Privacy Policy

Effective date: 19 April 2025

We respect your privacy.
This Privacy Policy explains how we collect, use and protect personal data when you visit our website (the “Site”) or interact with us about our managed IT services (the “Services”).

1) Who we are (Data Controller)

Controller: Visera P.S.A., Grunwaldzka Ave. 472 (Olivia Gate A), 80-309 Gdańsk, Poland
Email: office@visera.digital
Data Protection Officer / Privacy Contact: Privacy Team, office@visera.digital

If we provide Services to you as a business client, we typically act as a data processor for end‑customer or employee data we handle on your behalf (see Section 11). For this Site and for our own marketing, billing and account management, we act as a data controller.

2) Scope

This Policy covers personal data processed when you:

  • browse the Site;
  • submit a contact form or book a call;
  • subscribe to a newsletter or download materials;
  • interact with our support desk;
  • are a representative of a current or prospective client or vendor.

3) Data we collect

Data you provide: name, business email, phone, company, role, message content, preferences/consents, support tickets and attachments, billing details for contracting.

Data we obtain automatically: IP address, device/browser info, cookies, pages visited, timestamps, referral URLs, error logs.

Data from third parties: business contact info from referrals or public sources (e.g., LinkedIn), conference attendee lists (where lawful), and service providers we use for analytics, CRM or helpdesk.

We do not intentionally collect special categories of data via the Site.

4) Purposes & legal bases (GDPR)

  • Provide the Site and ensure security (logs, fraud prevention, uptime monitoring): legitimate interests (Art. 6(1)(f)).
  • Respond to enquiries / pre‑contract steps (contact forms, demos, proposals): contract or pre‑contract (Art. 6(1)(b)) and legitimate interests (B2B sales) (Art. 6(1)(f)).
  • Deliver Services to clients (account/admin communications, support): contract (Art. 6(1)(b)).
  • Marketing communications (newsletters, event invites): consent (Art. 6(1)(a)); you may withdraw consent at any time.
  • Compliance (tax, accounting, legal claims): legal obligation (Art. 6(1)(c)) and legitimate interests (Art. 6(1)(f)).

We do not perform automated decision‑making or profiling that produces legal or similarly significant effects.

We use cookies and similar technologies to operate the Site, remember preferences, analyze traffic and, where you agree, to improve marketing effectiveness.

Types:

  • Strictly necessary (always on) – required for the Site and security.
  • Functional – remember settings and improve experience.
  • Analytics – measure usage (e.g., pages, events); set only with consent where required.
  • Marketing – tailor content/campaigns; set only with consent.

Manage choices at any time via the Cookie Settings link in the footer. For details, see our Cookie Policy.

6) Disclosures (recipients)

We share data only with trusted recipients, under contracts and appropriate safeguards:

  • Hosting & infrastructure (e.g., cloud/managed hosting, CDN, email delivery).
  • Service operations (helpdesk/ticketing, monitoring/RMM, CRM, e‑signature).
  • Analytics & performance (privacy‑respecting analytics, A/B testing—if used).
  • Professional advisors (legal, accounting), and authorities where required by law.
  • Group companies (if applicable) for internal administration.

[Upon request we will provide a current list of key subprocessors.] We do not sell personal data.

7) International transfers

Where data is transferred outside the EEA/UK (e.g., to service providers in the US), we use approved safeguards such as Standard Contractual Clauses (SCCs), and additional measures where appropriate. You can contact us for a copy of relevant safeguards.

8) Retention

  • Web server logs: 30–90 days.
  • Analytics data: up to 14 months (or shorter where configured).
  • Enquiries and sales correspondence: up to 24 months after last contact.
  • Contract, billing, support records: for the contract term and statutory limitation/tax periods.
  • Marketing preferences/consents: while valid and a short period thereafter for audit.

9) Security

We apply technical and organisational measures appropriate to the risk, including access controls, MFA, encryption in transit/at rest (where supported), network segmentation, backup/restore testing, logging and regular reviews. No method is 100% secure, but we work to reduce risk and impact.

10) Your rights (GDPR/UK GDPR)

You may have the right to access, rectify, erase, restrict processing, object (including to direct marketing), and data portability. Where processing relies on consent, you may withdraw it at any time. You also have the right to lodge a complaint with your local authority; in Poland this is the President of the Personal Data Protection Office (UODO). We will respond to requests within the time limits set by law.

To exercise your rights, email office@visera.digital.

11) When we act as a processor (B2B Services)

For managed IT Services we typically act as your processor and process personal data (e.g., employee accounts, system logs, incident data) only on your documented instructions and under a Data Processing Agreement (DPA). We support security, access management, backups and incident handling according to the contract and DPA.

12) Children

The Site and Services are intended for business users. We do not knowingly collect data from children under 16. If you believe a child provided personal data, contact us to delete it.

13) Third‑party sites

Our Site may contain links to third‑party websites or services. Their privacy practices are governed by their own policies.

14) California privacy notice (CPRA)

We are a B2B provider and do not sell or share personal information for cross‑context behavioral advertising. California residents can contact us to exercise applicable rights under the CPRA.

15) Changes to this Policy

We may update this Policy from time to time. We will post the new version with a new effective date and, where appropriate, notify you by email or on the Site.

16) How to contact us

Questions or requests about this Policy: office@visera.digital or Visera P.S.A., Grunwaldzka Ave. 472 (Olivia Gate A), 80-309 Gdańsk, Poland.

Cookie Settings