Last updated: May 27, 2026
These terms govern the subscription to and use of Vico, the digital check-in and virtual counter solution for car rental companies offered by Zentia Labs LLC.
Vico is a B2B SaaS product that enables car rental companies to digitize the vehicle pick-up process, biometric identity verification (KYC), electronic contract signing, damage inspection, and payment collection. Zentia Labs is not a car rental company and does not act as an intermediary between the customer and its end users (travelers).
Vico provides a digital check-in platform that includes: biometric KYC identity verification (identity document, selfie with liveness detection), generation and electronic signing of rental contracts, photographic vehicle damage inspection, payment charges and pre-authorizations, and integration with the customer’s reservation management system (RMS).
Available functionality depends on the subscribed plan, the product documentation, and any applicable master agreement or order form.
The customer (car rental company) acts as data controller for the personal data of its end users processed through Vico: identification data, liveness biometric data, damage photos, contract data, and payment data.
Zentia Labs acts as data processor for that operational data, under the customer’s documented instructions and the applicable data processing agreement.
Given the nature of biometric data (special category under Article 9 GDPR), the customer is responsible for obtaining the traveler’s explicit consent for biometric liveness verification before starting the KYC process in Vico.
Zentia Labs acts as independent controller for B2B marketing, customer account onboarding, support, billing, security, and use of its own websites and admin portals.
Vico offers the following plans:
Unless expressly stated otherwise, applicable indirect taxes (VAT, GST or equivalent), duties, and regulatory charges are not deemed included. The economic terms in force are those communicated to the customer at the time of subscription or renewal.
Zentia Labs products, software, documentation, interfaces, brands, and other product elements are owned by Zentia Labs LLC or its licensors.
The customer receives a limited, non-exclusive, revocable, and non-sublicensable license to use the service during the term of the commercial relationship and in accordance with the contract.
Each party undertakes to protect the other party confidential information with a reasonable standard of care and to use it only for performance of the commercial or technical relationship.
The customer expressly authorizes Zentia Labs LLC, on a broad, non-exclusive, worldwide, royalty-free basis, to mention its trade name and logo as a customer on the website of the contracted product (including the customer, testimonial, and case-study sections), in commercial presentations, pitch decks, press materials, owned social media, marketing campaigns, press releases, and any other communications materials, for the purpose of evidencing the customer portfolio and promoting the service.
This authorization extends to the production and dissemination of case studies describing the customer’s experience with the service in an aggregated form and with reasonable quantitative metrics (for example, percentage increase in bookings, response-time savings, NPS, conversation volume). Zentia Labs will not disclose personal data of end customers or strategic confidential information of the customer.
If the customer believes that a specific piece does not adequately reflect its positioning, it may request its amendment or withdrawal in writing; Zentia Labs will act diligently.
Each party undertakes not to make public statements that disparage the other party’s reputation.
To the maximum extent permitted by law, neither party will be liable for indirect damages, loss of profit, loss of business, loss of opportunity, reputational harm, or data loss not directly attributable to a breach by such party, nor for outages caused by third parties outside its reasonable control.
Except where liability cannot lawfully be excluded, Zentia Labs’ aggregate liability arising out of the service is limited to the amounts actually paid by the customer during the 12 months preceding the event giving rise to the claim.
The foregoing limitations and exclusions will not apply in cases of wilful misconduct or breach of confidentiality or data-protection obligations.
Each party will indemnify and hold the other harmless against third-party claims arising out of the breach of its own obligations under these terms or of the content, data, or services it contributes to the service.
These terms are governed by the laws of the State of Wyoming (United States of America), without prejudice to mandatory rules applicable to the customer by reason of its domicile.
The parties will resolve any dispute arising out of or relating to the service through the following mandatory, tiered procedure. No party may move to a later stage without first having exhausted the previous ones.
For legal, contractual, or privacy matters, contact info@virtual-counter.com.
By accepting these terms, the customer (data controller) and Zentia Labs LLC (data processor) agree to the following conditions regarding the processing of personal data carried out in the context of providing Vico.
Zentia Labs acts as data processor solely with respect to the operational data processed on behalf of the customer in the context of Vico. The customer retains its status as data controller over such data, including special-category biometric data (Article 9 GDPR).
Zentia Labs processes the customer’s personal data from the following locations: (i) United States of America (registered office and primary cloud subprocessors); (ii) Spain (authorized personnel); and (iii) Colombia (authorized personnel). By accepting these terms, the customer expressly authorizes these locations and undertakes to reflect them, where applicable law so requires, in the information provided to its end users (travelers) before the KYC process.
Zentia Labs uses the following sub-processors to deliver Vico, belonging to standard technology categories whose use the customer expressly authorizes (cloud infrastructure, storage, KYC/biometrics, payment gateway, transactional email, and observability):
Zentia Labs will notify the customer with reasonable advance notice of any material change of sub-processors with impact on the processing of personal data. The customer may object on reasonable, justified grounds; if no agreement can be reached, the customer may terminate the contract without penalty.
Biometric data is deleted once verification is completed, unless applicable law requires a longer period. Damage photos are retained for the duration of the rental contract plus the customer’s claim period. Customer account data is kept until a deletion request is made. Data derived from service use in aggregated, anonymized, or pseudonymized form may be retained for up to 24 additional months for service improvement and defence of claims.
Upon request from the controller, Zentia Labs will delete the data within a maximum period of 30 days, except where legal retention obligations apply.
The international transfers inherent to the service (United States – Spain – Colombia triangle and subprocessors outside the EEA) are governed by the safeguards recognized under applicable law, in particular the Standard Contractual Clauses (SCCs) adopted by the European Commission under Decision (EU) 2021/914, Module 2 (Controller to Processor), and the model clauses published by the Colombian Superintendence of Industry and Commerce (SIC). This DPA constitutes, by itself, the contractual safeguard mechanism between the customer and Zentia Labs. For additional transfers to subprocessors, Zentia Labs relies on the DPAs and transfer clauses published by those providers.
Upon the customer’s reasonable request, Zentia Labs will provide sufficient documentary information to evidence compliance with this DPA (description of technical and organizational measures, up-to-date list of sub-processors, valid certifications if any). Any on-site audit or additional inspection required by the customer will be carried out, upon reasonable and justified request, with at least thirty (30) days’ prior notice, without disrupting Zentia Labs’ operations, and at the customer’s expense, unless a material breach by Zentia Labs is established, in which case Zentia Labs will bear its reasonable direct costs.
Zentia Labs may process aggregated, anonymized, or pseudonymized data derived from the use of Vico for (i) provision and technical improvement of the service, (ii) internal training and evaluation of the AI models used in AI-assisted features (liveness detection, facial comparison, future damage detection), (iii) aggregated statistical analyses of the sector, and (iv) development of new features and adjacent services. In no case is identifiable biometric data used to train third-party providers’ models.
Zentia Labs will notify the customer of any security breach affecting personal data within a maximum of 72 hours from detection, providing the information needed for the customer to comply, where applicable, with its notification obligations to the competent authority and to data subjects.
This data processing agreement is incorporated by reference into these terms of service. By accepting the terms, the customer also accepts the data processing conditions described herein.