PRIVACY POLICY

A legal disclaimer

This Privacy Policy is drafted for GDPR (EU) compliance. If you target non-EU users, additional regimes (UK GDPR, Swiss FADP, CCPA) may apply. Have your lawyer confirm the applicable jurisdictions.

Privacy Policy

1. Controller and Contact

The data controller responsible for the processing of personal data on this website and in connection with our services is:

VIRTUAL.K SIA

Rozes, Mežgale, Jēkabpils nov.,

LV-5223

Registration Nr: 50203706561

hello@virtualk.co

2. Scope of This Privacy Policy

This Privacy Policy explains how we collect, use, store, and protect personal data when you visit our website, contact us via our contact form or other channels, or engage our services. It applies to all visitors to our website and all current and prospective clients.

We process personal data in accordance with the EU General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG), and other applicable data protection laws.

3. Personal Data We Collect

(a) Data you provide voluntarily

When you contact us via our contact form, email, LinkedIn, Telegram, or other channels, we collect the personal data you provide, including:

Name and surname
Email address
Company name and your role
Phone number (if you choose to provide it)
LinkedIn profile or company website (if provided)
The content of your message and any context about your business

(b) Data collected automatically when you visit our website

When you visit our website, the following information may be collected automatically:

IP address
Browser type and version
Operating system
Referring website (if any)
Pages visited and time spent on each page
Date and time of visit

This information is collected via standard server logs and, where applicable, cookies and similar technologies.

4. Purposes and Legal Bases of Processing

We process personal data only when we have a legal basis under GDPR Art. 6. The main purposes and legal bases are:

Communication with you and responding to inquiries

Legal basis: GDPR Art. 6(1)(b) (steps prior to entering a contract) or GDPR Art. 6(1)(f) (legitimate interest in responding to inquiries).

Performance of services and contract execution

Legal basis: GDPR Art. 6(1)(b) (contract performance).

Compliance with legal obligations (accounting, tax, AML)

Legal basis: GDPR Art. 6(1)(c) (legal obligation).

Website operation, security, and improvement

Legal basis: GDPR Art. 6(1)(f) (legitimate interest in operating and securing our website).

5. Data Sharing and Recipients

We do not sell personal data. We share personal data only where necessary and with appropriate safeguards. Recipients may include:

Our website host (Wix) and other technical service providers
Email and communication tool providers
Accounting, tax, and legal advisors, under professional confidentiality obligations
Sub-contractors and network partners engaged for specific service deliverables, bound by confidentiality agreements
Government authorities, where legally required

All data processors acting on our behalf are bound by data processing agreements compliant with GDPR Art. 28.

6. International Data Transfers

Some of our service providers may be located outside the European Economic Area (EEA). Where personal data is transferred to a third country, we ensure that appropriate safeguards are in place, such as:

An adequacy decision of the European Commission
Standard Contractual Clauses (SCCs)
Other appropriate safeguards under GDPR Art. 46

7. Retention Periods

We retain personal data only for as long as necessary for the purposes for which it was collected, or as required by law:

Inquiry data (where no engagement results): up to 12 months from last contact
Client data (during active engagement): for the duration of the engagement
Client data (after engagement ends): up to 10 years where required by German commercial and tax law (§ 257 HGB, § 147 AO), then deleted
Website log data: typically 7–30 days, then deleted or anonymised

8. Your Rights Under GDPR

As a data subject, you have the following rights regarding your personal data:

Right to access (GDPR Art. 15) — obtain a copy of the personal data we hold about you
Right to rectification (GDPR Art. 16) — request correction of inaccurate data
Right to erasure (GDPR Art. 17) — request deletion, subject to legal retention obligations
Right to restriction (GDPR Art. 18) — request limitation of processing
Right to data portability (GDPR Art. 20) — receive your data in a structured, machine-readable format
Right to object (GDPR Art. 21) — object to processing based on legitimate interest
Right to withdraw consent (GDPR Art. 7(3)) — where processing is based on consent
Right to lodge a complaint with a supervisory authority (GDPR Art. 77)

To exercise any of these rights, please contact us at the address provided in Section 1.

9. Security Measures

We take appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure, or destruction. These include encrypted communication channels, access controls, regular security reviews, and staff confidentiality obligations.

No system is perfectly secure. In the event of a personal data breach likely to result in risk to your rights and freedoms, we will notify affected individuals and the competent supervisory authority in accordance with GDPR Art. 33 and 34.

10. Cookies and Tracking Technologies

Our website uses cookies and similar technologies. A separate cookie banner allows you to accept or reject non-essential cookies on your first visit, and you can change your settings at any time via the cookie preferences link in our website footer.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. The current version is always available on our website with the “Last updated” date at the top. Material changes will be communicated separately to active clients.

12. Contact

If you have questions about this Privacy Policy or our handling of personal data, please contact us at: hello@virtualk.co