HomePrivacy Policy

Privacy Policy

1. Introduction

ValueVista Consulting (“we,” “our,” or “us”) is committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our services, or engage with us. We process personal data in compliance with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA/CPRA), and other applicable data protection laws.

2. Data We Collect

We collect several types of information from and about users of our website:

  • Identity Data: First name, last name, username, or similar identifiers.
  • Contact Data: Email address, telephone number, company name, and job title.
  • Technical Data: Internet Protocol (IP) address, browser type and version, time zone setting, browser plug-in types, operating system, and platform.
  • Usage Data: Information about how you use our website, products, and services, including page views, navigation paths, and interaction with content.
  • Marketing and Communications Data: Your preferences in receiving marketing from us and your communication preferences.

3. How We Collect Data

We use different methods to collect data from and about you including through:

  • Direct Interactions: You may give us your Identity and Contact Data by filling in forms (e.g., Contact, Newsletter, Lead Magnets) or by corresponding with us by post, phone, email, or otherwise.
  • Automated Technologies: As you interact with our website, we may automatically collect Technical Data about your equipment, browsing actions, and patterns using cookies, server logs, and other similar technologies.
  • Third Parties: We may receive personal data about you from various third parties such as analytics providers (e.g., Google Analytics) and advertising networks (e.g., Facebook, LinkedIn).

4. Legal Basis for Processing

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  • Consent: Where you have given clear consent for us to process your personal data for a specific purpose (e.g., newsletter subscription).
  • Contract: Where processing is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into a contract.
  • Legitimate Interests: Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests (e.g., network security, fraud prevention, improving our services).
  • Legal Obligation: Where we need to comply with a legal or regulatory obligation.

5. Data Retention

We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

  • Marketing Data: Retained until you opt-out or withdraw consent.
  • Client Data: Retained for the duration of the business relationship plus 7 years for tax and legal purposes.
  • Analytics Data: Retained for 26 months.

6. Your Rights (GDPR & CCPA)

Under certain circumstances, you have rights under data protection laws in relation to your personal data:

  • Right to Access: Request access to your personal data.
  • Right to Correction: Request correction of the personal data that we hold about you.
  • Right to Erasure: Request erasure of your personal data (“Right to be forgotten”).
  • Right to Object: Object to processing of your personal data where we are relying on a legitimate interest.
  • Right to Restriction: Request restriction of processing of your personal data.
  • Right to Portability: Request the transfer of your personal data to you or to a third party.
  • Right to Withdraw Consent: Withdraw consent at any time where we are relying on consent to process your personal data.

To exercise any of these rights, please visit our GDPR Rights Request page or contact us directly.

7. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to track the activity on our service and hold certain information. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent.

For detailed information on the cookies we use and the purposes for which we use them, please see our Cookie Policy.

8. Third-Party Data Sharing

We may share your personal data with the parties set out below:

  • Service Providers: Companies that provide IT and system administration services (e.g., hosting, email platforms).
  • Professional Advisers: Lawyers, bankers, auditors, and insurers.
  • Analytics & Advertising Partners: Google Analytics, Facebook (Meta), LinkedIn, for the purpose of analyzing website traffic and delivering targeted advertisements.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law.

9. Data Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way, altered, or disclosed. These measures include SSL encryption, firewalls, and strict access controls. In the event of a data breach, we have established procedures to notify you and any applicable regulator where we are legally required to do so.

10. International Transfers

We may transfer, store, and process your information in countries other than your own. Whenever we transfer your personal data out of the EEA or UK, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

  • We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data.
  • Where we use certain service providers, we may use specific contracts approved for use in the UK/EEA which give personal data the same protection it has in the UK/EEA.

11. Children’s Privacy

Our website is not intended for children under 16 years of age. No one under age 16 may provide any personal information to or on the website. We do not knowingly collect personal information from children under 16.

12. Contact Us

If you have any questions about this privacy policy or our privacy practices, please contact our Data Protection Officer (DPO) at:

Email: [email protected]