Privacy Notice

EFFECTIVE: DEC 9, 2024


Very Good Security, Inc. ("VGS", "Company, "We", "Us", or "Our") is committed to protecting your privacy and the privacy of the information that you share with VGS.

Very Good Security complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF, the UK Extension to the EU-U.S. Data Privacy Framework (UK Extension to the EU-U.S. DPF), and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union, the United Kingdom, and Switzerland to the United States. Very Good Security has certified to the Department of Commerce that it adheres to the Data Privacy Framework Principles. You can review our Data Privacy Framework Privacy Notice here. Additionally, you can also review our HR specific privacy notice here

What data does VGS collect?

VGS collects the following information in order to provide services to businesses:

VGS customer information:

  • Company Name
  • Contact Name(s)
  • Business details
  • Business address
  • Business email address
  • Business telephone number
  • VGS username and password
  • Other identifying information you choose to share with us

VGS customer financial information:

  • Bank Account Information
  • Credit Card Information
  • Other payment instrument information

Website and device information:

  • IP addresses and other device information
  • General location information
  • How you interact with the VGS website
  • Referring URL

How does VGS collect your data?

VGS collects your data, when you:

  • Create a VGS account online or place an order for any of our products or services.
  • Create a sandbox in VGS’s vault
  • Request information on VGS and its products and services
  • Subscribe to our newsletter
  • Sign up for a VGS webinar
  • Voluntarily complete a customer survey or provide feedback on any of our message boards or via email.
  • Use or view our website via
    • Cookies, third party cookies
    • Web beacons
    • Device ID

How does VGS use your data?

VGS uses your data to:

  • Fulfill contractual obligations
  • Verify your identity and usage of the service
  • Provide support
  • Provide personalized communication about VGS and its services
  • Manage billing and payment VGS services
  • Verify qualifications of prospective customers
  • Monitor use of the VGS Website and improve the user’s experience on the Website
  • Email you with special offers on other products and services we think you might like
  • Prevent and investigate fraud, illegal or prohibited activities, security issues, and suspicious activities
  • To secure your or your client information and maintain your accounts with VGS
  • To send you notices and updates
  • To enforce our terms and any other agreements between you and us
  • To improve and maintain our Services
  • To personalize the Services
  • To monitor and analyze usage and activities in or related to our Services.
  • To comply with any applicable laws or legal processes.
  • To collect payment for Services.

Limited Use disclosure

VGS use of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

With whom does VGS share your data?

VGS shares your data with third parties as follows:

  • Based on your instructions whether provided:
    • Through normal use of our Site or Services;
    • In response to notification from us describing how we will share information and your subsequent provision of such information;
    • or as otherwise specifically requested by you.
  • With your company or company contact based on the information provided during your registration or as updated by an approved representative of your company.
  • To collect payment due for provision of the Services.
  • With VGS service providers, such as email service providers that perform marketing services on behalf of VGS, and fraud prevention or security service providers that use the information to help prevent, detect, and/or address malicious activity.
  • With relevant law enforcement officials or 3rd parties (e.g. auditors or investigators) to investigate fraud or malicious activity.
  • With relevant regulators or law enforcement officials in response to a valid request for information where we believe disclosure is in accordance with applicable law, regulation or legal process.

VGS may also share aggregated and de-identified information that cannot be reasonably used to identify you or your company.

How does VGS store your data?

VGS stores your data with third party services who process customer data on behalf of VGS, including but not limited to:

  • Billing services
  • SaaS providers
  • Cloud service providers

VGS’s contracts with third party service providers prohibit the providers from using your data on their own behalf.

Do we use your data for marketing?

Yes, VGS sends you information about products and services of ours that we think you might like. If you have agreed to receive marketing information, you may always opt out at a later date.

You have the right at any time to stop VGS from contacting you for marketing purposes. If you no longer wish to be contacted for marketing purposes, please click here. In addition, emails that you receive will include an option to unsubscribe at the bottom of the email.

What are your data protection rights?

VGS complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. VGS has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. VGS has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) Program, and to view our certification, please visit https://www.dataprivacyframework.gov/. In addition, VGS works with both our customers and service providers to ensure compliance with data protection requirements for our customers throughout the world. Please click here to review our Data Privacy Framework privacy notice for EEA, UK, and Swiss customers.

Subject to any exemptions provided by law, VGS offers individuals from whom it directly collects information reasonable access to their Personal Information and will provide such individuals reasonable opportunity to correct, amend, or delete inaccurate information. Contact privacy@verygoodsecurity.com.

If contacted by one of our customers' clients, VGS will work with the EU controller to facilitate access through the Customer’s access methods.

What are cookies?

Cookies are text files placed on your computer to collect standard Internet log information and visitor behavior information. When you visit our websites, we may collect information from you automatically through cookies or similar technology

For further information, visit allaboutcookies.org

How do we use cookies?

VGS uses cookies in a range of ways to improve your experience on our Website, including:

  • Keeping you signed in
  • Understanding how you use our website
  • Marketing VGS products and services

What types of cookies do we use?

There are a number of different types of cookies, our website uses the following types:

  • Strictly Necessary Cookies: These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.
  • Performance Cookies: These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.
  • Functional Cookies: These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.
  • Targeting Cookies: These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

You can adjust your cookie settings via our cookie banner.

How does VGS secure your data?

VGS utilizes administrative, physical, and technical security measures to protect your personal information. Click here to review VGS’s security statement.

How can you contact us?

If you have questions about this policy or our information handling, please contact privacy@verygoodsecurity.com