Privacy Policy

Effective: May 7, 2026  |  Email: [email protected]  |  Web: vanturamarketing.com

Vantura is a marketing technology consultancy. We build, connect, and run the systems that companies use to find and keep customers: marketing platforms, ad accounts, analytics, CRMs, and the automations that tie them together. Marketing runs on data about people, so a marketing agency has more to explain about privacy than most. This policy does that explaining in plain terms.

It applies to vanturamarketing.com and to every service we deliver. Because our work involves tracking, advertising, and large contact databases, several sections below go into more detail than you might expect. Use the headings to jump to what concerns you.

01) Quick Orientation

Two ideas will save you time before you read further.

First, this site is a business website. The data it collects is mostly about prospective clients and visitors, and Vantura decides how that data is handled. For that data, Vantura is the controller.

Second, much of the personal data we touch is not collected by us at all. It belongs to our clients and describes their customers and leads. When we run a client’s campaigns or migrate their contact list, we handle that data on the client’s instructions as a processor. The client decides; we carry it out. The section on client campaign data covers this in full.

02) Information We Collect About You

Details You Submit

When you complete the project form, ask for a proposal, subscribe to anything, or email us, we receive what you provide. Typically that is your name, work email, phone number, company, role, and whatever you tell us about your current marketing setup, budgets, and goals. We hold our correspondence with you so conversations stay coherent over time.

Information Gathered as You Browse

Our site collects technical and behavioral data automatically. This includes your IP address and approximate location, device and browser details, the pages and links you interact with, scroll and click activity, time on page, and the source that brought you here, such as a search term, an ad, or a referring site. For a marketing agency this data is doubly relevant, because it is both how we keep the site healthy and an example of the analytics we set up for clients.

Data From Advertising and Social Platforms

If you reach us through an ad or interact with our content on a social network, we may receive limited information from that platform, such as which campaign you responded to and aggregated details about the audience you fall into. We do not receive your social account password or private profile data. The platform’s own terms govern what it shares with us.

03) Cookies, Pixels, and Tracking Technologies

This is the part a marketing agency cannot keep short, so we have not.

Cookies are small files stored on your device. Pixels, also called tags or web beacons, are tiny pieces of code on a page or in an email that report back when something loads. We use both, along with similar technologies, on our own site.

What We Use and Why

  • Strictly necessary: these run security, load balancing, and forms. The site does not function without them, so they are always on.
  • Analytics and performance: these measure how pages perform, which content gets read, and where visitors drop off, so we can improve the site.
  • Functionality: these remember choices such as region or display settings to make return visits smoother.
  • Advertising and retargeting: these let us show relevant ads to people who have visited the site and measure whether those ads work. They are the ones most people care about, and you can refuse them.

Third-Party Analytics and Advertising Partners

Some of the technologies on our site are placed by other companies whose tools we use, including web analytics providers and advertising networks such as the major search and social ad platforms. These partners may set their own cookies and may combine what they observe on our site with data they hold from elsewhere. Each operates under its own privacy policy, and we encourage you to read the ones relevant to you.

Custom and Lookalike Audiences

As part of advertising, we sometimes upload hashed contact information, such as an email address converted into a scrambled value, to an ad platform so it can match you to an existing account and show you our ads, or build a “lookalike” audience of similar people. We do this only where the law allows and, where consent is required, only after you have given it. You can opt out of this kind of audience targeting using the controls described below and within each ad platform’s settings.

Your Controls and Opt-Out Signals

You hold several levers. Your browser can block or delete cookies. Our cookie banner, where shown, lets you accept or reject non-essential categories and change your mind later. We honor recognized opt-out signals, including the Global Privacy Control, where applicable law requires it, and we treat such a signal as a request to stop selling or sharing your data for advertising. Industry opt-out pages run by advertising trade groups offer a further way to limit interest-based ads across many companies at once.

04) Marketing Communications and Consent

If you opt in, we send marketing email about our services, marketing tips, and the occasional event. Every message carries an unsubscribe link, and using it removes you promptly. We keep a suppression record of people who have unsubscribed precisely so we do not contact them again by mistake, which means a small amount of your data stays with us for the purpose of leaving you alone.

We follow the marketing laws that apply to where you are, including CAN-SPAM in the United States, CASL in Canada, and the consent rules under GDPR and e-privacy law in Europe and the UK. Transactional messages about an active project are not marketing and will reach you regardless of marketing preferences.

05) Client Campaign Data We Process

When a client hires us to run or rebuild their marketing, we work inside their databases and platforms. The personal data there belongs to the client and describes its leads and customers. It can include:

  • Contact records: names, email addresses, phone numbers, company details
  • Engagement history: email opens and clicks, page visits, form submissions, event attendance
  • Lead scores, lifecycle stages, and segmentation tags
  • Suppression and unsubscribe lists we must preserve to respect prior opt-outs

For this data, the client is the controller and we are the processor. We use it only to deliver the agreed work, such as building campaigns, cleaning the database, or migrating a contact list to a new platform. We do not market to the client’s contacts for our own benefit, we do not merge one client’s list into another, and we return or delete the data when the engagement ends. The data processing terms in the client agreement take precedence over this policy.

06) Profiling, Lead Scoring, and Automated Analysis

Several tools we deploy involve profiling: predictive lead scoring, behavioral audience segmentation, content optimization, and trigger-based campaigns. These analyze patterns in how people engage and act on the result automatically, for instance by moving a contact into a nurture sequence or ranking a lead for the sales team.

We want to be straightforward about what this is and is not. Lead scoring sorts and prioritizes; it does not make a legally significant decision about a person on its own. Where we configure these systems for a client, they assist the client’s marketing and sales teams rather than replace human judgement. If you are a contact in a client’s system and you want to understand or object to how a score or segment affects you, the client controls that data, so contact them first and we will support their response. On our own site, we may score and segment our prospects, and you can ask us about it or opt out by emailing us.

07) Why We Process Personal Data

Each type of data serves a defined purpose. Enquiry details let us reply and scope projects. Contact information supports project communication and, with consent, marketing. Site and tracking data improve the site, measure campaigns, and inform our advertising. Client campaign data exists to deliver the service the client bought. We also process data where we must, to meet legal duties or defend our rights.

If a new purpose comes up that is not covered here, we either rely on a fresh lawful basis or ask you first.

08) Sharing and Disclosure

We do not sell personal data for money. We do share it in defined situations: with the subprocessors listed below who run parts of our service, with advertising and analytics partners as described in the tracking section, when the law or a regulator compels disclosure, when we need to defend our legal rights or protect people from harm, and in a business sale or merger where records would pass to a buyer bound by protections no weaker than these. Under some privacy laws, our use of advertising cookies counts as “sharing,” and you can opt out of it as set out above.

09) Platforms and Subprocessors

Our work depends on tools built by others, and your data may sit with or flow through them:

  • Marketing and email platforms we configure, including HubSpot, Marketo, Mailchimp, Klaviyo, and ActiveCampaign
  • CRM, analytics, and advertising accounts we integrate for closed-loop reporting
  • Hosting, email, and scheduling services we use to run Vantura and communicate with you

Each provider runs under its own privacy terms. We select vendors that meet established security standards and require them to use shared data solely for the task we engaged them for.

10) How Long We Keep Data

Contact and enquiry records stay with us for up to two years after your last interaction, then we remove them, unless a legal need or live dispute extends that. Marketing subscribers remain on our list until they unsubscribe, after which only the suppression entry survives. Tracking and analytics data is held for the limited window each tool is configured for, often shorter. Client campaign data follows the client contract and is returned or destroyed at the end of the engagement. Aggregated, de-identified statistics that point to no individual may be kept without a set end date.

11) Security

We apply technical and organizational safeguards matched to the data we hold. Connections are encrypted, access to client accounts is limited to the people assigned to them and revoked when work ends, and we review our controls and train our team on safe handling. Migrations include validation so contact data is not lost or exposed in transit.

No internet system is perfectly secure, and we will not claim ours is. You share data with us at your own risk, so keep platform credentials strong and private and alert us quickly if you suspect a breach on an account we manage with you.

12) Your Privacy Rights

Depending on where you live, you can ask to access the data we hold on you, get a copy, correct it, delete it, restrict or object to its use, withdraw consent, and opt out of marketing or targeted advertising. Email [email protected] to begin. We verify identity before acting and reply within the time your law sets.

EEA, UK, and Switzerland

We process personal data only on a lawful basis: consent, performance of a contract, a legal obligation, or a legitimate interest that does not override your rights. For most advertising and analytics tracking we rely on consent, which you can withdraw at any time without affecting earlier lawful processing. You may also complain to your national data protection authority.

California

Under the CCPA and CPRA you can request the categories and specific pieces of personal information we collected, ask for access, deletion, or correction, and opt out of the sale or sharing of your data. Marketing agencies should be candid here: our use of advertising and retargeting cookies can amount to “sharing” your data for cross-context behavioral advertising. You can opt out through our cookie controls, by sending a Global Privacy Control signal, or by emailing us. We will not treat you differently for exercising any of these rights, and we do not sell personal information for money.

Other US States

Residents of states with their own privacy laws, such as Virginia, Colorado, Connecticut, and others, hold comparable rights to access, correct, delete, and opt out of targeted advertising. The same email and signals above let you use them.

13) International Transfers

Vantura and several of our providers operate across borders, the United States included, where data protection law may differ from your own. For international transfers we put recognized safeguards in place, such as Standard Contractual Clauses, or rely on an adequacy decision. Using the site means you understand this movement can occur.

14) Children

This is a business service not directed to anyone under 16. We do not knowingly collect children’s data, and we delete it if we find we have. A parent or guardian with a concern can write to [email protected].

15) Links to Other Sites

Our pages and campaigns link to platforms and resources we do not operate. This policy ends at our boundary. Once you follow a link, the destination’s own policy applies, so review it before you share anything there.

16) Changes to This Policy

We update this policy as our services, our tracking, and the law evolve. The current version always sits on this page with its effective date, and we make a reasonable effort to flag significant changes. Continuing to use the site after an update means the new version applies to you, so check back from time to time.

17) Contact

For any privacy question, request, or complaint, reach us directly: [email protected]