Data Protection Policy

Status: February 2023

Protection and respect to privacy is very important for us. Therefore, the rules set forth by Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC as amended from time to time (the “GDPR”) are fully respected by all entities belonging to VGP group. The principles and measures applied by VGP are contained in this data protection declaration (“Data Protection Policy”).

In this document by terms “VGP” or “us” is meant the member of VGP group, that you are in a legal relation with, as described below.

This Data Protection Policy is intended to inform you as to which personal data about you as a customer, user, subcontractor, customer representative, supplier or shareholder we can process, why said personal data are used, how they are shared, how long they are kept, what your rights are and how you can assert such rights.

  1. Which personal data do we process?

VGP is the data controller responsible for your personal information processed via our website, in the course of our business operations or when you apply to work at VGP.

We may collect personal information from you in the course of our business, including through your use of our website, when you contact or request information from us, when you engage our other services or as a result of your relationship with one or more of our legal entities or staff.

As controller, VGP will take the necessary technical and organizational measures to protect personal data.

Please note that depending on which VGP entity you contract with to provide services, a specific subsidiary of VGP may also be data controllers responsible for processing your personal information.

  1. How do we use your personal information?

We may use your information for the following purposes:

  1. Information you give to us.

We will use this information:

  • to carry out our obligations arising from any contracts entered into between you and us and to provide you with the information and services that you request from us;
  • to provide you with information about other services we offer that are similar to those that you have already used or enquired about;
  • to provide you with information about goods or services we feel may interest you;
  • to notify you about changes to our services;
  • to assess your preferences thanks to which advertising relevant to you is displayed;
      • Your data are used to assess your preferences thanks to which advertising relevant to you is displayed
      • The website uses marketing tools of third parties for this purpose:
        • Google Analytics data;
        • Google Ads;
        • Facebook;
        • LinkedIn;
        • Similar providers of analytical and marketing tools.
  • to distribute our newsletter and other commercial communications;
  • to ensure that the content from our website is presented in the most effective manner for you and for your computer/device;
  1. Information we collect about you.

We will use this information:

  • to administer our website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
  • to improve our website to ensure that content is presented in the most effective manner for you and for your computer/device;
  • to allow you to participate in interactive features of our service, when you choose to do so;
  • as part of our efforts to keep our website safe and secure;
  • to measure or understand the effectiveness of advertising we deliver to you and others, and to deliver relevant advertising to you;
  • to distribute our newsletter and other commercial communications;
  • to make suggestions and recommendations to you and other users of our website about goods or services that may interest you or them.
  1. Legal basis

Your information is being collected and processed on the following legal bases:

- If it is necessary for pursuing our legitimate interests, considering these interests are not overridden by your fundamental rights and freedoms, e.g. we use your information to know your preferences so as to be able to better personalize our product offerings, to prevent fraud and to secure our website.

- When you consented to this, e.g. if you have given your prior express consent thereto we may use your email address for sending you marketing materials or press releases.

  1. Who do we share your personal data with?

We share your personal data in the following cases:

  • when this is required by applicable laws, in particular at the request of the state authorities; and
  • when this is necessary in pursuit of our needs, in particular by law firms or other members of VGP group.

In addition, your personal data may be shared with service providers – parties which process personal data at our request or on our behalf, such as providers of ICT services, such as hosting, and supply or maintenance of computer systems and applications. Your personal data are shared with service providers under data processing agreements whereby they are required to follow our instructions.

  1. For how long do we process your personal data?

We process your personal data for as long as this is necessary to accomplish the specific purpose of processing. In some cases, we are obliged by the provisions of law to process personal data for a specific time (i.e. the obligation to retain contractual information after termination of a respective agreement). We will erase your data when we no longer need it to accomplish the purpose for which it was collected or after the expiry of the period specified in the provisions of law.

  1. Do we transfer your personal data outside the European Economic Area?

We may transfer your information to a destination outside the European Economic Area (the EEA) if that is appropriate (i) to achieve any of the purposes set out under this Data Protection Policy and/or (ii) to disclose your information to a third party in accordance with this Data Protection Policy and according to the requirements of the GDPR.

  1. What rights do you have?

You have the right to request access to your personal data, request a copy of the personal data you have submitted to us and demand that it be provided to you or other party named by you, request that your data be rectified when incomplete or incorrect; request that all or some of your personal data be erased, request restriction of the use of your personal data.

You also have the right to:

  • object, on grounds related to your particular situation, against the use of your personal data on the basis of our legitimate interests. Following such an objection, we will consider whether – on account of your particular situation – the protection of your interests, rights and freedoms overrides the interests we pursue in using your personal data. If your objection proves to be justified and there is no other legal basis for the use of the data, we will erase them.
  • withdraw your consent to the use of your personal data at any time, if we process your data based on your freely given consent.

You are also entitled to file a complaint to the competent supervisory authority.

  1. Confidentiality and the security of your personal information

We are committed to keeping the personal information provided to us secure and we have implemented appropriate information security policies, rules and technical measures to protect the personal information that we have under our control from unauthorised access, improper use or disclosure, unauthorised modification and unlawful destruction or accidental loss.

All of our partners, employees, consultants, workers and data processors (i.e. those who process your personal information on our behalf, for the purposes listed above), who have access to, and are associated with the processing of personal information, are obliged to respect the confidentiality of such personal information.

  1. Collection of information by third-party sites

Our website contains links to other sites whose information practices may be different than ours. Visitors should consult the other sites' privacy notices as VGP has no control over information that is submitted to, or collected by, these third parties.

  1. How can you contact us?

You can contact us in any matters related to the use of your personal data, also when you wish to object to the processing of your personal data and exercise your rights in this respect, by sending us an email message to: or by sending a registered letter to the statutory seat of the respective VGP entity acting as your data controller.

  1. Changes to this Data Protection Policy

We may make changes to this Data Protection Policy from time to time. To ensure that you are always aware of how we use your personal information we will update this Data Protection Policy from time to time to reflect any changes to our use of your personal information. We may also make changes as required to comply with changes in applicable law or regulatory requirements. Where it is practicable, we will notify you by email of any significant changes. However, we encourage you to review this Data Protection Policy periodically to be informed of how we use your personal information.


This Data Protection Policy is applicable for all entities of the VGP Group.