Skip to content
LEGAL

PRIVACY POLICY

What personal data Vazgro Ltd collects, our lawful bases under UK GDPR, who we share it with, and your rights.

EFFECTIVE DATE
7 June 2026
ISSUED BY
Vazgro Ltd · London, UK

1. WHO WE ARE

Vazgro Ltd ("Vazgro", "we", "us", "our") is a company registered in England and Wales with its registered office in London, United Kingdom. We are the data controller responsible for the personal data described in this policy.

This policy explains how we collect, use, store, and protect personal data when you visit vazgro.com, make an enquiry, or work with us as a client under any of our LAUNCH, GROW, BUILD, or EXTEND services.

If you have any questions about this policy or how we handle your data, you can contact us at hello@vazgro.com.

2. WHAT DATA WE COLLECT

Enquiry and lead data: when you complete a contact, enquiry, or booking form, or email us, we collect details such as your name, email address, phone number, company name, and the project details and messages you provide.

Account and project data: when you become a client, we collect information needed to deliver the Services, including contact and account details, project briefs, credentials and access you share with us, and communications between us.

Billing data: payments are processed by Stripe. We do not store full card numbers ourselves; we receive limited billing information (such as name, billing email, amounts, and transaction status) needed to manage invoices and Subscriptions.

Usage and cookie data: we collect limited technical information automatically, such as IP address, device and browser type, referring pages, and how you use the Site, through cookies and analytics or security tooling.

3. HOW & WHY WE USE DATA (LAWFUL BASES)

To provide and manage the Services — responding to enquiries, preparing proposals, delivering LAUNCH, GROW, BUILD, and EXTEND work, managing accounts, and providing support. Lawful basis: performance of a contract, or steps taken at your request before entering a contract.

To run and improve our business — operating and securing the Site, understanding usage, improving our services, and keeping business records. Lawful basis: our legitimate interests in running an effective and secure business, balanced against your rights.

For optional marketing and non-essential cookies — sending updates you have asked for and using non-essential analytics or advertising cookies. Lawful basis: your consent, which you can withdraw at any time.

To meet legal and regulatory duties — including accounting, tax, and fraud-prevention obligations. Lawful basis: compliance with a legal obligation. We do not sell your personal data.

4. COOKIES & ANALYTICS

We use strictly necessary cookies to make the Site work, and we may use analytics cookies to understand how the Site is used. Non-essential cookies (such as analytics or marketing cookies) are only set with your consent, which you can manage or withdraw at any time.

You can also control cookies through your browser settings. Blocking some cookies may affect how parts of the Site function. If we introduce new advertising or marketing cookies, we will update this policy and the relevant consent options.

5. SHARING & PROCESSORS

We share personal data with carefully selected service providers (processors and sub-processors) who help us operate, including: Stripe for payment processing; our website hosting and infrastructure provider; email and communication tools; scheduling and collaboration platforms; and analytics providers.

These providers act on our instructions under contracts that require them to protect personal data and use it only for the services they provide to us. We may also disclose data where required by law, to enforce our rights, or in connection with a business reorganisation or sale.

6. INTERNATIONAL TRANSFERS

Some of our providers may process personal data outside the United Kingdom. Where this happens, we ensure appropriate safeguards are in place, such as UK adequacy regulations, the UK International Data Transfer Agreement or the EU Standard Contractual Clauses with the UK Addendum, or equivalent legal mechanisms.

You can contact us at hello@vazgro.com for more information about the safeguards we use for international transfers.

7. DATA RETENTION

We keep personal data only for as long as necessary for the purposes set out in this policy. Enquiry and lead data that does not become a client relationship is typically kept for up to 24 months and then deleted or anonymised.

Client project records and communications are generally retained for the duration of the engagement and for up to 6 years afterwards. Billing, invoice, and tax records are kept for at least 6 years to meet UK accounting and tax requirements. Analytics data is retained for the period set in our analytics tools, normally up to 26 months.

When data is no longer needed, we securely delete or anonymise it.

8. YOUR RIGHTS UNDER UK GDPR

Subject to certain conditions, you have the right to: access the personal data we hold about you; have inaccurate data corrected; have your data erased; restrict how we process your data; receive certain data in a portable format; and object to processing based on our legitimate interests or to direct marketing.

Where we rely on consent, you have the right to withdraw that consent at any time, without affecting processing carried out before withdrawal. To exercise any of these rights, email hello@vazgro.com; we will respond within one month, as required by law.

You also have the right to complain to the Information Commissioner's Office (ICO), the UK supervisory authority, at ico.org.uk. We would, however, appreciate the chance to address your concerns first.

9. SECURITY

We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration, or disclosure, including access controls, encryption in transit where appropriate, and trusted, security-conscious service providers.

No method of transmission or storage is completely secure, so we cannot guarantee absolute security. Please avoid sending highly sensitive information unless it is necessary and through an appropriate channel.

10. CHILDREN

Our Site and Services are intended for businesses and adults. They are not directed at children, and we do not knowingly collect personal data from anyone under 16. If you believe a child has provided us with personal data, please contact us so we can delete it.

11. WHEN WE PROCESS DATA ON YOUR BEHALF (PROCESSOR / DPA)

This policy describes the personal data for which Vazgro is the controller — for example your enquiry, account, and billing data. When we deliver Services, we may also handle personal data that belongs to you and your own customers or users: for instance data held in a website, platform, or system we build or operate for you, content used to train an AI assistant, or data in tools you give us access to.

For that data you are the controller and we act as your processor. We process it only on your documented instructions (including the relevant Statement of Work), keep our personnel under confidentiality, apply appropriate security measures under Article 32 UK GDPR, use sub-processors only under written terms offering equivalent protection, assist you with data-subject requests and breach handling, notify you without undue delay of any personal data breach we become aware of, and delete or return the data at the end of the engagement except where the law requires us to keep it.

These processor commitments are set out in full as a data processing agreement under Article 28 UK GDPR in Section 16 of our Terms of Service, and apply automatically to any such processing. If you need a separate or more detailed DPA, contact us at hello@vazgro.com.

12. CHANGES TO THIS POLICY

We may update this Privacy Policy from time to time. When we do, we will publish the current version on this page and update the effective date. Where changes are significant, we will take reasonable steps to notify you.

13. HOW TO CONTACT US

To make a data request, exercise your rights, or ask any privacy question, contact Vazgro Ltd, London, United Kingdom, by email at hello@vazgro.com.

If you are not satisfied with our response, you can contact the Information Commissioner's Office (ICO) at ico.org.uk.

STILL HAVE QUESTIONS?

Anything about these terms or how Vazgro handles your data — we're happy to talk it through.

hello@vazgro.com