+371 2774 2313
13. janvāra iela 3, Rīga
Home Privacy Policy

Privacy Policy

Last updated: January 21, 2026

1. Introduction

VerdantVault Colocation ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website www.eastbaltinsight.com or use our colocation services.

We adhere to the requirements of the General Data Protection Regulation (GDPR) and the Latvian Personal Data Processing Law (PDPL). This policy informs you about your privacy rights and how the law protects you.

Please read this Privacy Policy carefully. If you do not agree with our policies and practices, please do not use our website or services. By accessing or using our website or services, you agree to this Privacy Policy.

2. Data Controller Information

VerdantVault Colocation is the controller responsible for your personal data.

Contact Details:

  • Full name of legal entity: VerdantVault Colocation SIA
  • Address: 13. janvāra iela 3, Centra rajons, Rīga, LV-1050, Latvia
  • Email address: privacy@eastbaltinsight.com
  • Telephone number: +371 2774 2313

We have appointed a Data Protection Officer (DPO) who is responsible for overseeing questions in relation to this Privacy Policy. If you have any questions about this Privacy Policy, including any requests to exercise your legal rights, please contact the DPO using the details above.

3. Legal Basis for Processing Personal Data

We process your personal data based on the following legal grounds:

  • Contract Performance: Processing necessary for the performance of a contract to which you are a party or to take steps at your request before entering into a contract (e.g., providing colocation services you have requested).
  • Legitimate Interests: Processing necessary for our legitimate interests, provided they are not overridden by your interests or fundamental rights and freedoms (e.g., improving our services, preventing fraud).
  • Legal Obligation: Processing necessary for compliance with a legal obligation to which we are subject (e.g., keeping records for tax purposes).
  • Consent: Processing based on your consent (e.g., sending marketing communications).

4. Categories of Personal Data We Collect

We may collect the following categories of personal data:

4.1 Information You Provide to Us

  • Identity Data: First name, last name, username or similar identifier, title, date of birth, government-issued identification (for facility access).
  • Contact Data: Billing address, delivery address, email address, telephone numbers.
  • Financial Data: Payment details, billing information.
  • Transaction Data: Details about payments to and from you and other details of services you have purchased from us.
  • Biometric Data: Fingerprint or other biometric identifiers used for secure facility access.
  • Profile Data: Your username and password, purchases or orders made by you, your interests, preferences, feedback, and survey responses.
  • Usage Data: Information about how you use our website and services.
  • Marketing and Communications Data: Your preferences in receiving marketing from us and our third parties and your communication preferences.

4.2 Information Collected Automatically

  • Technical Data: Internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our website.
  • Physical Access Data: Records of facility access, including date, time, and location within the facility.
  • CCTV Footage: Video recordings from security cameras throughout our facility.

5. How We Collect Your Personal Data

We use different methods to collect personal data from and about you, including:

  • Direct interactions: You may provide us with your personal data when you fill in forms, correspond with us by post, phone, email or otherwise, request information to be sent to you, or give us feedback.
  • Automated technologies: As you interact with our website, we may automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this data by using cookies, server logs, and other similar technologies.
  • Physical interactions: When you visit our facility, we collect physical access data and CCTV footage for security purposes.
  • Third parties: We may receive personal data about you from various third parties such as analytics providers, advertising networks, and search information providers.

6. How We Use Your Personal Data

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

6.1 Provision of Services

  • To provide and maintain our colocation services
  • To manage your account and provide you with customer support
  • To process transactions and send related information, including confirmations and invoices
  • To manage physical access to our facility
  • To ensure the security of your equipment and our facility

6.2 Business Operations

  • To improve and optimize our website and services
  • To conduct research and analysis to better understand how users access and use our website and services
  • To develop new products, services, features, and functionality
  • To communicate with you, including for customer service, updates about our services, and marketing purposes (if you have opted in)

6.3 Security and Legal Compliance

  • To detect, prevent and address technical issues, security breaches, and fraudulent activities
  • To protect the rights, property, or safety of our company, our customers, or others
  • To comply with legal obligations, such as responding to legal process or government requests

7. CCTV Footage Processing

As part of our security measures, we operate CCTV systems throughout our colocation facility. This section provides specific information about how we process CCTV footage:

7.1 Purpose of CCTV Monitoring

We use CCTV monitoring for the following purposes:

  • To ensure the security and safety of our facility, equipment, staff, and visitors
  • To prevent unauthorized access to restricted areas
  • To protect client equipment and data
  • To investigate security incidents or breaches
  • To comply with contractual obligations to clients regarding security measures

7.2 Retention of CCTV Footage

We retain CCTV footage for 90 days, after which it is automatically deleted unless:

  • It has been flagged as part of an ongoing investigation
  • It is required to be preserved for legal proceedings
  • A client has made a specific request for footage of their cage area (subject to approval)

7.3 Access to CCTV Footage

Access to CCTV footage is strictly controlled and limited to:

  • Authorized security personnel
  • Facility management with a legitimate need to access the footage
  • Law enforcement agencies with valid legal requests
  • Clients requesting footage of their own cage or rack (subject to approval and processing procedures)

7.4 CCTV Footage Access Process

If you are a client and need access to CCTV footage of your equipment or cage area, please follow these steps:

  1. Submit a written request to security@eastbaltinsight.com
  2. Include the specific date, time period, and location of interest
  3. Provide justification for the request
  4. Authenticate your identity and authorization to make the request

We will evaluate all requests for CCTV footage on a case-by-case basis, considering privacy implications, security requirements, and legal obligations. Response time for CCTV footage requests is typically 5 business days.

8. Data Sharing and Disclosure

We may share your personal data with the following categories of recipients:

8.1 Service Providers

We may share your personal data with service providers who perform services on our behalf, such as:

  • Payment processors
  • IT service providers
  • Security service providers
  • Customer support services
  • Marketing service providers (if you have opted in to marketing)

These providers are bound by contractual obligations to keep personal data confidential and use it only for the purposes for which we disclose it to them.

8.2 Business Partners

We may share your personal data with business partners, such as telecommunications providers or carriers, when necessary to provide you with requested services.

8.3 Legal Requirements

We may disclose your personal data if required to do so by law or in response to valid requests by public authorities (e.g., a court or a government agency).

8.4 Business Transactions

If we are involved in a merger, acquisition, or asset sale, your personal data may be transferred. We will provide notice before your personal data is transferred and becomes subject to a different Privacy Policy.

8.5 With Your Consent

We may share your personal data with third parties when we have your consent to do so.

9. International Transfers

We primarily process and store your data within the European Economic Area (EEA). However, some of our service providers may be based outside the EEA, which means your personal data may be transferred outside the EEA.

Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by implementing appropriate safeguards:

  • We may use specific contracts approved by the European Commission that give personal data the same protection it has in Europe (Standard Contractual Clauses)
  • Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield, which requires them to provide similar protection to personal data shared between the Europe and the US

10. Data Security

We have implemented appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

  • Encryption of personal data where appropriate
  • Regular testing, assessing, and evaluating the effectiveness of our security measures
  • Strict access controls to personal data
  • Employee training on data protection and security
  • Physical security measures at our facilities
  • Regular security audits and vulnerability assessments

We have procedures in place to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

11. Data Retention

We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider:

  • The amount, nature, and sensitivity of the personal data
  • The potential risk of harm from unauthorized use or disclosure
  • The purposes for which we process your personal data
  • Whether we can achieve those purposes through other means
  • The applicable legal requirements

Specific retention periods include:

  • Account information: For the duration of your relationship with us, plus 7 years for legal and tax purposes
  • Physical access logs: 12 months
  • CCTV footage: 90 days (as detailed in Section 7)
  • Marketing preferences: Until you withdraw consent

12. Your Data Protection Rights

Under data protection laws, you have the following rights:

  • Right to Access: You have the right to request copies of your personal data.
  • Right to Rectification: You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.
  • Right to Erasure: You have the right to request that we erase your personal data, under certain conditions.
  • Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data, under certain conditions.
  • Right to Object to Processing: You have the right to object to our processing of your personal data, under certain conditions.
  • Right to Data Portability: You have the right to request that we transfer the data we have collected to another organization, or directly to you, under certain conditions.
  • Right to Withdraw Consent: If we are relying on consent as the legal basis for processing your data, you have the right to withdraw your consent at any time.

If you wish to exercise any of these rights, please contact our Data Protection Officer at privacy@eastbaltinsight.com.

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.

We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

13. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to track activity on our website and hold certain information. Cookies are files with a small amount of data which may include an anonymous unique identifier.

For detailed information about the cookies we use and how to manage them, please see our Cookie Policy.

You can set your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our website.

You can manage your cookie preferences at any time by clicking the "Cookie Settings" button in the footer of our website.

14. Children's Privacy

Our website and services are not intended for children under the age of 18, and we do not knowingly collect personal data from children. If we learn that we have collected personal data from a child without verification of parental consent, we will take steps to remove that information from our servers.

15. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date at the top of this page.

We encourage you to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

16. Complaints

If you have a complaint about our handling of your personal data, please contact our Data Protection Officer at privacy@eastbaltinsight.com.

You also have the right to lodge a complaint with the Latvian Data State Inspectorate, the supervisory authority for data protection issues in Latvia. Their contact information can be found at https://www.dvi.gov.lv.

17. Contact Us

If you have any questions about this Privacy Policy, please contact our Data Protection Officer:

  • By email: privacy@eastbaltinsight.com
  • By phone: +371 2774 2313
  • By mail: VerdantVault Colocation, 13. janvāra iela 3, Centra rajons, Rīga, LV-1050, Latvia