Privacy Policy

Vale Cloud – Website Privacy Policy

Last updated: December 31, 2025

This Privacy Policy explains how Vale Cloud (“Vale Cloud,” “we,” “us,” or “our”) collects, uses, discloses, and protects personal information when you visit our websites, including valecloud.co.uk and any subdomains (the “Site”), or otherwise interact with us online.
If you do not agree with this Privacy Policy, please do not use the Site.

1) Who we are and how to contact us
Controller / Business:
Vale Cloud Ltd
– Registered address: Parkgate House, 33a Pratt Street, London, England, NW1 0BG
– Contact email: sales@thevalegroup.co.uk
– Telephone: +44 1252 477477

2) Scope
This Policy applies to personal information processed through our public websites and related marketing touchpoints. For information about data processed in connection with our cloud services/products, please refer to our Product Privacy Notice or Data Processing Addendum (DPA) (if applicable).
 
3) Information we collect
3.1 Information you provide directly
– Contact details: name, email address, phone number, company, job title.
– Account registration (if any): username, password (stored using industry‑standard hashing), profile details.
– Support requests: information you share in tickets, chats, or emails.
– Marketing forms: interests, preferences, and newsletter subscriptions.
– Event/ webinar registrations: attendance details and professional information.
– Career applications: résumé/CV, cover letter, professional history (see our Careers Privacy Notice if separate).
3.2 Information collected automatically
– Device and usage data: IP address, browser type/version, operating system, pages viewed, referral URLs, time spent, links clicked.
– Cookies and similar technologies: session cookies, preference cookies, analytics, and advertising pixels (see Cookies & Tracking below).
– Log data: server logs for security and diagnostics.
3.3 Information from third parties
– Marketing & analytics providers: aggregated usage insights.
– Business partners and event organizers: registration details.
– Publicly available sources: business contact information.
 
4) Purposes for processing & legal bases (GDPR/UK GDPR)
We process personal information for the following purposes and under these legal bases:
– Provide and operate the Site (Contractual necessity / Legitimate interests)
– Respond to inquiries & support (Contractual necessity / Legitimate interests)
– Send administrative messages (e.g., service notices) (Legitimate interests / Contractual necessity)
– Personalize content & improve Site performance (Legitimate interests / Consent for non‑essential cookies)
– Marketing & newsletters (Consent / Legitimate interests, subject to opt‑out)
– Security, fraud prevention, and compliance (Legal obligation / Legitimate interests)
– Recruitment (if applicable) (Contractual necessity / Legitimate interests / Consent where required)
Where we rely on consent, you may withdraw it at any time (see Your Rights).
 
5) How we use your information (summary)
– To deliver, maintain, and secure the Site and our services.
– To communicate with you, including responding to questions.
– To optimize website functionality, content relevance, and user experience.
– To conduct analytics and measure campaign effectiveness.
– To send marketing communications (where permitted).
– To meet legal and regulatory requirements.
 
6) Cookies & tracking technologies
We use cookies, web beacons, pixels, and similar technologies to:
– Essential: enable core Site functions and security.
– Analytics: understand Site performance and usage (e.g., page views, navigation).
– Functional: remember preferences.
– Advertising/retargeting (if used): tailor ads on our Site or third‑party platforms.
– Managing cookies: You can manage preferences via our Cookie Banner and Cookie Settings tool and by adjusting your browser settings. Disabling non‑essential cookies may affect Site functionality. See our Cookie Notice for details (if separate).
 
7) Disclosures of personal information
We may share personal information with:
– Service providers / processors: hosting, security, analytics, customer support, email delivery, CRM, marketing, events, payments (if applicable).
– Business partners: co‑sponsored events or joint offerings (with your notice/consent where required).
– Professional advisors: auditors, legal counsel, accountants.
– Authorities / compliance: to comply with law, enforce agreements, or protect rights and safety.
– Corporate transactions: in connection with mergers, acquisitions, asset sales, financing, or bankruptcy.
We do not sell personal information in the traditional sense. If applicable law treats certain sharing as a “sale” or “sharing” (e.g., for cross‑context behavioural advertising under CPRA), we provide opt‑out mechanisms (see Your Rights).
 
8) International transfers
Your information may be transferred to, stored in, and processed in countries other than your own (including the United States). Where required, we use:
– Adequacy decisions (e.g., UK/EU adequacy)
– Standard Contractual Clauses (SCCs) or International Data Transfer Agreements (IDTAs)
– Supplementary measures aligned with risk and applicable guidance.
 
9) Data retention
We retain personal information only as long as necessary for the purposes described, including:
– Operational and legal requirements
– Security and fraud prevention
– Account lifecycle (if accounts exist)
– Statutory limitation periods
– When no longer needed, we securely delete or anonymize data.
 
10) Security
We implement technical and organizational measures designed to protect personal information, including:
– Encryption in transit (TLS) and at rest (where applicable)
– Access controls & role‑based permissions
– Network and application monitoring
– Vendor due diligence and contractual safeguards
– Employee training and least‑privilege principles
No method of transmission or storage is completely secure; we cannot guarantee absolute security.
 
11) Your privacy rights
Depending on your location, you may have rights to:
– Access: know what data we hold about you.
– Rectify: correct inaccurate data.
– Delete: request erasure of your data.
– Restrict: limit certain processing.
– Object: to processing based on legitimate interests or direct marketing.
– Portability: receive your data in a structured, machine‑readable format.
– Withdraw consent: where processing is based on consent.
– Opt‑out of marketing: unsubscribe via email footer or request.
– Opt‑out of “sale” or “sharing” (CPRA, if applicable): use our Do Not Sell/Share My Personal Information link.
– Non‑discrimination: you will not be penalized for exercising privacy rights.
How to exercise your rights:
Email: sales@thevalegroup.co.uk
We may need to verify your identity. Authorized agents (where permitted) may submit requests with appropriate authorization.
 
12) Children’s privacy
Our Site is not intended for children under 13 (or the age of digital consent in your jurisdiction). We do not knowingly collect personal information from children. If you believe a child has provided personal information, please contact us to delete it.
 
13) Marketing & communications
You may opt out of marketing emails at any time by clicking “unsubscribe” or contacting us at sales@thevalegroup.co.uk. We may still send non‑marketing, transactional, or service‑related communications.
 
14) Third‑party links & services
Our Site may link to third‑party websites or services. We are not responsible for their privacy practices. Review their privacy policies before providing personal information.
 
15) Changes to this Policy
We may update this Privacy Policy from time to time. The “Last updated” date indicates the latest revision. Material changes will be communicated via the Site or by email (where appropriate).
 
16) Jurisdiction‑specific disclosures
16.1 European Economic Area (EEA) & United Kingdom
– Controller: Vale Cloud, Inc. (or your EU/UK entity)
– Legal bases: see Section 4
– International transfers: SCCs/IDTAs and safeguards (Section 8)

Complaints: You may lodge a complaint with your local supervisory authority (e.g., ICO in the UK or your national DPA).

16.2 United States (CCPA/CPRA – California)
– Categories collected: Identifiers (e.g., name, email, IP), internet activity (e.g., browsing history on our Site), professional information, inferences (limited, if any).
– Purposes: Site operation, analytics, marketing, security (as described above).
– Disclosure: Service providers and partners as outlined in Section 7.
– Sale/Sharing: We do not sell personal information in exchange for money. Certain disclosures for targeted advertising may be considered “sharing.” You can opt out via our Do Not Sell/Share mechanism.
– Sensitive personal information: Not collected through the Site unless explicitly stated (e.g., authentication, security logs); we do not use it for purposes that require “limited use” flags beyond what’s disclosed.
– Retention: See Section 9.
– Rights: Access, deletion, correction, opt‑out of sale/sharing, limit use of sensitive PI (if applicable), non‑discrimination.

16.3 Other regions
We comply with applicable local laws in jurisdictions where we operate. Region‑specific terms may be added to this Section as needed.
 
17) How to reach us
For questions or privacy requests, contact:
– Email: sales@thevalegroup.co.uk
– Postal: Unit 4, Abbey Business Park, Monks Walk, Farnham, Surrey, GU9 8HT
 
18) Version history
Dec 31, 2025: Initial website policy publication.