Privacy Policy

Effective 4 May 2026 · PTA Solutions (“we”, “us”, “our”)

This Privacy Policy describes how PTA Solutions (“we”, “us”, “our”) collects, uses, shares, stores, and otherwise processes personal information when you use PMS VB (the “Service”)—including web, desktop, or mobile clients that connect to the Service for project and document management, collaboration, and related features.

Introduction

We are committed to protecting your privacy. This policy applies to personal information we process in connection with the Service. Depending on where you live, additional rights may apply (see Your rights).

Where we act only as a processor on behalf of an organization customer (your employer or client), that customer’s privacy notice may also apply, and they may instruct us how to handle certain categories of data. This policy supplements those arrangements for our own processing as a controller where applicable.

Information we collect

We collect categories of personal information depending on how you interact with PMS VB, which may include some or all of the following:

• Account and identity data: name, username, email address, phone number (if provided), role, organizational affiliation, identifiers assigned by Single Sign-On (SSO), and authentication signals.
• Organization and billing data: company name, billing contact, invoicing identifiers, and payment-related metadata processed by payment providers (not full card numbers when using a PSP).
• Usage and diagnostics: app and feature usage, timestamps, coarse device or browser type, approximate region from IP address, logs, crash reports, and security telemetry.
• Content you provide: files, metadata (titles, folders, labels), comments, approvals, audit trail entries, and other materials uploaded or entered into workspaces.
• Communications: support tickets, surveys, emails, chat messages you send us, and records necessary to fulfil your requests.

Providing certain information may be mandatory to create accounts or fulfil contracts; refusal may prevent us from delivering portions of the Service.

How we use information

We process personal information to:

• Provide, operate, maintain, personalize, and improve PMS VB;
• Create and manage workspaces, folders, templates, approvals, audits, retention rules, permissions, and search;
• Authenticate users and enforce organizational policies and access controls;
• Prevent fraud, abuse, and misuse; investigate incidents; comply with lawful requests;
• Communicate about the Service, security updates, outages, onboarding, billing, support, legal notices,
• Analyze aggregated or de‑identified usage to benchmark reliability and roadmap improvements;
• Comply with law, contractual obligations (including subcontractor requirements), regulatory guidance.

Legal bases (where applicable)

For users protected by regimes such as the EU/UK GDPR, we rely on one or more of:

• Contract: processing necessary to deliver the Service you or your organisation requested;
• Legitimate interests: securing the Service, improving performance, enforcing terms, billing;
• Legal obligation: complying with subpoenas or regulatory mandates;
• Consent: where legally required—for example certain marketing analytics or cookies— and you may withdraw consent without affecting lawful processing beforehand.

How we share information

We may disclose personal information to:

• Service providers/subprocessors: hosting, storage, OCR or document AI, messaging, email delivery, observability, customer support tooling, billing, backups, penetration testing—with contracts that limit use to our instructions where required.
• Corporate customers/admins: account owners may access activity within their tenant as permitted by their agreement and Role-Based Access Controls.
• Professional advisers: lawyers, auditors, insurers under confidentiality commitments.
• Authorities: when we believe disclosure is necessary to comply with law, safeguard users, investigate fraud or security incidents, or defend legal claims.
• Corporate transactions: merger, financing, divestiture—we will provide notice consistent with law before your information becomes subject to materially different protections.
• An updated list of subprocessors may be maintained at a URL provided by PTA Solutions.

Retention

We retain personal information only so long as needed for purposes described herein, contractual retention commitments, backup or disaster‑recovery timelines, audits, unresolved disputes, and legal obligations:

• Account data retained while accounts are active and a reasonable cooling‑off thereafter;
• Workspace content according to customer configuration, legal holds, or automated retention policies;
• Security logs for a period appropriate to detect abuse and satisfy incident response expectations;
• Marketing records until you opt out or applicable law requires deletion.

Aggregated or de‑identified data may be kept without time limit where permitted.

Security

We implement administrative, technical, and organizational measures designed to protect personal information—encryption in transit, access controls, least‑privilege engineering practices, monitoring, vendor reviews, and security training. No method of transmission or storage is 100% secure; if you discover a vulnerability, contact us promptly at privacy@pmsvb.pta.solutions.

International transfers

We may process data in countries other than your own. Where required, we use appropriate safeguards such as Standard Contractual Clauses, adequacy decisions, or other mechanisms recognized by applicable law. You may request further detail by contacting privacy@pmsvb.pta.solutions.

Your rights

Depending on jurisdiction, you may have rights to access, rectify, erase, restrict processing, object, data portability, withdraw consent, or lodge a complaint with a supervisory authority. Organization administrators may need to action certain requests on behalf of enterprise tenants. To exercise rights, email privacy@pmsvb.pta.solutions; we will respond within statutory timelines and may need to verify identity.

Children

PMS VB is not directed to children under 13 (or the higher age required locally). We do not knowingly collect personal information from children. If you believe we have, contact us and we will delete it promptly.

Third‑party services

The Service may link to or embed third‑party sites, identity providers, or analytics not controlled by PTA Solutions. Their practices are governed by their own policies. Review App Store / Play Data Safety and similar disclosures aligned with integrations you enable.

Changes to this policy

We may update this Privacy Policy periodically. Material changes will be communicated through the Service, admin notifications, email, or a prominent notice consistent with applicable law before they take effect whenever required.

Contact

PTA Solutions — privacy inquiries:

privacy@pmsvb.pta.solutions

For a postal address or other regulatory contact details, please request them at privacy@pmsvb.pta.solutions.