Privacy Policy

VP INVESTMENTS SRL acts as a data controller for personal data processed through this website, pre-sales communication channels, and service-delivery interactions.

This policy applies to prospective clients, existing clients, partner representatives, vendors, job candidates where applicable, and other individuals who interact with us electronically or operationally.

Where we process data strictly on behalf of a client (for example, when supporting systems controlled by that client), we may operate as a data processor under client instructions and a separate processing agreement.

We collect information directly provided by you, information created during contractual collaboration, and technical information generated through website usage.

We apply data minimization principles and collect only data reasonably necessary for legitimate business purposes, support quality, and legal obligations.

• - Identity and contact data, such as name, business email, phone number, company details, and role.
• - Project and operational data, including infrastructure requirements, service requests, incident details, delivery notes, and related communication history.
• - Billing and transaction data, such as invoicing details and payment status where required for contractual performance.
• - Technical and usage data, such as IP address, browser type, device metadata, timestamps, pages visited, referral sources, and approximate location derived from network information.
• - Security telemetry, including logs and alerts used to protect website services and investigate suspicious behavior.

Where applicable under Regulation (EU) 2016/679 (GDPR) and related national laws, we process personal data under one or more lawful bases.

The lawful basis may vary by data category and processing activity. We maintain internal records to map processing purposes to legal grounds.

• - Performance of a contract, including service delivery, support, account management, and billing.
• - Pre-contractual steps at your request, such as responding to a quotation or technical assessment request.
• - Legitimate interests, including service quality improvement, system reliability, business continuity, network defense, and fraud prevention.
• - Compliance with legal obligations.
• - Consent, where processing specifically requires prior authorization (for example, certain non-essential cookies in the EU/EEA).

We process data only for specific, explicit, and legitimate purposes connected to service delivery, website operation, and lawful business administration.

• - Responding to inquiries, quotations, and support requests.
• - Designing, delivering, and maintaining contracted services.
• - Service administration, invoicing, and operational coordination.
• - Website security, incident detection, and abuse prevention.
• - Performance measurement and user-experience improvements.
• - Regulatory, accounting, contractual, and dispute-resolution obligations.

Where Google products or services are enabled on this website (for example, analytics, advertising, tags, embedded content, or API-based integrations), we provide disclosures consistent with applicable Google policy requirements and local law.

In the European Economic Area, United Kingdom, and Switzerland, consent-sensitive Google technologies should be activated only after obtaining valid user consent when required by law, including via a compliant consent mechanism.

• - Clear notice of data collection and use for analytics or advertising purposes.
• - User controls for consent, rejection, and withdrawal where required.
• - Respect for EU User Consent principles when Google advertising or measurement products are used.
• - Contractual and configuration measures designed to avoid unauthorized data use.

We do not sell personal data. We share data only where necessary with trusted processors and service providers that support hosting, communications, analytics, infrastructure operations, or security monitoring.

We require third-party processors to handle personal data under appropriate contractual obligations, confidentiality duties, and security controls.

Where transfers outside the EEA occur, we rely on recognized safeguards (such as adequacy decisions, Standard Contractual Clauses, and supplementary controls where appropriate).

We retain personal data only for as long as needed for stated purposes, contractual commitments, legal obligations, and legitimate security interests.

Retention periods are determined according to data category, business necessity, legal requirements, and risk considerations. Data that is no longer needed is deleted, anonymized, or securely archived.

We implement technical and organizational safeguards proportionate to processing risk, including role-based access controls, credential hygiene, encryption in transit where applicable, backup protections, and incident-response procedures.

Depending on your jurisdiction, you may have statutory rights regarding your personal data, particularly under GDPR for EU/EEA residents.

Where a request cannot be fulfilled in full due to legal exemptions or overriding obligations, we will provide an explanation as required by law.

• - Right to access and obtain a copy of your personal data.
• - Right to rectification of inaccurate or incomplete data.
• - Right to erasure, where legally applicable.
• - Right to object to or restrict certain processing activities.
• - Right to data portability for applicable datasets.
• - Right to withdraw consent for consent-based processing.
• - Right to lodge a complaint with a competent supervisory authority.

Our website and business services are intended for professional and business audiences and are not directed to children.

We do not knowingly collect personal data from children under the age threshold established by applicable law without lawful authorization.

We request that users avoid submitting unnecessary sensitive personal data through general contact channels unless explicitly requested and legally justified.

For privacy-related requests, use the Contact page and provide sufficient details for identity verification and request handling.

We may request additional information where reasonably necessary to confirm identity and protect data against unauthorized disclosure.

We may revise this policy periodically to reflect legal, technical, or business changes. Material updates become effective upon publication with a revised date.