Effective Date: May 1, 2026
Venga Consulting (“we,” “our,” or “us”) is committed to protecting the privacy, confidentiality, and security of personal information in accordance with applicable privacy laws, including the Personal Information Protection and Electronic Documents Act (PIPEDA) in Canada and, where applicable, the General Data Protection Regulation (GDPR).
This Privacy Policy explains how we collect, use, disclose, and safeguard personal information when you use our website, IT services, and support systems.
1. Accountability and Compliance
We are responsible for all personal information under our control and have implemented policies and procedures to ensure compliance with applicable privacy legislation. We ensure that all third-party service providers adhere to appropriate privacy and security standards.
2. Information We Collect
We may collect and process the following categories of information:
Personal Information
-
Name
-
Email address
-
Phone number
-
Job title
-
Company name
-
Billing and contact details
Business & IT Information
-
System configurations and network details
-
IT infrastructure and software usage data
-
Support tickets and service logs
-
Operational and diagnostic data required to deliver IT services
Technical Data
-
IP address
-
Device identifiers
-
Browser type and version
-
Log files and usage analytics
3. Lawful Basis for Processing (GDPR)
Where GDPR applies, we process personal data under the following lawful bases:
-
Contractual necessity – to deliver IT services and support
-
Legitimate interests – to secure, maintain, and improve IT systems and service delivery
-
Legal obligation – to comply with applicable laws and regulations
-
Consent – where explicitly required (e.g., marketing communications)
4. How We Use Information
We use personal information to:
-
Provide managed IT services, support, and consulting
-
Monitor, maintain, and secure IT environments
-
Respond to inquiries and service requests
-
Diagnose and resolve technical issues
-
Improve service quality, performance, and security
-
Comply with legal, regulatory, and contractual obligations
-
Communicate service updates and operational notices
We do not use personal information for unrelated purposes without consent.
5. Disclosure of Information
We do not sell personal information.
We may disclose information only in the following circumstances:
-
To trusted third-party service providers (e.g., cloud hosting, cybersecurity tools, software vendors) strictly for service delivery
-
To comply with legal obligations, court orders, or regulatory requests
-
To protect the rights, property, or safety of our clients, systems, or organization
-
With explicit client authorization
All third-party processors are required to maintain appropriate confidentiality and data protection standards.
6. International Data Transfers
Where personal information is transferred outside of Canada (or the EEA where GDPR applies), we ensure appropriate safeguards are in place, such as:
-
Standard contractual clauses (SCCs)
-
Data processing agreements with vendors
-
Reasonable technical and organizational security measures
7. Data Retention
We retain personal information only for as long as necessary to:
-
Deliver services
-
Fulfill contractual obligations
-
Comply with legal, tax, or regulatory requirements
-
Resolve disputes or enforce agreements
When no longer required, data is securely deleted or anonymized.
8. Security Safeguards
We implement industry-standard safeguards to protect personal information, including:
-
Encryption in transit and at rest (where applicable)
-
Access controls and least-privilege permissions
-
Firewall and endpoint protection systems
-
Continuous monitoring and threat detection
-
Secure backup and recovery procedures
Despite these measures, no system can guarantee absolute security.
9. Your Rights
Under PIPEDA (Canada), you have the right to:
-
Access your personal information
-
Request corrections to inaccurate or incomplete data
-
Withdraw consent (subject to legal or contractual restrictions)
-
Be informed of how your information is used and disclosed
Under GDPR (where applicable), you may also have the right to:
-
Request data portability
-
Request deletion (“right to be forgotten”)
-
Restrict or object to processing
-
Lodge a complaint with a supervisory authority
To exercise your rights, please contact us using the details below.
10. Cookies and Tracking Technologies
We may use cookies and similar technologies to:
-
Improve website functionality
-
Analyze usage and performance
-
Enhance user experience
You may disable cookies through your browser settings; however, some features may not function properly.
11. Third-Party Services
Our website and services may integrate with third-party tools and platforms. We are not responsible for the privacy practices of these third parties, but we select providers with appropriate security and compliance standards.
12. Breach Notification
In the event of a privacy breach involving personal information under our control, we will:
-
Assess the risk of harm
-
Notify affected individuals where required by law
-
Report to relevant regulatory authorities where applicable
-
Take appropriate steps to mitigate and prevent further impact
13. Changes to This Policy
We may update this Privacy Policy periodically to reflect changes in law, technology, or business practices. Updates will be posted on this page with a revised effective date.
14. Contact Information
If you have any questions, requests, or concerns regarding this Privacy Policy or your personal information, please contact:
Venga Consulting
Email: sales@vengaconsulting.com
Phone: (929) 558-3642
Website: https://vengaconsulting.com/