Legal

Privacy Policy

Last updated: May 23, 2025 · Viargues Financial & AI Solutions

This Privacy Policy explains how Viargues Financial & AI Solutions ("we", "us", "our") collects, uses, stores, and protects your personal data when you use the Viargues Translation platform. We are committed to your privacy and to full compliance with applicable data protection law, including the General Data Protection Regulation (GDPR).

1. Data Controller

The data controller responsible for your personal data is:

Viargues Financial & AI Solutions

Service: Viargues Translation
Email: info@viarguesolutions.com
Website: www.viarguesolutions.com

For all privacy-related requests, enquiries, or complaints, please contact us at info@viarguesolutions.com.

2. Data We Collect

We collect the following categories of personal data:

2.1 Identity and Contact Data

Name (first name, last name) — provided during account creation or translation submission
Email address — used for account authentication, notifications, and delivery of translated documents

2.2 Document Data

The original documents you upload (images or PDFs of official identity documents)
The translated and certified documents we produce
Extracted text and structured data generated during the translation process

2.3 Account and Usage Data

Authentication data (managed by Auth0 — see Section 5)
Job and quote identifiers, submission timestamps, document types, and countries of origin
Customer approval notes and reviewer comments
Payment status information (no card details — see Section 5)

2.4 Technical Data

IP address and browser/device information collected automatically when you access our service
Session tokens and authentication cookies (see Section 8)

3. Purposes and Legal Bases for Processing

We process your personal data for the following purposes:

Contract

To perform the translation service you have requested, including processing your document, generating and delivering a certified translation, and handling payment.

Legitimate Interest

To operate and improve our platform, prevent fraud and abuse, ensure security, and send transactional communications directly related to your service request.

Legal Obligation

To comply with applicable laws and regulations, including responding to lawful requests from public authorities.

Consent

For any optional communications or processing beyond what is necessary to deliver your translation — you may withdraw consent at any time.

4. Data Retention

We retain your personal data only for as long as necessary for the purposes for which it was collected:

Uploaded source documents: Stored on AWS S3 for the duration of the service and automatically deleted after 7 days from the date of certification (standard accounts).
Quick Translate documents: Certified PDF download links expire after 10 minutes. Underlying files are deleted after the 7-day window from certification.
Account data: Retained for as long as your account remains active. Upon account deletion request, all personal data is removed within 30 days.
Payment records: Transaction records may be retained for up to 7 years in accordance with financial record-keeping requirements.
Guest quote requests: Document files are deleted after the applicable window. Quote metadata (email, document type, country) may be retained for up to 12 months for administrative purposes.

5. Third-Party Processors

We work with carefully selected third-party service providers who process personal data on our behalf. We do not sell, rent, or trade your personal data to any third party for marketing purposes.

Auth0 (Okta)Identity & Authentication

Manages user accounts, sign-in, and session tokens. Auth0 processes your email address and authentication credentials under its own privacy policy and operates under SOC 2 Type II certification.

Amazon Web Services (AWS S3)Document Storage

Stores uploaded source documents and generated PDFs with AES-256 encryption at rest and TLS encryption in transit. AWS operates under ISO 27001 and SOC 2 certifications.

StripePayment Processing

Processes all payments. Stripe collects and stores payment card details directly; we never see or store your card number, CVV, or bank account details. Stripe is PCI DSS Level 1 certified.

ResendTransactional Email

Delivers transactional emails including document delivery notifications, invoice emails, and review links. Email content is encrypted in transit.

RenderBackend Infrastructure

Hosts our backend API servers in the United States. Processes API requests and document translation workflows. All data in transit is encrypted via TLS.

6. Your Privacy Rights

Regardless of your location, you have the following rights regarding your personal data:

Right of Access

Request a copy of the personal data we hold about you.

Right to Rectification

Request correction of inaccurate or incomplete data.

Right to Erasure

Request deletion of your personal data ('right to be forgotten').

Right to Portability

Receive your data in a structured, machine-readable format.

Right to Object

Object to processing based on legitimate interests.

Right to Restrict

Request that we limit processing of your data in certain circumstances.

To exercise any of these rights, please contact us at info@viarguesolutions.com. We will respond to all requests within 30 days. You also have the right to lodge a complaint with your local data protection supervisory authority.

7. Cookies and Session Tokens

We use strictly necessary cookies and session tokens to operate our service. We do not use advertising cookies, third-party tracking cookies, or analytics cookies that track you across other websites.

Session cookie: Set by Auth0 to maintain your authenticated session. This cookie is encrypted, secure, and set with SameSite=Strict to prevent cross-site request forgery.
Preference storage: We use localStorage on your device to store UI preferences (e.g. whether the profile completion modal has been dismissed). This data never leaves your device.

As we use only strictly necessary cookies, a cookie consent banner is not required under GDPR. If we introduce any non-essential cookies in the future, we will update this policy and implement appropriate consent mechanisms.

8. Security

We implement appropriate technical and organisational measures to protect your personal data against accidental or unlawful destruction, loss, alteration, disclosure, or access:

Encryption in transit: All data transmitted between your browser and our servers is encrypted using TLS (Transport Layer Security).
Encryption at rest: All documents stored on AWS S3 are encrypted using AES-256.
Access controls: Document access is restricted by authentication tokens (for account users) or time-limited UUID tokens (for Quick Translate users). Admin access requires separate, elevated credentials.
No PII in logs: Our systems are configured to exclude personally identifiable information from server logs.
Presigned URLs: Direct document download links are generated as time-limited presigned URLs (10 minutes for Quick Translate, 7 days for standard accounts) and are never publicly indexed.

While we take all reasonable precautions, no method of transmission or storage is 100% secure. If you become aware of any security vulnerability or suspect unauthorised access to your data, please contact us immediately at info@viarguesolutions.com.

9. International Data Transfers

Our platform and infrastructure operate primarily in the United States. This includes our backend servers (Render), document storage (AWS S3), authentication (Auth0), payment processing (Stripe), and email delivery (Resend). If you access our services from outside the United States, your data may be transferred to and processed in the US. By using our services, you consent to this transfer. All processors maintain appropriate security standards to protect your personal data.

10. Children's Privacy

The Viargues Translation platform is not directed at children under the age of 16. We do not knowingly collect personal data from children under 16. If you believe a child has provided us with personal data, please contact us at info@viarguesolutions.com and we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will update the "Last updated" date at the top of this page. Where required by law, we will notify you by email or by a prominent notice on the platform.

We encourage you to review this policy periodically. Continued use of the Viargues Translation platform after changes constitutes your acceptance of the revised policy.

12. Contact

For any questions, requests, or concerns about this Privacy Policy or our data handling practices, please contact us:

Viargues Financial & AI Solutions — Privacy Contact

Email: info@viarguesolutions.com
Website: www.viarguesolutions.com
Response time: within 30 days of receipt

You also have the right to lodge a complaint with the data protection supervisory authority in your country of residence if you believe your data protection rights have been violated.