legal

Privacy Policy

Last updated: February 23, 2026

1. Introduction

This Privacy Policy explains how Vividigit ("we", "us", "our") collects, uses, stores, and protects your personal data when you visit our website at vividigit.com or use our services. We are committed to protecting your privacy and handling your data transparently in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

2. Data Controller

Vividigit is the data controller responsible for processing your personal data. If you have questions about this policy or your data, contact us at:

3. What Data We Collect

We collect the following categories of personal data:

Data you provide directly:

  • Contact form submissions — name, email address, company name, phone number, and message content when you reach out to us
  • Service orders — project details, service selections, tier choices, and language/country preferences submitted through our order cart
  • Communication data — emails, messages, and any information you share when communicating with our team

Data collected automatically:

  • Usage data — pages visited, time spent on pages, click patterns, referral source, and navigation paths
  • Device data — browser type and version, operating system, screen resolution, and device type
  • Network data — IP address, approximate geographic location (country/city level), and internet service provider
  • Cookies and similar technologies — see Section 7 below

4. How We Use Your Data

We process your personal data for the following purposes:

  • Service delivery — to process your orders, deliver marketing services, and communicate about project progress
  • Responding to inquiries — to answer questions submitted through contact forms or email
  • Website improvement — to analyze how visitors use our website and improve user experience
  • Marketing communications — to send relevant updates about our services, only with your explicit consent
  • Legal compliance — to meet our legal obligations and protect our legitimate interests

5. Legal Basis for Processing

Under the GDPR, we process your personal data based on the following legal grounds:

  • Consent (Art. 6(1)(a) GDPR) — for marketing communications and non-essential cookies. You can withdraw consent at any time.
  • Contract performance (Art. 6(1)(b) GDPR) — to deliver services you have ordered and process your requests
  • Legitimate interest (Art. 6(1)(f) GDPR) — for website analytics, security, and service improvement, where our interests do not override your fundamental rights
  • Legal obligation (Art. 6(1)(c) GDPR) — to comply with applicable laws and regulations

6. Data Sharing and Third Parties

We do not sell your personal data. We share data only with the following categories of service providers who process data on our behalf:

  • Google Analytics (Google LLC) — website analytics and traffic measurement. Google may transfer data to the US under Standard Contractual Clauses. Google Privacy Policy
  • Google Tag Manager — tag management for analytics scripts
  • Hosting provider — our website hosting infrastructure processes server logs containing IP addresses
  • Email service provider — for sending transactional and marketing emails

We require all third-party providers to process your data in accordance with applicable data protection laws and our instructions.

7. Cookies and Tracking

Our website uses cookies and similar tracking technologies:

  • Essential cookies — required for basic website functionality (e.g., order cart state stored in localStorage)
  • Analytics cookies — Google Analytics cookies to understand website usage patterns. These cookies collect aggregated, anonymized data about page views, session duration, and user interactions.

We are implementing a consent management platform to give you granular control over non-essential cookies. In the meantime, you can manage cookies through your browser settings.

8. Data Retention

We retain your personal data only as long as necessary for the purposes described in this policy:

  • Contact form data — 2 years after last communication, or until you request deletion
  • Service order data — duration of the business relationship plus 7 years for tax and legal compliance
  • Analytics data — 26 months (Google Analytics default retention period)
  • Marketing consent records — until consent is withdrawn, plus 3 years for compliance documentation

9. Your Rights

Under the GDPR, you have the following rights regarding your personal data:

  • Right of access — request a copy of the personal data we hold about you
  • Right to rectification — request correction of inaccurate or incomplete data
  • Right to erasure — request deletion of your personal data ("right to be forgotten")
  • Right to restrict processing — request that we limit how we use your data
  • Right to data portability — receive your data in a structured, machine-readable format
  • Right to object — object to processing based on legitimate interests, including profiling
  • Right to withdraw consent — withdraw consent at any time without affecting prior processing

To exercise any of these rights, contact us at mail@vividigit.com. We will respond within 30 days. If you believe your rights have been violated, you have the right to lodge a complaint with your local data protection authority.

10. International Data Transfers

Some of our service providers may transfer data outside the European Economic Area (EEA). Where this occurs, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the European Commission and adequacy decisions where applicable.

11. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, destruction, or alteration. These measures include encrypted data transmission (HTTPS), secure hosting infrastructure, and access controls limiting data access to authorized personnel only.

12. Children's Privacy

Our services are not directed at individuals under 16 years of age. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will post the updated policy on this page with a revised "Last updated" date. We encourage you to review this policy periodically.

14. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data protection rights, please contact us: