Privacy Policy

Last updated: 23 October 2025

1. Controller

The controller responsible for processing your personal data within the meaning of the General Data Protection Regulation (GDPR) and the Irish Data Protection Act 2018 (DPA 2018) is:

VAN HAL VENTURES LIMITED
20 Harcourt Street
Dublin, D02 H364
Ireland

Phone

+353 87 391 9360

info@vh-ventures.com

Website

www.vh-ventures.com

Directors

Robert van Hal; Dipl.-Oec. Rüdiger van Hal

Company Number

595148 (Registered in Ireland)

2. Data Protection Officer (DPO)

A Data Protection Officer has not been appointed, as this is not legally required under Article 37 GDPR and Section 88 DPA 2018. For any privacy-related enquiries, please contact us at info@vh-ventures.com.

Purposes and Legal Bases
Categories of Data
Log Files & Technical Data
Cookies & Analytics
Data Sharing & Processors
Transfers Outside the EEA
Retention Periods
Your Rights
Automated Decision-Making
Data Security
Voluntary vs. Mandatory Provision
Links to External Sites
Updates to this Policy
Contact

3. Purpose and Legal Basis of Processing

We process personal data only where permitted by law.

Purpose	Examples	Legal Basis (GDPR)
Responding to enquiries	Emails, contact forms, phone calls	Art. 6(1)(b) – contract performance / pre-contractual steps
Operating and securing the website	Server logs, availability, cybersecurity	Art. 6(1)(f) – legitimate interests
Web analytics and performance	Audience measurement, UX optimisation	Art. 6(1)(a) – consent (via cookie banner)
Marketing communications	Newsletter (if offered)	Art. 6(1)(a) – consent
Contract & business administration	Customer/account data, invoicing	Art. 6(1)(b), (c) – contract and legal obligation

We do not intentionally process special categories of data under Art. 9 GDPR.

4. Categories of Personal Data

Identification and contact data (name, email, phone, address)
Technical usage data (IP address, browser/OS, device, access time, pages visited)
Communication content (messages, enquiries)
Contract and billing data (if applicable)

5. Log Files and Technical Data

When visiting our website, our hosting provider automatically collects technical information (e.g., IP address, browser type/version, operating system, referrer URL, host name, time of request). These data are necessary to ensure proper operation and security and are not merged with other data sources.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest). Storage period: log files are deleted after 30 days.

6. Cookies and Analytics

We use cookies and similar technologies to analyse usage and improve our content. Non-essential cookies are set only with your consent; you can withdraw consent at any time via the cookie settings.

Legal basis: Art. 6(1)(a) GDPR and the Irish ePrivacy Regulations (S.I. No. 336/2011).

If third-party analytics tools (e.g., Google Analytics, Matomo) are used, they are configured to minimise data (e.g., IP anonymisation). Data may be transferred outside the EEA only where appropriate safeguards (e.g., Standard Contractual Clauses) are in place.

7. Data Sharing and Processors

We share data with third parties only when necessary for contract fulfilment, where legally required, or with your explicit consent. Service providers acting on our behalf (hosting, analytics, communications, IT support) are bound by data processing agreements per Art. 28 GDPR and act under our instructions. We do not sell or rent personal data.

8. Transfers Outside the EU/EEA

Where data are transferred to countries outside the EEA, such transfers occur only if an adequacy decision exists, Standard Contractual Clauses (SCCs) are implemented, or you have explicitly consented.

9. Retention Periods

We retain personal data only as long as necessary for the purposes stated or as required by law (e.g., tax/commercial obligations). After expiry of the applicable periods, data are securely deleted or anonymised.

10. Your Rights under GDPR

Access (Art. 15)
Rectification (Art. 16)
Erasure (Art. 17)
Restriction of processing (Art. 18)
Data portability (Art. 20)
Objection (Art. 21), including to processing based on legitimate interests or for direct marketing
Withdrawal of consent (Art. 7(3)) with effect for the future
Right to lodge a complaint with the supervisory authority:

Data Protection Commission (DPC)
21 Fitzwilliam Square South,
Dublin 2, D02 RD28, Ireland
Website: www.dataprotection.ie

11. Automated Decision-Making and Profiling

We do not use automated decision-making or profiling within the meaning of Art. 22 GDPR.

12. Data Security

We implement appropriate technical and organisational measures to protect data against loss, misuse, unauthorised access, alteration, or destruction. Measures include encryption, access controls, secure servers, and continual monitoring of our IT infrastructure.

13. Voluntary vs. Mandatory Provision

Providing personal data is generally voluntary. Certain data may be necessary to enter into or perform contracts or to use specific website functions; without such data, services may be unavailable.

14. Links to External Websites

Our website may contain links to third-party sites. We have no control over their content or privacy practices. Please review the respective privacy policies before submitting personal data.

15. Updates to this Privacy Policy

We may modify this Privacy Policy to reflect legal requirements or changes to our services. The current version is available at www.vh-ventures.com/privacy.

16. Contact

VAN HAL VENTURES LIMITED
20 Harcourt Street, Dublin, D02 H364, Ireland
Email: info@vh-ventures.com
Phone: +353 87 391 9360

Provider:	PHP
Cookiename:	PHPSESSID
Runtime:	End of session

Provider:	VH Ventures
Cookiename:	waconcookiemanagement
Runtime:	1 year

Provider:	Google LLC
Cookiename:	_ga, _gid, _gat
Runtime:	2 years, 1 day, 1 day
Privacy source url:	https://policies.google.com/privacy
Host:	google.com