Privacy Policy

1. Who we are

Virtova LLC ("Virtova," "we," "us") is a Washington, D.C.–based advisory firm. This policy explains what information we collect when you visit www.virtova.co, contact us, or engage us for services, and how we use, share, and protect that information.

2. Information we collect

Information you give us. Name, email address, company, and anything else you include when you book a call, email us, or engage us. Engagement materials you share with us during a project are treated as confidential under our master services terms or any executed NDA.

Information collected automatically. Standard server logs from Cloudflare (IP address, user agent, referrer, timestamp) retained for security and operational purposes. We do not use advertising cookies or analytics cookies. The site sets no first-party cookies.

Third-party services. Our booking link is hosted by Microsoft Bookings; information you submit there is governed by Microsoft's privacy terms. Fonts are served from Google Fonts.

3. How we use information

• To respond to inquiries and schedule meetings.
• To deliver consulting services and manage the client relationship.
• To operate and secure the website.
• To comply with law and professional obligations.

We do not sell personal information. We do not share personal information with advertisers. We do not use personal information to train machine-learning models.

4. Legal bases (for visitors in the EEA / UK)

We process personal information under the following legal bases: your consent (when you contact us), performance of a contract (when we engage you as a client), our legitimate interest in operating and securing the site, and compliance with legal obligations.

5. Sharing

We share information only with: (a) service providers bound by confidentiality (e.g., email, hosting, scheduling); (b) professional advisors (counsel, accountants) under professional duties of confidentiality; (c) authorities where required by law; and (d) parties to a corporate transaction, subject to continued protection.

6. Retention

We retain information only as long as reasonably necessary for the purposes above, to meet legal and tax obligations, and to enforce our agreements. Server logs are typically retained for up to 30 days; engagement records are retained for the longer of seven years or the period required by applicable regulation.

7. Security

We apply administrative, technical, and physical safeguards appropriate to the sensitivity of the information, including transport encryption (TLS), least-privilege access, and vendor diligence. No system is perfectly secure; we cannot guarantee absolute security.

8. Your rights

Depending on your jurisdiction, you may have rights to access, correct, delete, port, or restrict processing of your personal information, and to object to certain processing. California residents have additional rights under the CCPA/CPRA, including the right to know and the right to delete. To exercise any right, email s@virtova.co. We will not discriminate against you for exercising a right.

9. International transfers

We are based in the United States. If you are located outside the U.S., your information will be transferred to and processed in the U.S., where data-protection laws may differ from those of your home jurisdiction.

10. Children

This site is not directed to children under 16, and we do not knowingly collect personal information from children.

11. Changes

We may update this policy from time to time. Material changes will be reflected by the "Last updated" date above.

12. Contact

Virtova LLC · Washington, D.C. · s@virtova.co