Terms of Service

Privacy Policy

Last Updated: April 2026

1. Introduction

This Privacy Policy explains how Vantority, operated by Moritz Blüml, Vindelikerweg 10, 85652 Pliening, Germany ("we", "us", "our") collects, uses, stores, and protects personal data when you visit our website vantority.com or use our services. This policy applies to all visitors, clients, and prospective clients.

We are committed to protecting your personal data and processing it in accordance with the General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG), and all other applicable data protection laws.

2. Controller

The controller responsible for the processing of your personal data is:

Vantority Moritz Blüml Vindelikerweg 10 85652 Pliening Germany Email: moritz@vantority.com Phone: +49 174 3153460 Website: vantority.com

3. Data We Collect

We may collect and process the following categories of personal data:

3.1 Data You Provide Directly

Contact information including name, email address, phone number, and business name. Information submitted via our contact form or booking system. Information provided during the onboarding process including business address, website URL, social media profiles, and business description. Payment information processed via Stripe including billing address and payment method details. Communications you send to us via email, contact form, or other channels. Voice notes and content materials provided for the purpose of content creation under Vantority Growth. Any other information you voluntarily provide to us.

3.2 Data We Collect Automatically

IP address and approximate location data. Browser type and version. Operating system and device type. Pages visited and time spent on each page. Referring website or source. Date and time of visits. Clickstream data and user behavior on our website. Cookie data as described in our Cookie Policy.

3.3 Data We Receive from Third Parties

Payment confirmation and transaction data from Stripe. Appointment booking data from Calendly. Analytics data from Google Analytics. Advertising data from Google Ads, Meta, and LinkedIn. Performance data from our press release distribution partners.

4. Purposes and Legal Basis for Processing

We process your personal data for the following purposes:

4.1 To Provide Our Services

Legal basis: Art. 6(1)(b) GDPR – performance of a contract.

We process your data to deliver the services you have purchased, including Vantority Trust, Vantority Local, Vantority Growth, and Vantority OS. This includes onboarding, service delivery, client communication, and reporting.

4.2 To Process Payments

Legal basis: Art. 6(1)(b) GDPR – performance of a contract.

We process payment data to collect fees for our services via Stripe. We do not store full payment card details on our own systems.

4.3 To Respond to Inquiries

Legal basis: Art. 6(1)(f) GDPR – legitimate interest.

We process data submitted via our contact form and email to respond to your questions and requests.

4.4 To Send Marketing Communications

Legal basis: Art. 6(1)(a) GDPR – consent.

With your consent, we may send you marketing emails, updates, and promotional information about our services. You can unsubscribe at any time by clicking the unsubscribe link in any email or by contacting us directly.

4.5 To Improve Our Website and Services

Legal basis: Art. 6(1)(f) GDPR – legitimate interest.

We use analytics tools to understand how visitors use our website and to improve its performance, content, and user experience.

4.6 To Run Advertising Campaigns

Legal basis: Art. 6(1)(a) GDPR – consent.

With your consent, we use advertising platforms including Google Ads, Meta, and LinkedIn to run targeted advertising campaigns. This may include the use of cookies and tracking pixels as described in our Cookie Policy.

4.7 To Comply with Legal Obligations

Legal basis: Art. 6(1)(c) GDPR – legal obligation.

We process data where necessary to comply with applicable laws including tax and accounting obligations, anti-money laundering regulations, and other statutory requirements.

4.8 To Establish, Exercise, or Defend Legal Claims

Legal basis: Art. 6(1)(f) GDPR – legitimate interest.

We may process your data where necessary to establish, exercise, or defend legal claims.

5. Third-Party Service Providers

We share personal data with the following third-party service providers who process data on our behalf or in connection with our services:

Stripe Inc. Purpose: Payment processing. Location: United States. Safeguards: Standard Contractual Clauses. Privacy Policy: stripe.com/privacy

Calendly LLC Purpose: Appointment scheduling. Location: United States. Safeguards: Standard Contractual Clauses. Privacy Policy: calendly.com/privacy

Framer B.V. Purpose: Website hosting and performance. Location: Netherlands / United States. Safeguards: Standard Contractual Clauses. Privacy Policy: framer.com/privacy

Google LLC Purpose: Analytics, advertising, and search. Location: United States. Safeguards: Standard Contractual Clauses. Privacy Policy: policies.google.com/privacy

Meta Platforms Inc. Purpose: Advertising and analytics. Location: United States. Safeguards: Standard Contractual Clauses. Privacy Policy: facebook.com/privacy/policy

LinkedIn Ireland Unlimited Company Purpose: Advertising and analytics. Location: Ireland / United States. Safeguards: Standard Contractual Clauses. Privacy Policy: linkedin.com/legal/privacy-policy

MarketersMedia (Plentisoft Sdn Bhd) Purpose: Press release distribution. Location: Malaysia. Safeguards: Contractual obligations. Privacy Policy: marketersmedia.com

Upwork Global Inc. Purpose: Freelancer sourcing and management. Location: United States. Safeguards: Standard Contractual Clauses. Privacy Policy: upwork.com/legal/privacy

We require all third-party providers to implement appropriate technical and organizational security measures and to process personal data only in accordance with our instructions.

6. International Data Transfers

Some of our third-party providers are located outside the European Economic Area (EEA). Where personal data is transferred to countries that do not provide an adequate level of data protection, we rely on appropriate safeguards including:

Standard Contractual Clauses (SCCs) approved by the European Commission. Binding Corporate Rules where applicable. Adequacy decisions by the European Commission. Other legally recognized transfer mechanisms.

You may request a copy of the applicable transfer safeguards by contacting us at moritz@vantority.com.

7. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable law.

Contact and inquiry data is retained for up to 2 years from the date of last contact. Client data is retained for the duration of the service agreement and for up to 10 years thereafter in accordance with German commercial and tax law retention obligations. Payment data is retained for up to 10 years in accordance with statutory requirements. Marketing data is retained until you withdraw your consent or unsubscribe. Analytics data is retained in accordance with the retention settings of the respective analytics platform. Content materials provided for Vantority Growth are retained for the duration of the service agreement and deleted within 30 days of contract termination upon request.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, accidental loss, destruction, or alteration. These measures include:

Encrypted data transmission via SSL/TLS. Access controls and authentication measures. Regular security reviews and updates. Contractual data protection obligations with all service providers. Secure storage of client data.

Despite these measures, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security but are committed to protecting your data to the best of our ability.

9. Your Rights Under GDPR

As a data subject, you have the following rights:

Right of Access (Art. 15 GDPR) You have the right to obtain confirmation of whether we process personal data about you and to receive a copy of that data.

Right to Rectification (Art. 16 GDPR) You have the right to request correction of inaccurate or incomplete personal data.

Right to Erasure (Art. 17 GDPR) You have the right to request deletion of your personal data where it is no longer necessary for the purposes for which it was collected, where you withdraw consent, or where processing is unlawful.

Right to Restriction of Processing (Art. 18 GDPR) You have the right to request that we restrict the processing of your personal data in certain circumstances.

Right to Data Portability (Art. 20 GDPR) You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit it to another controller.

Right to Object (Art. 21 GDPR) You have the right to object at any time to the processing of your personal data where we rely on legitimate interests as the legal basis for processing.

Right to Withdraw Consent (Art. 7(3) GDPR) Where processing is based on your consent, you have the right to withdraw that consent at any time without affecting the lawfulness of processing prior to withdrawal.

Right Not to Be Subject to Automated Decision-Making (Art. 22 GDPR) You have the right not to be subject to decisions based solely on automated processing, including profiling, that produce legal or similarly significant effects.

To exercise any of these rights, please contact us at:

Vantority Moritz Blüml Vindelikerweg 10 85652 Pliening Germany Email: moritz@vantority.com

We will respond to your request within 30 days. In complex cases, we may extend this period by a further two months, in which case we will notify you of the extension and the reasons for it.

10. Automated Decision-Making and Profiling

We do not make decisions based solely on automated processing that produce legal or similarly significant effects on you. We do not engage in profiling within the meaning of Art. 22 GDPR.

11. Children's Privacy

Our website and services are not directed at children under the age of 16. We do not knowingly collect personal data from children under 16. If you believe we have inadvertently collected data from a child under 16, please contact us immediately at moritz@vantority.com and we will take steps to delete such data promptly.

12. Links to Third-Party Websites

Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of those websites. We encourage you to read the privacy policies of any third-party websites you visit.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. We will notify you of any material changes by updating the date at the top of this policy and, where appropriate, by sending you a notification via email. We encourage you to review this policy periodically.

14. Right to Lodge a Complaint

You have the right to lodge a complaint with a data protection supervisory authority at any time. The competent authority for us is:

Bayerisches Landesamt für Datenschutzaufsicht Promenade 27 91522 Ansbach Germany www.lda.bayern.de

You may also contact the supervisory authority in your country of residence or place of work.

15. Contact

For any questions, concerns, or requests relating to this Privacy Policy or our data processing practices, please contact:

Vantority Moritz Blüml Vindelikerweg 10 85652 Pliening Germany Email: moritz@vantority.com Phone: +49 174 3153460 Website: vantority.com