Privacy Notice (United States)

Effective Date: January 1, 2025
Last Updated: December 16, 2025

This Privacy Notice explains how VASKOS (“VASKOS,” “we,” “us,” or “our”) collects, uses, and protects personal information when you visit https://vassta.com (the “Website”) or interact with us in connection with our yacht cybersecurity and maritime digital security services.

This Notice is intended to comply with applicable U.S. privacy laws, including the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), and similar privacy laws adopted in other U.S. states.

1. Who We Are

Business Name: VASKOS
Website: https://vassta.com
Contact Email: info@vassta.com

VASKOS is responsible for determining how and why personal information is collected and used.

2. What Personal Information We Collect

Depending on how you interact with us, we may collect the following categories of personal information:

A. Identifiers

• Name
• Email address
• Phone number
• Internet Protocol (IP) address

B. Professional or Business Information

• Company name
• Job title
• Business contact details

C. Internet or Network Activity

• Device and browser information
• Website usage data
• Log and security data

D. Communications

• Content of messages, inquiries, and business correspondence

We do not knowingly collect personal information from children under the age of 16.

3. How We Use Personal Information

We use personal information for the following business and operational purposes:

• to operate, maintain, and secure our Website;
• to respond to inquiries and communicate with you;
• to provide and support our cybersecurity services;
• to enter into and perform contracts;
• to comply with legal and regulatory obligations;
• to prevent fraud, abuse, and unauthorized access;
• to improve our services and Website functionality.

4. Sources of Personal Information

We collect personal information from:

• you directly (for example, when you contact us);
• your device or browser automatically;
• business partners or service providers acting on our behalf;
• publicly available business sources (primarily in B2B contexts).

5. How We Share Personal Information

We may disclose personal information to:

• IT and cloud infrastructure providers;
• communication and collaboration service providers;
• professional advisors (legal, accounting, audit);
• government authorities or regulators, when required by law.

All service providers process personal information under contractual obligations that restrict use and require appropriate safeguards.

6. No Sale or Advertising-Based Sharing

We do not sell personal information. We do not share personal information for cross-context behavioral advertising. We do not use targeted advertising based on personal information.

Accordingly, we do not engage in activities that require a “Do Not Sell or Share My Personal Information” link under applicable law.

7. Data Retention

We retain personal information only for as long as reasonably necessary to:

• fulfill the purposes described in this Notice;
• comply with legal, accounting, and regulatory requirements;
• resolve disputes and enforce agreements;
• maintain security and prevent misuse.

8. Data Security

We implement reasonable administrative, technical, and physical safeguards designed to protect personal information, including:

• encryption of data in transit;
• access controls and authentication;
• monitoring and logging of system activity;
• incident response and recovery procedures.

No system is completely secure, but we take data protection seriously.

9. Your Privacy Rights (U.S.)

Depending on your state of residence, you may have the right to:

• know what personal information we collect and how we use it;
• request access to personal information;
• request correction of inaccurate personal information;
• request deletion of personal information;
• obtain a portable copy of personal information;
• opt out of certain types of processing, where applicable;
• not be discriminated against for exercising your privacy rights.

10. How to Exercise Your Rights

To submit a privacy request, please contact us at: info@vassta.com

We may verify your identity before fulfilling your request to protect your personal information. Authorized agents may submit requests on your behalf where permitted by law.

11. Sensitive Personal Information

We do not intentionally collect or use sensitive personal information as defined by applicable U.S. privacy laws, except where necessary to provide services or comply with legal obligations.

12. Automated Decision-Making

We do not use automated decision-making or profiling that produces legal or similarly significant effects on individuals.

13. Children’s Privacy

Our Website and services are not intended for individuals under the age of 16. We do not knowingly collect personal information from children.

14. Changes to This Privacy Notice

We may update this Privacy Notice from time to time. The updated version will be posted on vassta.com with a revised “Last Updated” date.

15. Contact Us

If you have any questions or concerns about this Privacy Notice or our privacy practices, please contact us:

Email: info@vassta.com
Website: https://vassta.com