework, the standard contractual clauses, or other data transfer mechanism permitted by applicable law). For more information about the safeguards we have implemented, please contact us.
  • 8.3. Our service providers may be located outside of the United States; however, we will either obtain your explicit consent to transfer your Personal Information to such third parties, or we will require those third parties to maintain at least the same level of confidentiality that we maintain for such Personal Information ourselves. We remain liable for the protection of your Personal Information that we transfer to our service providers, except to the extent that .
9. How do we keep your data safe?
The security of your personal information is important to us. We have robust information security management systems in place both internally and within our products to protect your personal information and we undergo security assessments by internal personnel and third parties, which include infrastructure vulnerability assessments and application security assessments. We implement industry-standard technical and organizational security measures, including encryption, access controls, and regular security audits, to protect your personal information. Details of these measures are available upon request.
10. Links
Our web site contains links to other sites. Please be aware that Vasion is not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each site that collects personally identifiable information. 
11. What are your rights in relation to your data?
  • 11.1. Data Subjects have certain rights in relation to their personal data. The rights outlined in this section are available to you in relation to any personal data we process about you within the scope of this privacy policy. As for your personal data which is processed by our software product on behalf of our customer who has purchased the software (“Content Personal Data”), because we only process Content Personal Data on behalf of our customers, if you wish to invoke one of your rights please contact our Customer directly, i.e., your employer or the third party that requested you to provide it with your personal data. If you wish to learn more about how our customer manages the Content Personal Data, you can do so by viewing a copy of the customer’s own privacy policy.
  • 11.2. Right to access your personal data
    Where we hold your personal data, you have the right to make a ‘subject access request’ to us, including a request for:
    • a description of the personal data;
    • an explanation of why we are holding it;
    • information about who it could be disclosed to; and
    • a copy of the personal data in an intelligible form, unless an exception to the disclosure requirements is applicable.
  • 11.3. Right to change your personal data
    You have the right to ask us to update or correct without undue delay anything that you think is wrong with the Personal Data we have on file about you and to complete any incomplete personal data.
  • 11.4. Right to delete your personal data
    You may request the deletion of your personal data at any time. We will respond to your request within one month, providing confirmation of deletion or reasons for retention if applicable.  
  • 11.5. Right to restrict data processing
    If we hold personal data about you and you believe it is inaccurate or is being processed for unlawful purposes, you have the right to request us to restrict processing of the data. You also have the right to request that the data is restricted where you have a right to it being deleted but would prefer that it is restricted.
  • 11.6. Right to stop marketing messages
    You always have the right to stop marketing messages. We include an unsubscribe button in all marketing emails. If you do wish to unsubscribe, please click the “unsubscribe” button and we will promptly action your request. Alternatively, you can update your marketing preferences by contacting us at any time at privacysupport@vasion.com.
  • 11.7. Right to portability of personal data.
    You have the right to ask for and receive a portable copy of your Personal Data that you have given us or that you have generated by using our Services, so that you can:
    • Move it;
    • Copy it;
    • Keep it for yourself; or
    • Transfer it to another organization.
    We will provide your Personal Data in a structured, commonly used, and machine-readable format. When you request this information electronically, we will provide you with a copy in electronic format. You can ask us to send your personal information directly to another service provider, and we will do so if this is technically possible. We may not provide you with a copy of your personal information if this concerns other individuals or we have another lawful reason to withhold that information.
  • 11.8. Right to complain
You have the right to complain to the personal data regulator in your country, which can be located at http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm
  • 11.9. Exercising your data subject rights
To make a data subject rights request, please contact us via email, telephone, or postal mail via the contact details provided in Section 2 above and identify your request clearly as “Data Subject Rights Request.” We will process your request within one month.
12. Artificial Intelligence and Machine Learning Processing
12.1. AI-Enhanced Features and Data Collection
Vasion incorporates artificial intelligence (AI) and machine learning technologies to enhance our document management, workflow automation, and content processing capabilities. When you use AI-enhanced features within our products, we may collect and process the following data:
  • Document content and metadata that you submit for AI processing, including text, images, and file properties;
  • Your interactions with AI features, such as queries, commands, and preferences;
  • AI-generated outputs, recommendations, and automated categorizations created in response to your inputs;
  • Usage patterns and performance metrics related to AI functionality;
  • Feedback you provide regarding AI-generated results or suggestions.
All AI models used by Vasion are embedded directly within our product architecture. No personal data is transmitted to external AI technology providers, and all processing occurs within Vasion’s secure infrastructure.
12.2. AI Processing Purposes
We use AI technologies for the following legitimate business purposes to enhance your experience with our products:
  • Content analysis and automated document categorization to improve workflow efficiency;
  • Intelligent data extraction, form creation, edit and processing to reduce manual data entry;
  • Admin support to allow administrators the ability to apply changes in bulk across print environments
  • Enhanced search functionality and content recommendations;
  • Predictive analytics to improve system performance and user experience.
12.3. AI Technology Infrastructure
Vasion utilizes Amazon Bedrock infrastructure, which provides access to Anthropic Claude AI models as well as Microsoft MetaLlama 3 models, to power our AI-enhanced features. This relationship is structured to maintain the highest levels of data protection:
  • AI models are embedded within Vasion’s product environment and operate under our direct control;
  • No customer data, personal information, or document content is transmitted to Amazon Web Services, Anthropic, or any other external AI provider;
  • Amazon Bedrock provides only the underlying AI model infrastructure; all data processing occurs within Vasion’s secure architecture;
  • We maintain full ownership and control over all data inputs, processing activities, and AI-generated outputs;
  • Our AI infrastructure is subject to the same security measures and data protection standards as our other product components.
12.4. AI Data Retention
Data processed through our AI features is subject to the following retention periods, which align with our general data retention policies outlined in Section 5:
  • AI-generated outputs and recommendations are retained for the same period as the underlying customer data that generated them;
  • AI interaction logs and usage analytics are retained for twelve (12) months for product improvement purposes;
  • For SaaS customers, AI-processed data follows the same retention schedule as other product data: retained for the duration of the software license plus sixty (60) days thereafter;
  • AI training data, if any, consists only of anonymized, aggregated usage patterns and does not include personal data or customer content;
  • Upon termination of your service agreement, all AI-processed data is deleted according to the same schedule as other customer data outlined in Section 5.6.
12.5. Your Rights Regarding AI Processing
In addition to the data subject rights outlined in Section 11, you have specific rights regarding AI processing:
  • Right to opt-out of AI features: You may choose to disable AI-enhanced functionality within our products without affecting core product functionality;
  • Right to explanation: You may request information about how AI-generated outputs or recommendations affecting you were produced;
  • Right to human review: If applicable, for any automated decisions that significantly affect you, you may request human intervention and review;
  • Right to access AI-generated content: You may request copies of AI-generated outputs, recommendations, or categorizations related to your data.
To exercise these rights, please contact us using the information provided in Section 2.
12.6. AI Processing and International Data Transfers
AI processing within Vasion’s products occurs entirely within our existing data center infrastructure and is subject to the same international transfer safeguards described in Section 8:
  • AI processing for SaaS customers occurs within the same geographic regions (United States or European Economic Area) as selected for their primary data storage;
  • No additional cross-border data transfers occur as a result of AI processing;
  • AI-processed data remains subject to the same transfer safeguards, including Standard Contractual Clauses where applicable;
  • Our AI infrastructure complies with the same data localization commitments as our other product components.
12.7. AI Security and Accuracy
We implement appropriate technical and organizational measures to ensure the security and reliability of AI processing:
  • AI models are regularly updated and monitored for accuracy and bias;
  • We maintain audit logs of AI processing activities for security and compliance purposes;
  • AI infrastructure is subject to the same security assessments and controls as described in Section 9;
  • We provide mechanisms for users to report inaccurate or inappropriate AI outputs.
While we strive to ensure the accuracy of AI-generated outputs, users should review and validate all AI recommendations before relying on them for business decisions.
13. Changes to this privacy policy
We may update this Privacy Policy to reflect changes to our information practices. We encourage you to periodically review this page for the latest information on our privacy practices.
This document was last updated on September 29, 2025.
Vasion Privacy Policy
INTRODUCTION
Vasion takes data privacy seriously and is committed to managing your personal data professionally and in compliance with all applicable data protection laws. We have a global policy that we follow worldwide, which is based on EU and United Kingdom data protection principles.
This privacy policy applies to personal data which we process regarding:
  • People who use our website;
  • People who inquire about our company, goods or services;
  • People who purchase, use or who might be interested in our goods or services;
  • People who have expressed an interest in working at our organization.
This policy applies to both Vasion, Inc. and its global subsidiary companies. Vasion, Inc. and/or any of its subsidiary companies are collectively referred to as “Vasion”, “we”, “us”, or “our”).
NOTE: Any questions that you may have relating to your personal data and your rights as it pertains to that personal data that Vasion processes as a data processor by and/or on behalf of our customers and/or personal information submitted by individuals for processing through the platforms hosted by Vasion for the purposes of providing a service to our customers should be directed to the applicable customer and not to Vasion.
Any personal data Vasion may process in connection with any of our services for and/or on behalf of our customers is addressed in our Master Software Agreement and its accompanying data processing addendum between Vasion and its customer.
If you are a business customer using our product, on your instructions and within the framework of the service provision, personal data is collected, processed and/or used by us. The customer is responsible for complying with the data protection rules to ensure that we process your personal data collected by our product in accordance with your instructions and data protection laws. The customer can fulfil this obligation by concluding a Data Processing Agreement Addendum with us which meets the legal requirements of the data protection laws. We have incorporated a Data Processing Agreement Addendum into our service provision agreements and will ask you to agree to this at the time of purchase.
  1. Our Commitment
Part of our commitment is to ensure that there is transparency about how we process personal data. This policy includes an explanation of:
  • What data we are processing;
  • Why we are processing it, what we do with it, and how long we will keep it;
  • Whether we will share it with anyone else;
  • The additional safeguards we have put in place to ensure your data is always protected regardless; of different data protection laws in different countries;
  • How we keep your data safe;
  • Your rights as data subjects under applicable data protection laws.
We hope you find this privacy policy helpful. If you have any questions, please contact us via the contact information listed below.
  1. Our Contact Information
For any queries concerning your data, please contact the Data Protection Officer by email at legalteam@vasion.com or at the contact information listed below.
Vasion, Inc.
432 S. Tech Ridge Drive
St. George, Utah, 84770
USA
Phone: 435.652.1288
Our European Vasion subsidary contact information:
Vasion Tech Limited Vasion GmbH
16 Great Queen Street Amelia-Mary-Earhart-Street 11b EG A4-5, Nr.1
Covent Garden 605549 Frankfurt am Main, Germany
London WC2B 5AH
United Kingdom
Phone: + 44 (0) 20 3899 3222 Phone: +49 (6122) 7783900 
Amtsgericht Königstein HRB 9411
USt-Ident-Nr./VAT Nr.: DE307290479
Geschäftsführer | Managing Director: Ryan Wedig
  1. What personal data do we collect about you?
    1. We may collect the following personal data directly from you:
  • Contact information, such as your name, email address, mailing address or phone number;
  • Unique Identifiers, such as username, or password;
  • Call recordings (including voicemail on individual machines) as well as video conferences used for purposes such as product demonstrations, feedback surveys or product support;
  • CVitae or similar including work history, current salary and benefits, references and other information that you choose to share with us and/or our recruitment partners, as well as identification and records to evidence your right to work.
  • Information about your business such as your company name and website;
  • Data on how you navigate around our website.
    1. We may receive information about you from other sources, including publicly available databases or third parties from whom we have purchased data, and combine this data with information we already have about you for example: name, email, phone number and employer. This helps us to update, expand and analyze our records, to identify new customers, to create more tailored advertising and products and to provide products and services that may be of interest to you. If you provide us personal data about others, or if others give us your personal data, we will only use that information for the specific purpose for which it was provided to us.
As part of the recruitment process, we may seek additional information from publicly available resources such as social media accounts. In addition, with your consent, we may obtain references from your prior workplaces and conduct other background checks including credit and criminal record checks where appropriate.
  1. If you use our products, we may collect the following personal data:
3.3.1 PrinterLogic Print Management Product
  • If you use the print management SaaS version of our product, the software will ask the customer’s IT administrator to create an Active Directory of users which will include such user identifying information as the IT administrator chooses to include. Typically, this is username, email address, pin number, and ID number.
  • If you use the print management SaaS or on-premises version of our product, the software will also collect the following metadata information relating to each user’s usage in order to provide our customer with a report, which if you are using the SaaS version will also be shared with Vasion for the purposes of providing you with the product:  job title, user, page count, and destination printer. For authorization, we collect and store usernames, names, and email addresses. In the event a customer is not using an identity provider, we store authentication user information including passwords. We do not store any document content; however, the title of each document printed may or may not, at the user’s discretion, contain personal data and/or sensitive or Special Category data.
3.3.2 Vasion’s Document Capture, Automated Workflow, Electronic Signature, and Content Management Products
  • You may be a user of our product either because your employer has purchased our product and made it available to you or because a third party who is using our product has asked you to upload or otherwise submit content to them and is using our platform to receive that content from you, e.g. an online web form which you are asked to complete and submit. In both cases, your content may or may not, at your discretion (and depending on the instructions of whomever has asked you to submit the content) contain personal data which our product will process on behalf of the employer or the third party that is our customer (“Content Personal Data”). The personal data may be your own in which case you will be the “data subject”, or it may be that you may submit personal data about other individuals. In both cases we collect the Content Personal Data and will store it for workflow, retrieval, and archive purposes depending on the instructions of our customer or the user.
  • The types of Content Personal Data processed by us are at the discretion of the user and may or may not also contain Special Category data.
  1. How do we use your personal data and what is our lawful basis for doing so?
    1. Vasion may collect and use personal data to allow us to pursue our legitimate interests including to:
  • assess the needs of your business to determine suitable products;
  • provide you with any requested company, product or service information;
  • provide you with other marketing information about our company, products or services (or those of our selected partners) to keep you informed of any events or promotions that we think may interest you;
  • send product updates and warranty information;
  • personalize your user experience or to improve our site (refer to section 5 about cookies);
  • run a promotion, contest, survey or other site feature, and notify you if you win;
  • undergo corporate restructure or reorganization or sale of our business or assets;
  • enforce our legal rights or to defend legal proceedings and for general administration purposes;
  • comply with our legal obligations including assisting law enforcement, tax authorities or other authorized agencies;
  • pursue any employment enquiry you may make with us.
    1. Where we are required to do so to perform our contract with our customer, to:
  • administer your customer account and any orders you place with us;
  • provide our customer with our product and any associated services including technical support;
  • respond to customer service requests or other questions or concerns;
  • process personal data about you which is uploaded into our product by or on behalf of our customer (“Content Personal Data’) to comply with our contractual obligations to our customer.
  1. How long do we keep your personal data?
    1. In accordance with our Data Retention Policy which is available upon request, we may retain your personal information for as long as your account is active or as needed to provide you or your company services, comply with our legal obligations, resolve disputes and enforce our agreements.
    2. If you have expressed an interest in buying products or services from us or from our selected partners, we will retain your contact details and related information concerning your inquiry for three (3) years from the date that we last had contact with you.
    3. If you have expressed an interest in working with us, then unless you are subsequently engaged by us, we will retain your personal data for a reasonable period of time depending on the role you have applied for but not exceeding two years.
    4. If you have purchased goods or services from us or from our selected partners:
      1. We will keep the data relating to that purchase (e.g. order forms and invoices and related correspondence) for seven (7) years from the date of the contract.
      2. We will keep the data you have provided to us for as long as your account is active; and
      3. If there is a dispute, we will keep the data you have provided to us for as long as is necessary until such dispute is resolved and finally settled.
    5. Voicemail recordings and recordings of video or voice calls are kept for (1) year.
    6. If you are using our product:
  • The data collected by the SaaS version of our product will be retained for the duration of the software license and sixty (60) days thereafter or any earlier date when the customer chooses to delete it. A copy of the data is retained in our data center for back-up purposes only for a further period of six (6) months.
  • All Content Personal Data will be deleted either at the discretion of the user (where the customer provides such access to the user) or will be automatically deleted by us no later than sixty (60) days after the customer’s service contract with us terminates.
    1. If you have requested that we do not send you marketing information, we will always retain sufficient information to ensure that we are able to comply with your request.
    2. The periods stated in this section 5 may be extended if we are required by law to keep your data for a longer period or in the event that we need to protect our legal rights.
  1. Cookies, Links to Other URLs & Social Plug-ins on our Website
    1. We use cookies and similar tracking technologies to analyze trends and track users’ site movements only after obtaining explicit consent, and we will provide clear options for you to opt-out at any time. Our use of cookies and other tracking technologies in our marketing operations is based on the choices you make in our preference centers which you may access from the footer of our Websites or by clicking on a cookie icon that appears on our Websites.
    2. We process your Personal Information through the tools provided to us by Amplitude, Adobe Analytics, Adobe Search Cloud (integrated into Google Ads) and 6sense to provide and enhance our advertising services and deliver content or ads of interest. Our use of Personal Information collected for marketing operations is limited to the following purposes:
  • Targeting specific audiences based on users’ location and interests related to the search query.
  • Personalizing the ads that users see based on their search queries.
  • Optimizing our campaigns based on front-end metrics provided by Google Ads (e.g. clicks and webpage impressions).
  • Tracking the performance of our campaigns and measuring key metrics such as clicks, conversions, and return on investment to understand how our campaigns are performing and make data-driven decisions.
  • Adopting Brand Safety protection: ensuring we are not displaying our ads on unsafe or inappropriate websites, to protect our brand reputation.
  • Adopting of fraud prevention in our campaigns to protect our campaigns from online fraud (e.g. click fraud)
    1. For more information about cookies generally and how to disable them you can visit: www.allaboutcookies.org.
    2. As is true of most websites, we gather certain information automatically. This information may include Internet protocol (IP) addresses, browser type, Internet service provider (ISP), referring/exit pages, the files viewed on our site (e.g., HTML pages, graphics, etc.), operating system, date/time stamp, and/or clickstream data to analyze trends in the aggregate and administer the site.
    3. Our site may contain links to and from other websites (e.g. social media sites such as Twitter, Flickr, YouTube and Facebook). Unless we own such websites, we accept no responsibility for the way in which they process your personal data. You are recommended to check the privacy policy of each website before you submit any personal data to it.
    4. We use so-called social plugins (buttons) of social networks such as Facebook, Google+ and Twitter.
    5. When you visit our site, these buttons are deactivated by default, i.e. without your intervention they will not send any data to the respective social networks. Before you can use these buttons, you must activate them by clicking on them. They then remain active until you deactivate them again or delete your cookies.
    6. After their activation, a direct link to the server of the respective social network is established. The contents of the button are then transmitted from the social network directly to your browser and incorporated in the site.
    7. After activation of a button, the social network can retrieve data, independently of whether you interact with the button or not. If you are logged on to a social network, the network can assign your visit to the site to your user account.
    8. If you are a member of a social network and do not wish it to combine data retrieved from your visit to our site with your membership data, you must log out from the social network concerned before activating the buttons.
    9. We have no influence on the scope of data that is collected by the social networks through their buttons. The data use policies of the social networks provide information on the purpose and extent of the data that they collect, how this data is processed and used, the rights available to you and the settings that you can use to protect your privacy.
  1. Will we share your personal data with any third parties?
    1. We may share your personal data with our subsidiaries as identified above in section 2 but only to process the data for those purposes identified within this Policy.
    2. We partner with a third party to display advertising on our website or to manage our advertising on other sites. Our third-party partner may use cookies or similar technologies in order to provide you with advertising based upon your browsing activities and interests. If you wish to opt out of interest-based advertising, click here, or if located in the European Union, click here. Please note you will continue to receive generic ads.
    3. We may share your information with third party service providers who process personal information on our behalf for the purposes of providing services to us or to you directly on our behalf, e.g. advertising agencies, digital marketing service providers or administrative service providers. When we use third party service providers, we only share any personal data that is necessary for them to provide their services, and we have a contract in place that requires them to keep your data secure and not to use it other than in accordance with our specific instructions. These services may include:
  • Payment processing
  • Providing customer service
  • Sending marketing communications
  • Conducting research and analysis
These third parties include our payment processing providers (e.g., Stripe), website analytics providers (e.g., Amplitude and Adobe), providers of tools we use to prevent spam and other security risks related to the abusive automated software (e.g., Cloudflare), online activities, product feedback or help desk software providers (e.g., Salesforce), CRM service providers (e.g., Salesforce), providers of solutions we use to facilitate transactions (e.g., Tackle.io), providers of tools to track marketing campaigns (e.g. LinkedIn Revenue Attribution), and e-mail service providers (e.g., Twilio).
You can obtain further details relating to our third-party service providers by contacting us using the details set out in section 2.
  1. If you use our products and services:
8.4.1 We will share your personal data in order to provide cloud computing infrastructure. For the SaaS version of our product, a client is installed locally that communicates with our product which is hosted in Amazon Web Services which customers may elect to be stored on servers in the United States, or in the EEA. For more information about Amazon Web Services please refer to Compliance Resources – Amazon Web Services (AWS).
8.4.2 We may share certain personal data, typically metadata, collected by our product with our staff in order to provide you with services or support as may be requested by you. Your data will be shared with only those staff who have a need to know in order to provide you with such services or support. All staff are bound by confidentiality agreements which are subject to labor laws.
8.4.3 Content Personal Data is stored on AWS servers, and we have contractual provisions in place with AWS to ensure that the Content Personal Data is adequately protected to the standards required by EU and UK data protection laws.
8.4.4 If you are a user within the administrative console, self service portal and/or the Automate platform of our product we will also share certain Personal Data with third party providers as listed in the table below.
Company
Type of data shared with Company
Purpose
Data Location
Intercom, Inc.
https://www.intercom.com
username, user ID, email and Vasion instance URL for the Vasion SaaS admin console users only
In-application messaging and automation tool for improved customer experience
Data hosted in the US
SalesForce, USA
https://www.salesforce.com
name, title, email address for Vasion SaaS admin console users only
Storage of admin user contact information used to engage with admin users for support and feedback
Data hosted in the US
Sprig, Inc.
https://www.sprig.com
username, user ID, email and Vasion instance URL for Vasion SaaS admin console users only
To facilitate feedback surveys with admin users
Data hosted in the US
Amplitude
https://amplitude.com/
information about your device, browsing actions, and patterns. This includes browser type, IP address, and details of your visits to their website.
enhancing user experience and understanding website usage.
Data hosted in the US
  1. In certain situations, Vasion may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements or as otherwise required by law such as to comply with a subpoena or other legal processes. We will disclose personal data to public authorities only when and to the extent legally required to do so and will take all feasible measures to notify you of such request unless prohibited by law. If Vasion is involved in a (potential) merger, acquisition, or sale of all or a portion of its assets with a third party, we may transfer your personal data to that party to ensure that it can continue to provide information that you have requested or for any of the other purposes that we have noted above. We may also disclose your personal data to any other third party with your prior consent.
  1. Transferring your data outside of the European Economic Area (“EEA”)
    1. Your information, including Personal Information, may be transferred to – and maintained on – computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction.
    2. If you are located outside the United States and choose to provide information to us, please note that we transfer information to the United States for processing. If you are located in the European Union, Switzerland, or the United Kingdom, and to the extent the data protection laws in the United States are deemed by your country to have inadequate data protection, we have put in place certain measures designed to ensure that your Personal Information is subject to suitable safeguards in such transfer outside the European Union, Switzerland, or the United Kingdom (e.g., the Data Privacy Framework, the standard contractual clauses, or other data transfer mechanism permitted by applicable law). For more information about the safeguards we have implemented, please contact us.
    3. Our service providers may be located outside of the United States; however, we will either obtain your explicit consent to transfer your Personal Information to such third parties, or we will require those third parties to maintain at least the same level of confidentiality that we maintain for such Personal Information ourselves. We remain liable for the protection of your Personal Information that we transfer to our service providers, except to the extent that we are not responsible for events arising from any unauthorized or improper processing.
  2. How do we keep your data safe?
The security of your personal information is important to us. We have robust information security management systems in place both internally and within our products to protect your personal information and we undergo security assessments by internal personnel and third parties, which include infrastructure vulnerability assessments and application security assessments. We implement industry-standard technical and organizational security measures, including encryption, access controls, and regular security audits, to protect your personal information. Details of these measures are available upon request.
  1. Links
Our web site contains links to other sites. Please be aware that Vasion is not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each site that collects personally identifiable information.
  1. What are your rights in relation to your data?
    1. Data Subjects have certain rights in relation to their personal data. The rights outlined in this section are available to you in relation to any personal data we process about you within the scope of this privacy policy. As for your personal data which is processed by our software product on behalf of our customer who has purchased the software (“Content Personal Data”), because we only process Content Personal Data on behalf of our customers, if you wish to invoke one of your rights please contact our Customer directly, i.e., your employer or the third party that requested you to provide it with your personal data. If you wish to learn more about how our customer manages the Content Personal Data, you can do so by viewing a copy of the customer’s own privacy policy.
    2. Right to access your personal data
Where we hold your personal data, you have the right to make a ‘subject access request’ to us, including a request for::
  • a description of the personal data;
  • an explanation of why we are holding it;
  • information about who it could be disclosed to; and
  • a copy of the personal data in an intelligible form, unless an exception to the disclosure requirements is applicable.
    1. Right to change your personal data
You have the right to ask us to update or correct without undue delay anything that you think is wrong with the Personal Data we have on file about you and to complete any incomplete personal data.
  1. Right to delete your personal data
You may request the deletion of your personal data at any time. We will respond to your request within one month, providing confirmation of deletion or reasons for retention if applicable.
  1. Right to restrict data processing

    If we hold personal data about you and you believe it is inaccurate or is being processed for unlawful purposes, you have the right to request us to restrict processing of the data. You also have the right to request that the data is restricted where you have a right to it being deleted but would prefer that it is restricted.
  2. Right to stop marketing messages

    You always have the right to stop marketing messages. We include an unsubscribe button in all marketing emails. If you do wish to unsubscribe, please click the “unsubscribe” button and we will promptly action your request. Alternatively, you can update your marketing preferences by contacting us at any time at privacysupport@vasion.com.
  3. Right to portability of personal data.
You have the right to ask for and receive a portable copy of your Personal Data that you have given us or that you have generated by using our Services, so that you can:
  • Move it;
  • Copy it;
  • Keep it for yourself; or
  • Transfer it to another organization.
We will provide your Personal Data in a structured, commonly used, and machine-readable format. When you request this information electronically, we will provide you with a copy in electronic format. You can ask us to send your personal information directly to another service provider, and we will do so if this is technically possible. We may not provide you with a copy of your personal information if this concerns other individuals or we have another lawful reason to withhold that information.
  1. Right to complain
You have the right to complain to the personal data regulator in your country, which can be located at http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm.
  1. Exercising your data subject rights
To make a data subject rights request, please contact us via email, telephone, or postal mail via the contact details provided in Section 2 above and identify your request clearly as “Data Subject Rights Request.” We will process your request within one month.
12. Artificial Intelligence and Machine Learning Processing
12.1. AI-Enhanced Features and Data Collection
Vasion incorporates artificial intelligence (AI) and machine learning technologies to enhance our document management, workflow automation, and content processing capabilities. When you use AI-enhanced features within our products, we may collect and process the following data:
• Document content and metadata that you submit for AI processing, including text, images, and file properties;
• Your interactions with AI features, such as queries, commands, and preferences;
• AI-generated outputs, recommendations, and automated categorizations created in response to your inputs;
• Usage patterns and performance metrics related to AI functionality;
• Feedback you provide regarding AI-generated results or suggestions.
All AI models used by Vasion are embedded directly within our product architecture. No personal data is transmitted to external AI technology providers, and all processing occurs within Vasion’s secure infrastructure.
12.2. AI Processing Purposes
We use AI technologies for the following legitimate business purposes to enhance your experience with our products:
• Content analysis and automated document categorization to improve workflow efficiency;
• Intelligent data extraction, form creation, edit and processing to reduce manual data entry;
• Admin support to allow administrators the ability to apply changes in bulk across print environments
• Enhanced search functionality and content recommendations;
• Predictive analytics to improve system performance and user experience;
12.3. AI Technology Infrastructure
Vasion utilizes Amazon Bedrock infrastructure, which provides access to Anthropic Claude AI models as well as Microsoft MetaLlama 3 models, to power our AI-enhanced features. This relationship is structured to maintain the highest levels of data protection:
• AI models are embedded within Vasion’s product environment and operate under our direct control;
• No customer data, personal information, or document content is transmitted to Amazon Web Services, Anthropic, or any other external AI provider;
• Amazon Bedrock provides only the underlying AI model infrastructure; all data processing occurs within Vasion’s secure architecture;
• We maintain full ownership and control over all data inputs, processing activities, and AI-generated outputs;
• Our AI infrastructure is subject to the same security measures and data protection standards as our other product components.
12.4. AI Data Retention
Data processed through our AI features is subject to the following retention periods, which align with our general data retention policies outlined in Section 5:
• AI-generated outputs and recommendations are retained for the same period as the underlying customer data that generated them;
• AI interaction logs and usage analytics are retained for twelve (12) months for product improvement purposes;
• For SaaS customers, AI-processed data follows the same retention schedule as other product data: retained for the duration of the software license plus sixty (60) days thereafter;
• AI training data, if any, consists only of anonymized, aggregated usage patterns and does not include personal data or customer content;
• Upon termination of your service agreement, all AI-processed data is deleted according to the same schedule as other customer data outlined in Section 5.6.
12.5. Your Rights Regarding AI Processing
In addition to the data subject rights outlined in Section 11, you have specific rights regarding AI processing:
• Right to opt-out of AI features: You may choose to disable AI-enhanced functionality within our products without affecting core product functionality;
• Right to explanation: You may request information about how AI-generated outputs or recommendations affecting you were produced;
• Right to human review: If applicable,for any automated decisions that significantly affect you, you may request human intervention and review;
• Right to access AI-generated content: You may request copies of AI-generated outputs, recommendations, or categorizations related to your data;
To exercise these rights, please contact us using the information provided in Section 2.
12.6. AI Processing and International Data Transfers
AI processing within Vasion’s products occurs entirely within our existing data center infrastructure and is subject to the same international transfer safeguards described in Section 8:
• AI processing for SaaS customers occurs within the same geographic regions (United States or European Economic Area) as selected for their primary data storage;
• No additional cross-border data transfers occur as a result of AI processing;
• AI-processed data remains subject to the same transfer safeguards, including Standard Contractual Clauses where applicable;
• Our AI infrastructure complies with the same data localization commitments as our other product components.
12.7. AI Security and Accuracy
We implement appropriate technical and organizational measures to ensure the security and reliability of AI processing:
• AI models are regularly updated and monitored for accuracy and bias;
• We maintain audit logs of AI processing activities for security and compliance purposes;
• AI infrastructure is subject to the same security assessments and controls as described in Section 9;
• We provide mechanisms for users to report inaccurate or inappropriate AI outputs.
While we strive to ensure the accuracy of AI-generated outputs, users should review and validate all AI recommendations before relying on them for business decisions.
  1. Changes to this privacy policy
We may update this Privacy Policy to reflect changes to our information practices. We encourage you to periodically review this page for the latest information on our privacy practices.
This document was last updated on September 29, 2025
Vasion Privacy Policy | Vasion