Vortex Global

Privacy Policy

Last Updated: May 10, 2024

Effective Date: May 10, 2024

Introduction

VORTEX GLOBAL VENTURES LLC ("we," "us," or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our consulting services, visit our website, or engage with us professionally.

This policy complies with the General Data Protection Regulation (GDPR) for European Union residents and relevant data protection laws including the Turkish Personal Data Protection Law (KVKK) where applicable.

Data Controller:
VORTEX GLOBAL VENTURES LLC
1000 Brickell Ave Ste 715
Miami, Florida 33131 US
Email: contact@vortexglobalventures.com

1. Information We Collect

We collect and process the following categories of personal data:

1.1 Contact Information

  • Name (first and last)
  • Email address
  • Phone number
  • Company name and title
  • Business address

1.2 Business Information

  • Company registration details
  • Business type and industry
  • Service requirements and preferences
  • Project specifications
  • Payment and billing information

1.3 Technical Data (Automatically Collected)

  • IP address
  • Browser type and version
  • Device information
  • Operating system
  • Time zone setting and location
  • Pages visited and time spent
  • Referral source

1.4 Communication Data

  • Emails and messages exchanged
  • Call records and meeting notes
  • Support tickets and inquiries
  • Feedback and survey responses

2. Legal Basis for Processing (GDPR Article 6)

We process your personal data based on the following legal grounds:

2.1 Consent (Article 6(1)(a))

For marketing communications and non-essential cookies, we obtain your explicit consent, which you may withdraw at any time.

2.2 Contract Performance (Article 6(1)(b))

Processing necessary for the performance of our consulting services contract with you or to take steps at your request before entering into a contract.

2.3 Legal Obligation (Article 6(1)(c))

Processing necessary to comply with legal obligations, such as tax reporting, fraud prevention, and regulatory requirements.

2.4 Legitimate Interests (Article 6(1)(f))

Processing necessary for our legitimate interests, including business administration, fraud prevention, and service improvement, provided your interests do not override these.

3. How We Use Your Information

We use your personal data for the following purposes:

  • Service Delivery: Providing consulting services, managing accounts, and delivering agreed-upon deliverables
  • Communication: Responding to inquiries, scheduling consultations, and providing support
  • Billing: Processing payments, invoicing, and financial record-keeping
  • Legal Compliance: Meeting tax, accounting, and regulatory obligations
  • Business Operations: Internal administration, analytics, and service improvement
  • Security: Fraud prevention, unauthorized access detection, and data protection
  • Marketing: Sending relevant service updates (with consent)

4. Data Sharing and Third-Party Processors

We do not sell your personal data. We may share your information with the following categories of recipients:

4.1 Service Providers (Data Processors)

Payment Processors

Stripe, Inc. (payment processing) - Privacy Policy

Zoho Corporation (invoicing and CRM) - Privacy Policy

Communication Tools

Email service providers for business communications

Analytics

Google Analytics (website usage data, IP anonymized) - Privacy Policy

4.2 Legal and Regulatory Disclosures

We may disclose personal data when required by law, court order, or governmental authority, including:

  • Tax authorities (IRS, state tax agencies)
  • Law enforcement agencies (with proper legal process)
  • Regulatory bodies overseeing our industry

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, personal data may be transferred to the acquiring entity, subject to the same privacy commitments.

5. International Data Transfers

As a US-based company serving global clients, your data may be transferred to and processed in the United States. We ensure appropriate safeguards are in place:

  • EU-US Data Transfers: We rely on Standard Contractual Clauses (SCCs) approved by the European Commission for transfers from the EU/EEA
  • UK Transfers: We use UK Standard Contractual Clauses for transfers from the United Kingdom
  • Technical Measures: Encryption in transit (TLS 1.3) and at rest (AES-256)
  • Organizational Measures: Data Processing Agreements with all subprocessors

6. Your Data Protection Rights (GDPR Articles 15-22)

Depending on your location, you have the following rights regarding your personal data:

Right to Access (Article 15)

You have the right to request copies of your personal data. We provide this within 30 days of receiving a verified request.

Right to Rectification (Article 16)

You have the right to request correction of inaccurate data or completion of incomplete data.

Right to Erasure / "Right to be Forgotten" (Article 17)

You have the right to request deletion of your personal data, subject to legal retention obligations (e.g., tax records must be kept for 7 years).

Right to Restrict Processing (Article 18)

You have the right to request that we restrict processing of your data under certain conditions.

Right to Data Portability (Article 20)

You have the right to request transfer of your data to another controller in a structured, machine-readable format.

Right to Object (Article 21)

You have the right to object to processing based on legitimate interests or for direct marketing purposes.

Right to Withdraw Consent (Article 7)

Where processing is based on consent, you may withdraw consent at any time without affecting the lawfulness of processing before withdrawal.

To Exercise Your Rights: Email us at contact@vortexglobalventures.com with "Data Subject Request" in the subject line. We respond within 30 days.

7. Data Retention

We retain personal data only as long as necessary for the purposes outlined in this policy:

  • Active Clients: Duration of service agreement plus 7 years (tax record requirements)
  • Former Clients: 7 years after service termination (legal and tax obligations)
  • Prospects/Inquiries: 2 years from last contact, then anonymized or deleted
  • Website Analytics: 26 months (Google Analytics default), then aggregated
  • Communication Records: 7 years for business documentation

After the retention period expires, personal data is securely deleted, anonymized, or archived according to our data retention schedule.

8. Cookies and Tracking Technologies

Our website uses the following types of cookies:

8.1 Essential Cookies (Required)

These cookies are necessary for the website to function and cannot be disabled. They include:

  • Session management cookies
  • Security cookies (CSRF protection)
  • Load balancing cookies

8.2 Analytics Cookies (Optional - With Consent)

These cookies help us understand how visitors interact with our website:

  • Google Analytics (anonymized IP, no cross-site tracking)
  • Website performance monitoring

8.3 Marketing Cookies (Optional - With Consent)

We do not currently use marketing or advertising cookies. Any future implementation will require explicit consent.

Cookie Consent: By using our website, you consent to essential cookies. Analytics cookies require separate consent, which can be managed through our cookie banner or by contacting us.

9. Data Security

We implement appropriate technical and organizational measures to protect your personal data:

  • Encryption: TLS 1.3 for data in transit, AES-256 for data at rest
  • Access Controls: Role-based access, multi-factor authentication (MFA)
  • Network Security: Firewalls, intrusion detection, regular vulnerability assessments
  • Data Minimization: We collect only necessary data and limit retention
  • Employee Training: Regular data protection and security awareness training
  • Incident Response: Breach notification procedures compliant with GDPR (72-hour rule)

Despite our safeguards, no internet transmission is 100% secure. We encourage you to use strong passwords and protect your account credentials.

10. Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a minor, please contact us immediately for deletion.

11. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will:

  • Post the updated policy on this page with a new "Last Updated" date
  • Notify active clients of material changes via email
  • Obtain renewed consent where required by law

We encourage you to review this policy periodically. Continued use of our services after changes constitutes acceptance of the updated policy.

12. Contact Information and DPO

For privacy-related inquiries, exercising your rights, or complaints:

VORTEX GLOBAL VENTURES LLC

Attn: Data Protection Officer

1000 Brickell Ave Ste 715

Miami, Florida 33131 US

Email: contact@vortexglobalventures.com

Phone: +1 (305) 555-0198

EU/EEA Residents: You also have the right to lodge a complaint with your local supervisory authority.