Manage agreements
Vizito allows you to digitally manage all of the agreements with your visitors. Whether they are safety instructions, NDA’s, instructional videos. Going paperless saves you from tracking and storing documents whilst saving the planet by going paperless.
Oh, it's you!
Quickly identify people using the badges that are automatically printed when visitors sign in. Add critical information and a picture to verify the authenticity of the badge.
Privacy
Obtain consents from your visitors, securely stored on the Vizito servers.
Access rights
Provide access to your visitor logbook to your colleagues. Protect the configuration by assigning the correct roles to the persons.
Data retention and deletion
Define your own policies on when visitor information needs to automatically be removed. Comply with your organisations data protection policies and GDPR.
Legal and compliance posture of your Visitor Management System (VMS)
A Visitor Management System (VMS) processes personal data every time someone signs in: name, company, host, time of arrival, and sometimes a photo or signature. That makes legal and privacy compliance a core requirement, not an afterthought. Vizito is designed from the ground up to help European organizations meet their obligations under GDPR and local data protection law.
Terms, privacy policy and DPA
Our standard Terms of Service and Privacy Policy are published on the website and apply to every customer. For business customers who need a formal contract for their records, we provide a ready-to-sign Data Processing Agreement (DPA) that sets out the roles of controller and processor, the nature of the processing, security measures, sub-processor handling, and breach notification obligations. Enterprise customers can negotiate bespoke legal terms where needed.
Data residency and sub-processors
All visitor data is stored in the European Union. We use a short list of vetted sub-processors for hosting, email delivery, SMS notifications, and error monitoring. The full list is available on request and kept up to date so your DPO always knows where data flows. We do not transfer personal data outside the EU without appropriate safeguards in place.
Retention, deletion and customer rights
Retention is fully configurable. You decide how long visitor registration records are kept before they are automatically anonymized or deleted, which helps you apply the data minimization principle under GDPR. Customers retain ownership of their data at all times and can export it in CSV or Excel format, or request deletion at the end of a contract.
- Right of access: visitors can request what data has been stored about them.
- Right to erasure: retention schedules handle this automatically; manual deletion is also possible.
- Right to rectification: administrators can correct entries directly in the dashboard.
Security and audit documentation
For procurement and security reviews, we maintain an up-to-date documentation pack covering hosting architecture, encryption in transit and at rest, backup procedures, access control, vulnerability management, and incident response. This makes it easy for your security team to assess Vizito as part of a vendor risk process and shortens the path from evaluation to go-live for your digital reception project.
