GDPR complian privacy policy

GDPR complian privacy policy


The legal definition of personal data is very broad. Any information relating to an identified or identifiable person is considered personal data (for a full definition see Article 4, point 1 of the GDPR).

Examples of personal data are telephone numbers, addresses, financial information, ID numbers, e-mail addresses, etc.

Collection of personal data

A number of our activities involve the collection and processing of personal data, for example as part of consultations, organization of trainings, etc.

Such collecting and processing of personal data and its subsequent utilization should be done fairly and lawfully.

Purpose of the collection

Whenever personal data is requested, it is essential that the data subject (the person whose personal data are collected, held or processed) knows for what purposes the data is being collected. According to Article 5 (1) (b) of the Regulation, personal data “must be collected for specified, explicit and legitimate purposes and not further processed in a way incompatible with those purposes.”

Moreover, personal data must be adequate, relevant, and not excessive in relation to the purpose and kept for no longer than is necessary for the purposes for which they were collected.

Our company would like to inform visitors about the following:

Purpose: The data will be collected via e-mail or the contact form for establishing contact, organizing and conducting trainings, providing consultancy services and paying for the services.

Description of the data: e-mail, telephone, invoice data, other voluntarily provided data in order to achieve the high quality of the services you want.

Data Controller: Virtual Systems Ltd.

Legal basis: The legal basis of the processing for which the data are intended is the consent to a specific purpose specified by the data subject (Article 6 (1) (a) of the GDPR) or to take steps at the request of the data subject prior to entering into and the performance of a contract (Article 6 (1) (b) of the GDPR).

Access to the Data: Тhe data can be accessed  in full by the manager and by an expert of Virtual Systems Ltd.

Right of access by the data subject: Data subjects have the right to access his or her personal data at any time and free of charge, by sending an email request.

Right to rectification: Data subjects have the right to rectify their inaccurate or incomplete personal data at any time and free of charge, by sending an email request.

Right to restriction of processing: Data subjects have the right to block their data at any time and free of charge by sending an email request.

Right to erasure:  Data subjects have the right to request to the controller at any time and free of charge the erasure of their data, particularly where the provisions of article 17 of the GDPR are aplicable, by sending an email request.

Right to object: Data subjects have the right:

– To object at any time and free of charge, by sending an email request to the controller.

– To be informed before personal data are disclosed for the first time to third parties  and to be expressly offered the right to object free of charge to such disclosure or use.

Right to lodge a complaint: If the data subjects have any queries concerning the processing of their personal data, they can ask them by phone 00359895447975 or by email

Start date of data processing: From the date of submission by the data subject.

Retention policy: Data will be stored for a period of:

– 1, 2 or 3 months as requested by the data subject – to establish contact;

– the term stipulated in the contract – for organizing and conducting trainings and providing consultancy services;

– 5 years after the end of the tax year in which the payment was made – for payments.

This data will be deleted after the expiration of the above deadline.

Attention: The controller is not responsible for external sites over which the controller has no control.