Privacy
Policy

Visylo Consulting — Indian Ocean Region, Madagascar. For any questions regarding your personal data, contact us at contact@visylo.com. We are responsible for determining how and why your personal data is processed.

This Privacy Policy applies whenever you visit our website at visylo.com, contact us via form, email, or any other channel, engage us as a client for software development or digital consulting, interact as a supplier, partner, or collaborator, or engage with our social media pages (LinkedIn, etc.).

We collect Identification & Contact Data (name, email, phone, company, role), Technical & Usage Data (IP address, browser type, device OS, pages visited, session duration, cookies), Business & Project Data (project briefs, communication records, invoicing information), and any information you voluntarily provide through contact forms or messages. We do not collect sensitive personal data such as health, biometric, or political information.

We process your data to respond to inquiries (legitimate interest, Art. 6(1)(f) GDPR), provide software and consulting services (performance of a contract, Art. 6(1)(b) GDPR), send commercial proposals (legitimate interest or consent, Art. 6(1)(a/f) GDPR), improve our website (legitimate interest), maintain client and supplier relationships, comply with legal and accounting obligations, and defend or pursue legal claims. Where processing is consent-based, you may withdraw at any time without affecting prior lawful processing.

When you browse visylo.com, we automatically collect IP address, browser type, device info, and behavioral data such as pages visited and session duration. This data is used to ensure site security, analyze traffic, and improve user experience. In most cases it remains anonymous; it becomes personal data only when combined with information from another source (e.g. a contact form submission). We may use third-party analytics tools that set cookies — see Section 13 for details.

When you contact us about our services, we collect the data you provide (name, email, company, message) to respond to your inquiry, prepare a commercial proposal, and follow up on collaboration opportunities. If a business relationship is established, your data is retained for its duration plus the applicable legal archiving period. For representatives of clients and suppliers, we process only the contact data shared by your employer, strictly to fulfill our contractual obligations.

During a software or digital consulting engagement, we may process technical specifications and requirements, access credentials (where strictly necessary and securely managed), communication records, and project deliverables including source code and designs. All such data is processed solely to fulfill our contractual obligations and ensure proper delivery.

Contact and inquiry data (no contract) is retained up to 12 months from last contact. Client and supplier data (contract established) is kept for the contract duration plus a legal archiving period of typically 5–7 years. Website analytics and technical data are retained up to 24 months. Marketing data is kept until consent is withdrawn. Data related to legal claims is retained for the duration of the applicable statute of limitations. After these periods, data is securely deleted or anonymized.

We do not sell your personal data. We may share it with hosting and cloud infrastructure providers, project management and communication tools, accounting and legal service providers, payment processors where applicable, and website analytics providers. All third-party processors are bound by data processing agreements and must comply with applicable data protection law.

As a company operating across the Indian Ocean region and serving international clients, your data may be processed in countries outside your jurisdiction. In all cases, we ensure transfers are carried out with appropriate safeguards such as Standard Contractual Clauses where applicable, and in compliance with local data protection laws.

We implement technical and organizational security measures including HTTPS/TLS encrypted communications, access controls and internal authentication, regular infrastructure security reviews, and restricted data access on a need-to-know basis. No method of internet transmission is 100% secure. In the event of a breach posing risk to your rights, we will notify relevant parties as required by law.

Depending on your jurisdiction, you may have the right to: Access (request a copy of the data we hold), Rectification (request correction of inaccurate data), Erasure (request deletion in certain circumstances), Restriction (limit how we process your data), Portability (receive your data in a machine-readable format), Object (object to processing based on legitimate interest or direct marketing), and Withdraw Consent at any time. To exercise these rights, contact us at contact@visylo.com — we will respond within 30 days. You also have the right to lodge a complaint with the relevant data protection authority in your country.

We use three categories of cookies: Essential cookies required for site functionality (session/short-term), Analytics cookies to understand how visitors use the site (up to 24 months), and Marketing cookies to deliver relevant content and track campaign effectiveness (up to 12 months). You can manage cookies through your browser settings. Disabling cookies may affect some website functionality. Where required by law, we will request your consent before placing non-essential cookies.

Our website may link to external websites. This Privacy Policy applies only to visylo.com — we are not responsible for the privacy practices of third-party sites. We maintain a presence on LinkedIn. Interacting with our profiles (liking, commenting, messaging) may result in your data being processed by both Visylo Consulting and the platform as joint data controllers. We encourage you to review LinkedIn's Privacy Policy before engaging.

We may update this Privacy Policy at any time. The revision date is always shown at the top of this page. Material changes will be notified via a prominent notice on our website. We encourage you to review this page periodically to stay informed of how we protect your data.