Book a demo
Login

Privacy
Policy

Last Updated: May 13, 2026

PRIVACY POLICY — VINTEUM SOFTWARE, INC.

Thank you for choosing Vinteum Software, Inc. (“Vinteum,” “company,” “we,” “us,” or “our”). We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains what information we collect, how we use it, who we share it with, how long we keep it, and what rights you have.

If you have any questions about this policy or our data practices, please contact us at [email protected].

SCOPE AND APPLICABILITY

This Privacy Policy applies to all personal information collected through:

  • Our websites, including vinteum.io and vinteumneigbrs.com (Neigbrs™) (collectively, the “Sites”);
  • Our mobile applications for iOS and Android (the “Apps”);
  • Our cloud-based software-as-a-service platform for community, HOA, condominium, and property management (the “Platform” or “Services”); and
  • Any related sales, marketing, customer support, or events.

We refer to the Sites, Apps, Platform, and Services collectively as the “Services” unless otherwise specified.

This policy does not apply to third-party websites, services, or applications that may link to or from our Services. We encourage you to review the privacy policies of any third-party services you access.

WHO THIS POLICY COVERS — ROLES AND DATA RELATIONSHIPS

We provide SaaS software to community associations, homeowners associations (HOAs), condominiums, property management companies, and similar organizations. Because of this, we interact with several categories of individuals whose data we may process:

  • Website Visitors: Individuals who visit our Sites without creating an account. We collect limited data through cookies and analytics as described below.
  • Marketing Leads: Individuals who submit contact information through forms, demos, webinars, or other marketing activities.
  • Customers: Organizations (community associations, HOAs, condominiums, property management companies, or similar entities) that subscribe to our Platform under a paid or free plan. When we say “Customer” in this policy, we mean the subscribing organization.
  • Administrators: Individuals authorized by the Customer to manage the Customer’s account on the Platform, such as board members, community managers, or property managers.
  • Authorized Users: Individuals granted access to the Platform by the Customer or an Administrator, including staff, board members, and other personnel.
  • Residents and End Users: Individuals whose information may be stored or processed on the Platform by or on behalf of the Customer, including homeowners, tenants, residents, household members, visitors, and emergency contacts.

WHEN VINTEUM IS A CONTROLLER VERSUS A PROCESSOR

  • Controller / Business: Vinteum acts as the data controller (under GDPR) or business (under CCPA/CPRA) for personal information we collect directly from Website Visitors, Marketing Leads, Customers, and Administrators for our own business purposes — such as account management, billing, marketing, analytics, and platform operations.
  • Processor / Service Provider: When a Customer uses our Platform to store, manage, or process personal information about Residents, End Users, household members, or other individuals, Vinteum acts as a data processor (under GDPR) or service provider (under CCPA/CPRA) on behalf of that Customer. In this role, the Customer determines the purposes and means of processing. We process such data only as instructed by the Customer and as described in our Terms of Use and, where applicable, our Data Processing Addendum (DPA). If you are a Resident or End User and have questions about how your personal information is handled within the Platform, please contact your community association or property manager directly, as they are the data controller for that information.

PERSONAL INFORMATION WE COLLECT

1. Information You Provide Directly

  • Name and Contact Data: First and last name, email address, postal address, phone number, and other similar contact information.
  • Account Credentials: Username and password for authentication and account access. We use industry-standard hashing and encryption for passwords. We do not store passwords in plain text, and we do not collect password hints.
  • Payment Data: If you make purchases, we collect billing name, billing address, and payment method selection. Credit card numbers, debit card numbers, bank account numbers, and associated security codes are collected and processed directly by our PCI-DSS-compliant third-party payment processor. Vinteum does not store full payment card numbers or security codes on our servers.
  • Customer Data: Information that Customers or Authorized Users upload, enter, or transmit through the Platform, including but not limited to resident directories, unit information, meeting minutes, governing documents, notices, communications, financial records, violation records, work orders, and other community management data (“Customer Data”). Vinteum processes Customer Data on behalf of the Customer. See “Customer Data Ownership” in our Terms of Use.
  • Communications: Records of your correspondence with us, including support tickets, emails, chat transcripts, and phone call records.
  • Testimonials and Feedback: If you provide a testimonial or product feedback, we may collect your name, title, organization, and the content of your testimonial with your prior consent.

2. Information Collected Automatically

When you visit, use, or navigate our Services, we automatically collect certain information that does not reveal your specific identity but may include:

  • Device and Usage Data: IP address, browser type and version, operating system, language preferences, referring URLs, device identifiers, screen resolution, and time zone.
  • Usage Data: Pages visited, features used, clickstream data, session duration, date and time of access, and other technical information about how you interact with our Services.
  • Log Data: Server logs, error reports, and diagnostic data.

This information is primarily used to maintain the security and operation of our Services and for internal analytics and reporting.

3. Information Collected Through Cookies and Similar Technologies

  • We use cookies, web beacons, pixels, and similar technologies to collect information. See “Cookies and Tracking Technologies” below for full details, including how to manage your preferences.

4. Information Collected Through Our Apps

If you use our mobile Apps, we may also collect:

  • Push Notifications: We may request to send you push notifications regarding your account, community updates, or the mobile application. You may opt out at any time through your device settings.
  • Device Information: Device model, operating system version, unique device identifiers, and mobile network information.

We do not access your device’s camera, microphone, contacts, address book, or location services unless you explicitly grant permission for a specific feature and can revoke that permission at any time.

5. Information From Other Sources

We may obtain limited information about you from other sources, such as:

  • Public databases and publicly available sources.
  • Marketing partners and lead-generation services.
  • Social media platforms, if you choose to log in using a third-party account (such as Google). In this case, we receive only the information you authorize the third-party platform to share, such as your name, email address, and profile picture.

HOW WE USE YOUR INFORMATION

We process your personal information for the following purposes, relying on the legal bases indicated:

  • To provide and operate the Services (Contractual Necessity / Legitimate Interest): Creating and managing your account, providing the Platform, processing transactions, delivering customer support, and enabling community management functionality.
  • To process payments (Contractual Necessity): Fulfilling and managing orders, subscriptions, billing, and invoicing through our payment processor.
  • To communicate with you (Contractual Necessity / Legitimate Interest): Sending service-related notices, account notifications, security alerts, technical updates, and changes to our terms or policies.
  • To send marketing communications (Consent / Legitimate Interest): Sending information about products, features, promotions, and events. You can opt out at any time by clicking “unsubscribe” in any marketing email or by contacting us.
  • To improve our Services (Legitimate Interest): Analyzing usage patterns, identifying trends, testing new features, and improving the user experience.
  • To ensure security and prevent fraud (Legitimate Interest / Legal Obligation): Monitoring for suspicious activity, preventing unauthorized access, investigating potential violations, and maintaining platform integrity.
  • To comply with legal obligations (Legal Obligation): Responding to lawful requests, subpoenas, court orders, or regulatory requirements.
  • To post testimonials (Consent): Publishing testimonials on our Services with your prior consent. You may request update or removal at any time by contacting [email protected].
  • To enable user-to-user communications (Consent / Contractual Necessity): Facilitating communications between users within the Platform, such as notices, messages, and community updates.

SHARING AND DISCLOSURE OF YOUR INFORMATION

We do not sell your personal information. We share your information only in the following circumstances:

  • Service Providers and Subprocessors: We share data with third-party vendors, service providers, and contractors who perform services on our behalf, such as payment processing, cloud hosting, email delivery, analytics, customer support, and security services. These providers are contractually obligated to use your data only for the purposes we specify and to maintain appropriate security measures. A list of our subprocessors is available upon request.
  • Compliance with Laws: We may disclose your information where required by applicable law, governmental request, judicial proceeding, court order, or legal process, including in response to public authorities to meet national security or law enforcement requirements.
  • Protection of Rights: We may disclose your information where we believe it is necessary to investigate or address potential violations of our policies, suspected fraud, threats to the safety of any person, illegal activities, or as evidence in litigation.
  • Business Transfers: We may share or transfer your information in connection with any merger, acquisition, sale of assets, financing, or transfer of all or a portion of our business. We will notify affected users before personal information is transferred and becomes subject to a different privacy policy.
  • With Your Consent: We may disclose your information for any other purpose with your explicit consent.
  • Within the Platform: Information shared within the Platform (such as community notices, directory entries, or forum posts) may be visible to other authorized users of the same community, as determined by the Customer’s configuration and the Platform’s functionality.

COOKIES AND TRACKING TECHNOLOGIES

We use cookies and similar tracking technologies to collect and store information.

What Are Cookies: A cookie is a small data file placed on your device by a website. Cookies help us recognize your device, remember your preferences, and understand how you use our Services.

Cookie Categories: We classify cookies into the following categories, in accordance with the GDPR, ePrivacy Directive, and applicable U.S. state privacy laws:

  1. Strictly Necessary Cookies: Essential for the operation of our Services, including security, session management, and accessibility. These cookies do not require your consent.
  2. Functional Cookies: Enable enhanced functionality and personalization, such as remembering preferences, language settings, and login status. If you do not allow these cookies, some features may not function properly.
  3. Analytics / Performance Cookies: Allow us to measure and improve the performance of our Services by counting visits and understanding traffic sources and user behavior. All information these cookies collect is aggregated. Services in this category include Google Analytics.
  4. Marketing / Advertising Cookies: May be set by our advertising partners to build a profile of your interests and show you relevant advertisements. Services in this category may include Meta Pixel, LinkedIn Insight Tag, and Google Ads.
  5. Cookie Consent and Management: When you first visit our Sites, you will be presented with a cookie consent banner managed by Complianz, our consent management platform. You may accept or reject non-essential cookies at that time and change your preferences at any time by clicking “Manage Consent” or “Cookie Settings” in the footer of our Sites.
  6. Consent-First Loading: For residents of the European Economic Area (EEA), United Kingdom, or other jurisdictions where prior consent is required, non-essential cookies — including analytics and marketing cookies — will not be loaded until you have given your explicit consent. Google Tag Manager is configured in consent mode and will not deploy non-essential tags before consent is granted.

 

For California residents, you may opt out of cookies used for cross-context behavioral advertising through our “Do Not Sell or Share My Personal Information” link, or by using a Global Privacy Control (GPC) signal recognized by your browser.

For a complete list of cookies, including names, providers, purposes, and durations, please refer to our Cookie Policy accessible via the cookie consent banner or footer of our Sites.

THIRD-PARTY SERVICES AND TECHNOLOGIES

We use the following third-party services on our Sites and Apps:

  • Google Tag Manager (GTM): Used to manage and deploy analytics and marketing tags. GTM operates in consent mode and does not fire non-essential tags before user consent is granted. For more information, see Google’s Privacy Policy: https://policies.google.com/privacy.
  • Google Analytics: Used to measure website traffic and usage patterns. Data collected includes IP addresses (anonymized where required), browser type, pages visited, and session duration. For more information, see Google’s Privacy Policy: https://policies.google.com/privacy.
  • Google reCAPTCHA: Used to protect our Sites from spam and abuse. reCAPTCHA may collect device and application data and send it to Google for analysis. For more information, see Google’s Privacy Policy: https://policies.google.com/privacy.
  • Cloudflare: Used for website security, performance optimization (CDN), DDoS protection, and email protection. Cloudflare may process IP addresses and connection data. For more information, see Cloudflare’s Privacy Policy: https://www.cloudflare.com/privacypolicy/
  • Meta Pixel (Facebook): Used to measure the effectiveness of advertising campaigns on Meta platforms. This pixel may collect data about your browsing activity. For more information, see Meta’s Privacy Policy: https://www.facebook.com/privacy/policy/
  • LinkedIn Insight Tag: Used to measure the effectiveness of LinkedIn advertising campaigns. For more information, see LinkedIn’s Privacy Policy: https://www.linkedin.com/legal/privacy-policy
  • Google Ads: Used for advertising campaign measurement and remarketing. For more information, see Google’s Privacy Policy: https://policies.google.com/privacy
  • Payment Processor: We use a PCI-DSS-compliant third-party payment processor to handle credit card, debit card, and ACH transactions. Vinteum does not store full payment card numbers or security codes. For details on how your payment data is handled, please contact our payment processor directly or review its privacy policy.

Each of these services operates under its own privacy policy. We process data through these services based on legitimate business interests (security, analytics, fraud prevention) and, where required by law, with your consent.

THIRD-PARTY WEBSITES

Our Services may contain links to third-party websites, services, or applications that are not affiliated with us. We are not responsible for the privacy practices or content of those third parties. We encourage you to review the privacy policies of any third-party services you visit.

DATA RETENTION

We retain personal information only for as long as necessary to fulfill the purposes described in this policy, unless a longer retention period is required or permitted by law. Specific retention periods by data category:

  • Account Data: Retained for the duration of the account relationship and up to 6 months after account termination, after which it is deleted or anonymized.
  • Customer Data: Retained for the duration of the Customer’s subscription. Upon subscription termination, Customer Data will be available for export for 30 days, after which it will be deleted in accordance with our Terms of Use and, where applicable, our Data Processing Addendum.
  • Payment and Transaction Records: Retained for up to 7 years as required by tax, accounting, and financial regulatory requirements.
  • Analytics and Usage Data: Retained in identifiable form for up to 26 months, after which it is aggregated or deleted.
  • Communications Data (support tickets, emails): Retained for up to 3 years after the last interaction.
  • Marketing Data: Retained until you opt out or withdraw consent, after which we will cease processing for marketing purposes within 30 days.
  • Backup Archives: Data in backup archives may persist for up to 90 days after deletion from active systems. Backup data is encrypted and isolated from active processing until overwritten.
  • Legal Hold: Notwithstanding the above, we may retain information as required to comply with legal obligations, resolve disputes, or enforce our agreements.

When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it, or, if deletion is not immediately possible (for example, because it resides in backup archives), we will securely store it and isolate it from further processing until deletion is possible.

DATA SECURITY

We implement appropriate technical and organizational security measures designed to protect personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption: Data is encrypted in transit using TLS 1.2 or higher. Sensitive data at rest is encrypted using industry-standard encryption algorithms.
  • Access Controls: Access to personal information is restricted to authorized personnel on a need-to-know basis, using role-based access controls and multi-factor authentication for administrative access.
  • Infrastructure Security: Our Platform is hosted on enterprise-grade cloud infrastructure with physical security controls, network firewalls, and intrusion detection systems.
  • Monitoring and Logging: We maintain audit logs and monitoring systems to detect and respond to potential security incidents.
  • Regular Backups: We perform regular automated backups to protect against data loss.
  • Incident Response: We maintain a security incident response plan. In the event of a confirmed data breach involving personal information, we will notify affected individuals and relevant regulatory authorities as required by applicable law, and in no event later than 72 hours after becoming aware of the breach for notifications required under GDPR.

No method of transmission over the internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.

CHILDREN AND MINORS

Our Services are intended for users who are at least 18 years of age. We do not knowingly solicit data from or market to children under 18 years of age. By using the Services, you represent that you are at least 18 or that you are the parent or guardian of a minor and consent to such minor’s use of the Services.

In accordance with the U.S. Children’s Online Privacy Protection Act (“COPPA”), we do not knowingly collect, use, or disclose personal information from children under the age of 13 without verifiable parental consent. If we receive actual knowledge that we have collected personal information from a child under 13 without parental consent, we will delete that information from our records as quickly as is reasonably practical.

If we learn that personal information from users between the ages of 13 and 18 has been collected without appropriate authorization, we will deactivate the account and take reasonable measures to promptly delete such data from our records.

Community-Specific Context: Because our Platform is used for community and property management, Customer Data may include information about minors who appear in household records, resident directories, emergency contact lists, or visitor logs. This information is provided and controlled by the Customer (the community association or property manager), who is responsible for obtaining any required consents. Vinteum processes this data solely as a service provider on behalf of the Customer.

If you become aware of any data we may have collected from children under age 18, please contact us at [email protected].

YOUR PRIVACY RIGHTS

Depending on your location, you may have specific rights regarding your personal information.

Rights for European Economic Area (EEA), United Kingdom, and Switzerland Residents (GDPR)

If you are a resident of the EEA, UK, or Switzerland, you have the following rights under the General Data Protection Regulation (GDPR) and equivalent local laws:

  • Right of Access: Request a copy of the personal data we hold about you.
  • Right to Rectification: Request correction of inaccurate or incomplete personal data.
  • Right to Erasure (Right to Be Forgotten): Request deletion of your personal data, subject to certain legal exceptions.
  • Right to Restriction of Processing: Request that we restrict the processing of your personal data in certain circumstances.
  • Right to Data Portability: Receive your personal data in a structured, commonly used, and machine-readable format, and transmit it to another controller.
  • Right to Object: Object to the processing of your personal data based on legitimate interests or for direct marketing purposes.
  • Right to Withdraw Consent: Where we rely on consent, withdraw it at any time without affecting the lawfulness of processing before withdrawal.
  • Right to Lodge a Complaint: Lodge a complaint with your local data protection supervisory authority. Contact details: https://ec.europa.eu/newsroom/article29/items/612080/en.
  • Right Not to Be Subject to Automated Decision-Making: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects or similarly significantly affects you.

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days as required by applicable law.

International Data Transfers: Your personal data may be transferred to and processed in the United States, where our servers are located. For transfers from the EEA, UK, or Switzerland, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission as appropriate safeguards under Article 46 of the GDPR. Additional transfer mechanism details are available upon request and in our Data Processing Addendum.

Rights for California Residents (CCPA / CPRA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act of 2018 (CCPA), as amended by the California Privacy Rights Act of 2023 (CPRA):

  • Right to Know: Request disclosure of the categories and specific pieces of personal information we have collected, the sources, the business or commercial purposes, and the categories of third parties with whom we share it.
  • Right to Delete: Request deletion of personal information we have collected, subject to certain exceptions.
  • Right to Correct: Request correction of inaccurate personal information.
  • Right to Opt-Out of Sale or Sharing: Opt out of the sale or sharing of your personal information for cross-context behavioral advertising. To exercise this right, visit our “Do Not Sell or Share My Personal Information” link on our website, use a Global Privacy Control (GPC) signal, or contact us at [email protected].
  • Right to Limit Use of Sensitive Personal Information: Limit our use and disclosure of sensitive personal information to what is necessary to perform the Services.
  • Right to Non-Discrimination: You will not receive discriminatory treatment for exercising your CCPA/CPRA rights.

To submit a verifiable consumer request, contact us at [email protected] or call 844-900-0910. You may designate an authorized agent to make a request on your behalf. We will respond within 45 days as required by law.

Categories of Personal Information Collected. In the preceding 12 months, we have collected the following categories of personal information: identifiers (name, email, phone number, IP address), commercial information (purchase and subscription history), internet or other electronic network activity (browsing history, interactions with our Services), geolocation data (approximate location derived from IP address), and professional or employment-related information (job title and organization, where provided).

We do not sell personal information. We may share personal information with analytics and advertising partners for purposes that may constitute “sharing” under the CPRA. You may opt out of this sharing as described above.

Rights for Residents of Other U.S. States

If you are a resident of Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, or another U.S. state with a comprehensive consumer privacy law, you may have similar rights, including the right to access, correct, delete, and port your personal information, and the right to opt out of targeted advertising, profiling, and the sale of personal information. To exercise these rights, contact us at [email protected]. We will respond within the timeframe required by your state’s applicable law.

California “Shine The Light” Law

California Civil Code Section 1798.83 permits California residents to request information about personal information disclosed to third parties for direct marketing purposes. If you are a California resident and would like to make such a request, please contact us using the information below.

If you are under 18 years of age, reside in California, and have a registered account, you have the right to request removal of content you publicly posted. Contact us at [email protected] with the email associated with your account and a statement that you reside in California. We will remove the content from public display but it may not be completely removed from all systems.

Account Information

To review or change your account information, or to terminate your account:

  • Log into your account settings and update your information.
  • Contact us using the contact information below.
  • Contact your community administrator (for Resident and End User accounts).

Upon request to terminate your account, we will deactivate or delete your account and information from active databases in accordance with the retention periods described above. Some information may be retained as required for fraud prevention, investigations, legal compliance, or enforcement of our Terms of Use.

Opting Out of Email Marketing: Unsubscribe from marketing emails by clicking the “unsubscribe” link in any marketing email or by contacting us. Service-related emails necessary for account administration will continue.

Cookies and Similar Technologies: Manage your cookie preferences through our cookie consent tool, your browser settings, or by visiting http://www.aboutads.info/choices/ for interest-based advertising opt-outs.

CHANGES TO THIS POLICY

We may update this Privacy Policy from time to time. The updated version will be indicated by an updated “Last Updated” date at the top of this policy, and the updated version will be effective as soon as it is accessible.

If we make material changes, we will notify you by: (a) prominently posting a notice on our Sites, (b) sending an email to the address associated with your account, or (c) providing notice through the Platform. We encourage you to review this policy periodically.

CONTACT US

If you have questions or comments about this policy, wish to exercise your privacy rights, or need to report a privacy concern, you may contact us at:

Vinteum Software, Inc.
2 Biscayne Blvd #2450
Miami, FL 33131
Email: [email protected]
Phone: 844-900-0910

For GDPR-related inquiries, you may also contact us at [email protected] with the subject line “GDPR Request.”