Privacy Policy

Visio Consultancy Limited, owner of www.visio-consultancy.com (the “Website”), respects your privacy.

The terms “you” and “your” means you, the visitor of this Website.

Please read the following to learn more about our Privacy Policy. This Privacy Policy describes how we process your personal data. Please be aware that this Privacy Policy is applicable only to our Website. If you decide to use our services or become our client, a separate privacy policy will be provided to explain how we handle your data in that respect.

This Privacy Policy complies with all applicable laws and regulations, including rules and principles provided in the Data Protection Act (Cap 586 of the Laws of Malta) and the Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27th, 2016, on the protection of natural Persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as the “GDPR”). For the purposes of this Privacy Policy, “personal data” shall have the meaning ascribed to it under the GDPR.

Who we are

The data controller of this Website is Visio Consultancy Limited, a private limited liability company organised and existent under the laws of the Republic of Malta, enrolled with the Malta Business Registry under registration number C 108583, with its registered office at Level 6, Quantum Place, Triq ix-Xatt, Gzira, GZR 1020, Malta (“we”, “us”, “our”).

You may submit inquiries regarding personal data protection, privacy and security matters to [email protected].

Information We Collect

As a general rule, we do not collect any personal data, that is, information that identifies you as an individual, other than that which you choose to provide to us or any member of our team, such as the data, including contact details, you provide when contacting us with enquiries relating to our services or otherwise.

Nonetheless, the collection of data relies on the circumstances under which you interact with us and on your choices.

However, we may request you to provide personal data in order to facilitate the services you request. You are under no obligation to provide this information. Should you choose to share your personal data with us, the following categories of data will be collected and processed solely for the purpose of responding to your inquiries or providing the requested services:

  1. If you contact us or any member of our team via the contact details found on our Website, we may collect personal data such as your name and email address.
  2. Your data will also be collected when we communicate with you, so we may personalise the content of such communications.

Some information is automatically collected when you visit or use our Website, such as your IP address and browser user-agent. We may also install cookies and analytic tools. For more information on cookies, please read our Cookies Policy.

How We Use Your Information?

We use the data, whether collected by us or provided by you, to provide you with a personalised experience, improved Website and periodic e-mails. We use such data especially to:

  1. Provide our services and maintain the relationship between you and us;
  2. Improve our marketing efforts;
  3. Personalise our services;
  4. Provide advertisement and marketing experience directly relevant to you, including, without limitations, targeted advertisement and promotional communications;
  5. To prevent, detect and fight fraud or other illegal or unauthorised activities.

In addition to the foregoing, we may also eventually use the data for conducting certain analysis of our business and researches to make informed business decisions, to meet our legal obligations, and for other legitimate purposes.

To carry out the use of information for these purposes, we employ automated as well as manual processing methods.

If at any time you would like to unsubscribe from receiving future e-mails, you can do so by contacting us using the e-mail provided in Section 1.

Sharing of Personal Data

We will share your personal data solely to fulfil any requests or provide services you have authorised. This sharing may extend, where necessary, to our internal team members or trusted service providers assisting us in responding to your inquiries. However, we do not share your personal data with third parties beyond these necessary interactions.

We will also share your personal data if required by law, to comply with legal process and to protect ours and our clients’ rights.

Legal Basis

Legal bases for processing (under the GDPR provisions). If you are an individual located in the European Economic Area (EEA), we collect and process your personal data only when we have a valid legal basis to do so under the applicable EU laws. The legal bases for processing your data depend on the services you request and how you interact with us. We process your data based on the following grounds:

  1. To provide you with the requested service, such as responding to your inquiries or providing information via email, telephone or other communication channels;
  2. Legitimate interests, which are not overridden by your data protection rights, such as for communication purposes, improving our services, or protecting our legal rights and interests;
  3. Your consent, where you have explicitly agreed to the processing for a specific purpose (e.g., subscribing to marketing communications);
  4. Compliance with legal obligations, where we are required to process your data to meet legal, regulatory, or contractual requirements.

We will not intentionally collect any information from anyone under eighteen (18) years of age. Our Website and services are all directed at people who are at least eighteen (18) years old.

Personal Data Protection

We implement the following technical, physical and organizational measures to maintain the safety of your personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorised use, unauthorised modification, disclosure or access and against all other unlawful forms of processing.

We regularly monitor our systems for possible vulnerabilities and attacks and review your information, storage and processing practices to update our technical, physical and organizational measures.

In order to ensure that our systems and your information are protected the following measures are involved: storage of confidential data in encrypted form.

Confidentiality. All personnel are subject to full confidentiality and any subcontractors and sub-processors are required to sign a confidentiality agreement if full confidentiality is not part of the main agreement between the parties.

Transparency. We will at all times keep you informed about changes to the processes to protect data privacy and security, including practices and policies. You may at any time request information on where and how data is stored, secured and used.

The ability to intervene. We enable your rights of access, rectification, erasure, blocking and objection by offering you the option to send instructions to the following e-mail address [email protected].

Monitoring. We use security reports to monitor access patterns and to proactively identify and mitigate potential threats. Administrative operations, including system access, are logged to provide an audit trail if unauthorised or accidental changes are made.

Cookies and similar technologies. Cookies are small text files placed on your device to store data that can be recalled by a web server in the domain that placed the cookie. We use cookies and similar technologies for storing and honouring your preferences and settings, providing interest-based advertising, combating fraud, analysing how our Website and services perform, and fulfilling other legitimate purposes. Other similar technologies may be used by us for the purpose of gathering usage and performance data, including trusted third parties’ technologies.

Personal Data breach notification. In the event that your data is compromised, we will notify you and the competent Supervisory Authority(ies) within seventy-two (72) hours by e-mail with information about the extent of the breach, affected data, as well as our action plan for measures to secure the data and limit any possible detrimental effect on the data subjects.

“Personal data breach” means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed in connection with this Privacy Policy.

Disclosure of Information to Third party

We do not sell, trade or otherwise transfer to outside parties any personally identifiable information.

This does not include trusted third parties or subcontractors who assist us in operating our Website, conducting our business, or servicing you. Such trusted parties may have access to personally identifiable information on a need-to-know basis and will be contractually obliged to keep your information confidential.

We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect our or others’ rights, property, or safety.

We will monitor subcontractors’ and sub-processors’ maintenance of these standards and audits to ensure that data protection requirements are fulfilled.

Legally required disclosure. We will not disclose your data to law enforcement except when instructed by you or where it is required by law. When governments make a lawful demand for customer data from us, we strive to limit the disclosure. we will only release specific data mandated by the relevant legal demand.

If compelled to disclose your data, we will promptly notify you and provide a copy of the demand unless legally prohibited from doing so.

Disclosure of data to non-EEA countries. we may share personal data with third parties based in non-EEA countries other than the United Kingdom or Switzerland. Where personal data is transferred from the EU to non-EEA countries, the provisions included in Chapter V of GDPR will be applied, in order to ensure the level of protection of natural persons guaranteed by the GDPR is not undermined. In this case, we ensure that the recipient has an adequate level of data protection according to the adequacy decision by the European Commission for the respective country. In the absence of such adequacy decision, we may transfer personal data only if the recipient has provided appropriate safeguards, such as a legally binding and enforceable instrument between public authorities or bodies; a binding corporate rule; or, the compliance with standard data protection clauses approved by the Commission. Where personal data is transferred from the EU to non-EEA, we will separately sign an addendum with such third parties, according to the standard data protection clauses approved by the Commission, namely Standard Contractual Clauses for the transfer of personal data to processors established in third countries or/and Standard Contractual Clauses for the transfer of personal data from the Community to third countries (controller to controller transfers), about such transfer which shall form an integral part of this Privacy Policy.

Third-party Links

Occasionally, at our discretion, we may include or offer third party products or services on our Website. These third-party sites have separate independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked websites. Nonetheless, we seek to protect the integrity of our Website and welcome any feedback about these websites.

Where Do we Store the Information

Personal data location. All data is stored in databases and file repositories hosted in [banahosting, USA].

Access, Data Portability, Migration, and Transfer Back Assistance

You may at any time obtain confirmation from us as to whether or not personal data concerning you is being processed.

You may at any time order a complete data copy, which you may transmit to another controller of the data. Your data will be delivered by us within thirty [30] working days, and free of any charges.

Request for Rectification, Restriction or Erasure of the Personal Data

Rectification. You may at any time obtain without undue delay rectification of inaccurate personal data concerning you as per clause 6.6.

Restriction of processing Personal Data. You may at any time request us to restrict the processing of personal data when one of the following applies:

    1. if you contest the accuracy of the personal data, for a period enabling us to verify the accuracy of the personal data;
    2. if the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead; or
    3. if we no longer need the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defence of legal claims.

    Erasure. You may without undue delay request the erasure of personal data concerning you, and we shall erase the personal data without undue delay when one of the following applies:

    1. if the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
    2. if you withdraw your consent on which the processing is based, and where there is no other legal ground for the processing;
    3. if you object to the processing in case the processing is for direct marketing purposes;
    4. if the personal data have been unlawfully processed; or
    5. if the personal data have to be erased for compliance with a legal obligation in EU or national law.

    Data Retention

    Data retention policy. We store your data as long as is necessary to provide our services or we have a legitimate interest in further storage. we will keep data that we must keep in order to meet contractual or statutory retention periods (tax, penal, commercial, and invoices).

    Data retention for compliance with legal requirements. You cannot require us to change any of the default retention periods, except for the reasons for erasure pursuant to clause 11.3.

    Data restitution and/or deletion. When we have no ongoing legitimate interest, we anonymise your information, unless we must keep it to evidence our compliance with applicable laws. For instance:

      1. we will keep your data in the event of an outstanding issue, claim, or dispute requiring us to keep the relevant information until it is resolved; or
      2. the information must be kept for our legitimate business interests, such as fraud prevention, and enhancing users’ safety and security.

      Cooperation

      We will cooperate with you in order to ensure compliance with applicable data protection provisions, e.g. to enable you to effectively guarantee the exercise of data subjects’ rights (right of access, rectification, erasure, blocking, opposition), to manage incidents including forensic analysis in case of security breach.

      Terms of Service

      Please also visit our Terms & Conditions section establishing the use, disclaimers, and limitations of liability governing the use of our Website.

      Your Consent

      By using our Website, you consent to this Privacy Policy and to our Cookies Policy.

      Changes to Our Privacy Policy

      If we decide to change our Privacy Policy, we will post those changes on this page, and/or update the Privacy Policy modification date below.

      This Privacy Policy was last modified on February 28th, 2025.

      Complaint

        You may at any time lodge a complaint with a supervisory authority regarding ourcollection and processing of your personal data.