Vy Group, LLC ("Vy Group," "we," "us") is a boutique advisory firm. We take privacy seriously — both because it is the right thing to do and because our clients trust us with confidential information about their businesses, their leaders, and their plans. This policy explains what we collect, how we use it, and the choices you have.
Who this applies to
This policy covers personal information we collect through vygroup.net, related subdomains, our email correspondence, and our advisory engagements. It applies to prospective clients, current clients, partners, vendors, and visitors to our website. Where a separate engagement letter or data-processing agreement applies, that agreement controls for the data covered by it.
Information we collect
Information you provide
- Contact details — name, role, company, email, phone — when you complete a form on our site or write to us directly.
- Engagement information — materials, briefings, meeting notes, and other content you share with us in the course of an engagement.
- Payment and billing details — for invoicing, processed by our finance vendors; we do not store full card numbers.
Information collected automatically
- Usage data — pages viewed, referring URL, approximate location, device and browser, and timestamps. We use this to understand how the site is used and to keep it secure.
- Cookies and similar technologies — see the Cookies & analytics section below.
Information from third parties
- Professional sources — public profiles, conference attendee lists, and referrals — when we are evaluating a potential engagement or partnership.
How we use information
We use personal information to:
- Respond to inquiries and run our advisory engagements.
- Send a small amount of correspondence — meeting confirmations, briefings, occasional perspectives. We do not run a high-volume marketing program.
- Operate, secure, and improve our site and services.
- Comply with legal, tax, and regulatory obligations, and to enforce our agreements.
We rely on the following legal bases where applicable: performance of a contract, legitimate interests in operating a professional services firm, your consent (which you may withdraw), and legal obligation.
When we share information
We share personal information only as necessary, and only with parties that are bound to handle it appropriately:
- Service providers — hosting, email, analytics, payment processing, and document collaboration platforms acting on our instructions.
- Professional advisors — accountants, lawyers, and insurers, subject to professional confidentiality.
- Sub-advisors on a specific engagement, subject to the same confidentiality terms we operate under.
- Authorities when required by law, valid legal process, or to protect our rights, our clients, or the public.
- Successors in connection with a merger, financing, or sale of assets — in which case the successor will be bound by terms at least as protective as this policy.
We do not sell personal information and we do not share it for cross-context behavioral advertising.
Cookies & analytics
We use a small set of cookies and similar technologies for three purposes:
- Essential — needed to load and serve the site.
- Analytics — aggregated, privacy-respecting measurement of site usage. We do not use these to build advertising profiles.
- Preferences — to remember low-stakes choices (for example, dismissed banners).
Most browsers let you block or delete cookies, and "Do Not Track" / Global Privacy Control signals are honored where we can detect them. Blocking cookies will not break the site; it will, at most, reset your preferences.
SMS & text messaging
If you provide us a mobile number — on a contact form, in correspondence, or as part of an engagement — we may send text messages (SMS/MMS) to that number for the limited purposes set out below.
What we use SMS for
- Operational and engagement messages only. Examples: confirming a meeting, sharing a calendar link, sending a brief logistical update during an active engagement, or following up on a specific inquiry you initiated.
What we do not use SMS for
- No marketing or promotional messages. We do not send newsletters, drip campaigns, sales offers, or other marketing content by SMS.
- No sharing of mobile numbers. Mobile numbers and SMS opt-in data are not shared, sold, or rented to any third party for marketing purposes. They are only shared with service providers (for example, our messaging vendor) acting on our instructions to deliver the operational messages described above, and as otherwise described in When we share information.
Consent
By providing your mobile number to us — for example, by typing it into a contact form or sharing it during an engagement — you agree that we may contact you at that number by call or SMS for the purposes described above. We treat that consent as operational, not marketing.
Opt out at any time
You may opt out of any further SMS at any time by replying STOP to any message from us. You may also reply HELP for assistance, or write to [email protected]. Standard message and data rates from your carrier may apply. Message frequency varies and is generally low (typically tied to a specific meeting or engagement).
Retention
We keep personal information only as long as needed for the purpose it was collected:
- Inquiry data — up to 24 months from last contact.
- Engagement records — for the duration of the engagement and for the period required by tax, professional, and regulatory standards (typically seven years).
- Site logs — typically 90 days.
Your rights
Depending on where you live, you may have rights to:
- Access the personal information we hold about you.
- Correct inaccurate information.
- Delete information, subject to legal and contractual exceptions.
- Object to or restrict certain processing.
- Receive a portable copy of information you provided.
- Withdraw consent at any time, where processing is based on consent.
- Lodge a complaint with your local data protection authority.
To exercise any of these, write to [email protected]. We will respond within the time required by applicable law (typically 30–45 days). We will not retaliate for the exercise of any right.
For California residents (CCPA/CPRA)
The categories of personal information we collect are described in "Information we collect"; the purposes in "How we use information"; and disclosures in "When we share information." We do not sell or "share" personal information as those terms are defined under California law.
Security
We use reasonable administrative, technical, and organizational measures to protect personal information — including encryption in transit, access controls, vendor diligence, and employee confidentiality obligations. No system is perfectly secure; if we become aware of a security incident affecting your information, we will notify you and the appropriate authorities as required by law.
International transfers
We are based in the United States. If you are located outside the U.S., your information may be processed in the U.S. or other countries with different data-protection laws. Where required, we use safeguards such as Standard Contractual Clauses and equivalent measures.
Children
Our services are intended for business audiences; we do not knowingly collect personal information from children under 16. If you believe a child has provided us information, please contact us and we will delete it.
Changes to this policy
We may update this policy from time to time. The "Last updated" date at the top of this page reflects the most recent change. If a change is material, we will notify clients with active engagements and post a notice on this page.
Contact us
Privacy questions and requests:
Vy Group, LLC
[email protected]
[email protected] · +1-470-888-7250