Privacy PolicyEffective date: September 9, 2025
Who we are. Volodver LLC (“Volodver”, “we”, “us”, “our”) is a Colorado, USA company that creates applications (“Apps”) for Microsoft Dynamics 365 Business Central and distributes them via Microsoft AppSource and our websites volodver.com and vld-bc.com. This Privacy Policy explains how we collect, use, disclose, and otherwise process personal data in our Apps, on our websites, and when you contact us.
Scope & roles.
Apps: Your organization is typically the data controller. To the extent we process personal data on your behalf (e.g., limited telemetry or when you request support), Volodver acts as a processor/service provider.
Websites & communications: Volodver is the data controller.
1) Data we collect
We collect the following categories of data:
A. App telemetry and licensing data (minimal by design). App identifier and version, tenant/environment identifiers, feature usage events, performance/error diagnostics, and activation/license state (for paid features). We intentionally avoid collecting business content from your tenant.
B. Support interactions. Information you choose to share (e.g., emails, descriptions, screenshots, diagnostic exports). You should remove or mask business-sensitive or personal content before sending it to us.
C. Website and device data. Standard server logs (IP address, user-agent, referrer), pages viewed, timestamps; device/browser details; cookie identifiers; and basic analytics information. If you submit forms, we collect the details you provide (e.g., name, email, company, message).
We do not intentionally collect biometric identifiers (including face/voice prints), precise geolocation, financial account numbers, government identifiers, health data, or children’s data.
2) Purposes of processing
Provide and operate Apps and websites.
Diagnose issues, improve reliability and performance.
Provide customer support and communicate about fixes, updates, and security notices.
Protect users, systems, and intellectual property; prevent fraud/abuse.
Comply with legal obligations (tax, accounting, security, export).
3) Legal bases (where GDPR/UK GDPR applies)
Performance of a contract (Art. 6(1)(b))—delivering Apps/support you request.
Legitimate interests (Art. 6(1)(f))—security, quality, and website analytics.
Legal obligations (Art. 6(1)(c))—recordkeeping, compliance, safety.
Consent (Art. 6(1)(a))—where required (e.g., certain cookies in EEA/UK).
For US state laws (e.g., CPRA/CPA/VCDPA/CTDPA/UCPA), we act as a service provider/processor where applicable.
4) Cookies, analytics, and Do Not Track
We use essential cookies and may use privacy-respecting analytics to understand aggregate website usage. We do not use third-party ad networks, cross-context behavioral advertising, or session-replay/heatmap tools. In some regions you can manage cookies via a banner; you can also control cookies in your browser.
Do Not Track. Our websites do not respond to DNT signals at this time.
5) Sharing and disclosure
We do not sell personal information and we do not share it for cross-context behavioral advertising (as defined under California law). We may disclose personal data to:
Microsoft as platform provider for Business Central/AppSource (independent terms apply).
Service providers/sub-processors (e.g., hosting, error reporting, email/help desk) bound by confidentiality and data-protection obligations. A current list is available on request.
Affiliates (if any) for the purposes described here.
Legal/safety recipients where required by law or to protect rights, property, and safety.
Business transfers in connection with a merger, acquisition, reorganization, or sale of assets, subject to this Policy or equivalent safeguards.
We do not use or disclose sensitive personal information beyond purposes permitted by applicable law.
6) International transfers
We are based in the United States. Where personal data is transferred internationally, we implement safeguards required by law (e.g., Standard Contractual Clauses) and, if applicable, UK addenda.
7) Security
We apply technical and organizational measures to protect personal data (least-privilege access, encryption in transit, change control). No method is 100% secure; please use secure channels when sharing support materials.
8) Retention
We retain personal data only as long as necessary for the purposes above and to comply with legal obligations, resolve disputes, and enforce agreements. Support artifacts are typically deleted after case closure unless longer retention is required for legal or diagnostic reasons.
9) Your rights
Your rights depend on your location and applicable law. Subject to limits and exceptions, you may have the right to access, correct, delete, or receive a copy of your personal data, and to object to or restrict certain processing. If we process data on behalf of your organization, contact your administrator first; we will support them in fulfilling requests.
EEA/UK/Switzerland
You may also have rights to data portability and to lodge a complaint with your supervisory authority. We will respond within legally required timelines.
United States — state notices
We honor applicable state privacy rights, including:
California (CPRA). Rights to know/categories, access specific pieces, delete, correct, portability; opt-out of “sale”/“sharing” (we do not sell/share); limit use/disclosure of sensitive PI (we do not use it beyond permitted purposes); non-discrimination.
Colorado/Connecticut/Virginia/Utah. Rights to know, access, delete, correct (where applicable), data portability, and to opt-out of targeted advertising, sale, and certain profiling. We provide an appeals process where required.
Verification & authorized agents (CA). We may need to verify your identity before fulfilling requests. California residents may designate an authorized agent; we may require proof of identity and authority.
Nevada. We do not sell “covered information” as defined by Nevada law; Nevada residents may still submit an opt-out request using the contact below.
Exercising your rights. Email privacy@volodver.com with the subject “Privacy Request,” and describe the right you wish to exercise and the context (website vs. App). We will respond within the required timeframe. For Virginia/Colorado/Connecticut appeals, reply “Appeal” to our decision notice; we will inform you of our final decision and how to contact your Attorney General if you remain unsatisfied.
10) Children
Our Apps and websites are not directed to children under 16. We do not knowingly collect personal data from children.
11) Third-party links and services
Our sites and documentation may link to third-party sites or services. Their privacy practices are governed by their own policies.
12) Changes
We may update this Privacy Policy from time to time. We will change the “Effective date” above and, when appropriate, provide additional notice. Changes apply prospectively.
13) Dispute resolution for privacy matters
Privacy-related disputes are handled under the same governing law, arbitration, and venue terms as our License Terms (individual arbitration in Denver, Colorado; no class actions), in addition to any non-waivable rights under applicable law.
14) Contact
Email: privacy@volodver.com
Mailing: Volodver LLC, Colorado, United States