Please note that this policy applies solely to www.vanta.club and not to any linked websites not owned or controlled by us.
Our Dedication to Your Data and Data Protection
We value your privacy and handle personal data with care. Personal data refers to information related to an identified or identifiable individual, such as your name, birthdate, email address, postal address, or phone number. It also includes online identifiers like your IP address. However, general information not tied to your identity, like the number of website users, is not considered personal data.
We uphold all relevant data protection laws, including the British Virgin Islands' Data Protection Act (DPA) and the General Data Protection Regulation (GDPR). This policy outlines how we use your personal data.
While we primarily use your personal data as described in this policy and within the bounds of the law, we might use it for additional purposes required by law or for legal and criminal investigations. If this occurs, we will inform you and seek your consent as necessary.
In the following sections, we'll explain how we process your personal data when you visit our website.
Applicable Legal Grounds
According to the DPA and GDPR, the following legal grounds apply to processing your personal data:
- We process data with your consent (Art. 6 para. 1 lit. a) and Art. 7 GDPR).
- Data processing to fulfill services, contractual obligations, and respond to inquiries (Art. 6 para. 1 lit. b) GDPR).
- Processing to meet legal obligations (Art. 6 para. 1 lit. c) GDPR).
- Data processing to protect our legitimate interests (Art. 6 para. 1 lit. f) GDPR).
Both the DPA and GDPR grant you standardized rights, including:
- The right to information (Article 15 GDPR).
- The right to correct inaccuracies (Article 16 GDPR).
- The right to erasure (Article 17 GDPR).
- The right to limit data processing (Article 18 GDPR).
- The right to data portability (Article 20 GDPR).
- The right to object to data processing (Article 21 GDPR).
- The right to withdraw consent (Art. 7 (3) GDPR).
- The right to lodge a complaint with a supervisory authority (Art. 77 GDPR).
Feel free to reach out to us for questions, suggestions, and to exercise your data protection rights.
How We Use Your Personal Data and Legal Basis
a) Log Files
We gather access data transmitted by your browser to improve our website. This data includes session details, IP address, browser version, operating system, website-specific settings, and more. This information helps us optimize our website and safeguard it against potential attacks. Our lawful basis for processing this data is our legitimate interest in presenting you with a well-functioning website and maintaining server communication.
Our website's hosting is handled by Catalyst Host LLC, who processes data to support website functionality and contract-related services. Our lawful basis for this processing is our legitimate interest in efficiently providing secure website services.
c) Contact Requests
When you contact us, we process your information to address your inquiries. Your data might be stored in a customer relationship management system. We delete unnecessary inquiries, adhering to legal archiving obligations. Our lawful basis for processing is fulfilling contractual obligations.
d) Business-Related Processing
We process contract and payment data for contractual services, customer care, and marketing. Our legal basis for this processing is fulfilling contractual obligations.
e) Contractual Services
We process customer data for our contractual services, including inventory, contact, content, contract, and payment data. We retain this data as required by law or for service evaluation. Our legal basis for this processing is fulfilling contractual obligations.
f) Careers and Applications
If you apply for a role, we process your application data for evaluation and potential employment. Successful applications are retained as part of personnel files. Unsuccessful applications may be retained for legal defense purposes. Our legal basis varies based on application status.
g) Cookies and Similar Technologies
Sharing Your Personal Data
We share your data only as needed for our services or with your consent. We may outsource data processing to external providers, who must follow our instructions and ensure data security.
Your data may be disclosed to third parties when required by law, legal investigations, or protecting our legitimate interests.
Data Storage and Retention
We store your data as long as necessary for its intended purpose, complying with retention periods. Exceptions include cases where longer storage is necessary to address legal claims.
International Data Transfers
We mainly process data within the British Virgin Islands and EEA. If data is transferred outside these regions, we ensure its security.
We don't use automated decision-making that impacts you.
We use your data for contract-related communication and, if you've consented, for consultation and quotation purposes.
Security and Confidentiality
We use industry-standard measures to protect your data.
When processing your data as a data intermediary, we follow instructions and protect it accordingly.
We maintain online presence to communicate with users. We process your data if you interact with us on social networks.
Personal Data and Children
Our services are for those 18 and older. We don't knowingly collect data from minors without parental consent.
Links to Other Websites
We're not responsible for other websites' privacy practices.
This policy may change; check it regularly for updates.
For questions, rights enforcement, or more information, reach us at the provided contact details.