// legal
Privacy Policy
Effective: 1 January 2024 · v1.0
This policy explains what personal data vmage.ru collects, why, and how it is handled. We do not sell data to third parties.
1. Data Controller
Individual specialist operating as vmage.ru · admin@vmage.ru
2. Data We Collect
- Contact form: name, email, Telegram (optional), service type, message
- Email correspondence: your address and message content
- Billing: name, company, address for invoicing
- Technical: IP address (rate limiting / spam prevention only)
3. How We Use It
- To respond to your enquiry
- To deliver the agreed services
- To issue invoices
- Fraud and spam prevention
Contact form submissions are delivered to the service owner via Telegram API (Telegram's privacy policy applies to that transmission).
4. Legal Basis (GDPR)
- Contract performance — Art. 6(1)(b)
- Legitimate interests (fraud prevention) — Art. 6(1)(f)
- Consent (contact form checkbox) — Art. 6(1)(a)
5. Retention
- Contact logs: up to 12 months
- Project files: up to 5 years
- Invoices: 7 years (accounting requirements)
- Rate-limit data: 24–72 hours
6. Your Rights
Access, rectification, erasure, portability, objection — contact admin@vmage.ru. Response within 30 days.
7. Cookies
No tracking or advertising cookies. Google Fonts loads externally (Google's privacy policy applies).
8. Security
HTTPS/TLS for all data in transit. Server access restricted to the service owner.
9. Changes
Updates published at vmage.ru/privacy/ with a new effective date.
10. Contact
admin@vmage.ru