Privacy - Upgrade VIP
Book now
Book now
Info

Privacy Policy

We take privacy seriously. This policy explains how VIPnow Ltd protects personal data and how we comply with GDPR.

GDPR Compliant Privacy by Design Secure Processing Data Subject Rights

Introduction

The EU General Data Protection Regulation (“GDPR”) came into force across the European Union on 25th May 2018 and brought the most significant changes to data protection law in two decades. Founded on privacy by design and a risk-based approach, the GDPR was designed to meet the requirements of the digital age.

Modern technology, expanded definitions of personal data, and increased cross-border processing require clear and consistent safeguards. The Regulation aims to standardise data protection laws across the EU, giving individuals stronger rights to access and control their personal information.

Our Commitment

VIPnow Ltd is committed to ensuring the security and protection of the personal information that we process, and to provide a compliant and consistent approach to data protection. We have always maintained a robust data protection program that complies with existing law and the core data protection principles.

We recognise the importance of maintaining and expanding this program to meet the GDPR and related data protection requirements. Our preparation includes developing and implementing appropriate roles, policies, procedures, controls, and measures to ensure maximum and ongoing compliance.

How We Comply with GDPR

We maintain consistent data protection and security across our organisation. Key areas of our GDPR compliance and preparation include:

01
Information Audit

Company-wide audits to identify what personal data we hold, why we process it, and where it is disclosed.

02
Policies & Procedures

Updated governance to evidence accountability, privacy by design, and individual rights.

03
Retention & Erasure

Retention schedules and secure disposal aligned to minimisation and storage limitation principles.

04
Data Breaches

Early identification, investigation, and reporting procedures with clear staff reporting lines.

05
International Transfers

Safeguards for transfers outside the EU, including encryption and adequacy reviews.

06
Subject Access Requests

SAR procedures aligned to the one-month timeframe, verification steps, and response templates.

07
Legal Basis

Reviewing processing activities to ensure the correct lawful basis and Article 30 records.

08
Privacy Notices

Clear notices explaining why data is needed, how it is used, disclosure, and safeguards.

09
Consent & Marketing

Affirmative opt-in, consent records, easy withdrawal, and unsubscribe mechanisms.

10
DPIAs

Impact assessments for high-risk processing, with documented mitigations and risk ratings.

11
Processor Agreements

Contracts and due diligence for third-party processors, with ongoing compliance reviews.

12
Special Category Data

Article 9 compliance, strong encryption, and explicit consent where required.

Note: Some controls above reference GDPR Articles (e.g., Article 30, Article 35, Article 9). Our policies are designed to meet these requirements and are reviewed periodically to remain current.

Data Subject Rights

We provide clear information about an individual’s right to access any personal information that VIPnow Ltd processes about them, and to request information about:

  • 1

    What personal data we hold about you.

  • 2

    The purposes of the processing.

  • 3

    The categories of personal data concerned.

  • 4

    The recipients to whom personal data has been or will be disclosed.

  • 5

    How long we intend to store your personal data for.

  • 6

    If we did not collect data directly from you, information about the source.

  • 7

    Your right to correct incomplete or inaccurate data and how to request this.

  • 8

    Your right to request erasure (where applicable), restrict processing, or object to direct marketing.

  • 9

    Your right to be informed about automated decision-making (if used).

  • 10

    Your right to lodge a complaint or seek judicial remedy and who to contact.

Information Security & Technical Measures

VIPnow Ltd takes the privacy and security of personal information very seriously. We take reasonable measures to protect personal data from unauthorised access, alteration, disclosure, or destruction. Our security program includes multiple layers of safeguards, such as:

SSL
Secure Connections

SSL/TLS encryption helps protect data in transit.

AC
Access Controls

Role-based access and restrictions to limit data exposure.

PW
Password Policy

Strong password practices and authentication measures.

ENC
Encryption

Encryption safeguards for sensitive and special category data.

IT
IT Security

Security monitoring and protective technical controls.

AUTH
Authentication

Verification and authentication practices to reduce risk.

Contacting Us

If you have questions regarding GDPR compliance or this privacy policy, please contact us via the contact page.

google
5.0
Rated 4.8 out of 5
Read our reviews