Privacy Policy

Last updated: January 2026

Introduction

Vexlorium AG ("we", "our", "us") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, process, and protect your personal information when you visit our website or use our services. As a financial services company registered in Austria (Registration Number: FN279543a), we comply with the General Data Protection Regulation (GDPR) and Austrian data protection laws.

Data Controller Information

The data controller for your personal information is:

Vexlorium AG
Taborstraße 52
9567 Villach, Carinthia
Austria
Registration Number: FN279543a
VAT Number: ATU27482315

Data We Collect

We may collect the following types of personal data when you interact with our website or services:

  • Contact Information: Name, email address, phone number, postal address
  • Financial Information: Information about your financial situation, investment goals, and risk tolerance (when you become a client)
  • Communication Data: Records of your communications with us, including emails, phone calls, and meeting notes
  • Website Usage Data: IP address, browser type, pages visited, time spent on pages, referring websites
  • Device Information: Device type, operating system, browser version, and other technical information
  • Marketing Preferences: Your preferences regarding marketing communications and cookies

The data collection occurs through various means including contact forms, consultation meetings, phone calls, emails, cookies, and analytics tools. We only collect information that is necessary for providing our services and fulfilling our legal obligations.

How We Use Your Information

We use your personal data for the following purposes, based on legitimate interests, contractual necessity, or legal compliance:

  • Service Provision: To provide financial planning, investment management, and wealth advisory services
  • Client Communication: To respond to inquiries, schedule consultations, and maintain ongoing client relationships
  • Legal Compliance: To comply with financial services regulations, anti-money laundering requirements, and other legal obligations
  • Website Improvement: To analyse website usage and improve our online services
  • Marketing: To send relevant information about our services (with your consent)
  • Risk Management: To assess and manage business risks associated with our services

We process your data fairly and transparently, ensuring that the use of your data is proportionate to the purposes for which it was collected. We do not sell your personal information to third parties.

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner.

For detailed information about the cookies we use, their purposes, and how to manage them, please refer to our Cookie Policy.

Data Sharing and Disclosure

We may share your personal data with the following categories of recipients:

  • Service Providers: Third-party companies that provide services on our behalf (e.g., IT support, analytics)
  • Regulatory Bodies: Austrian financial authorities and other regulatory bodies as required by law
  • Professional Advisors: Lawyers, accountants, and other professional advisors when necessary
  • Business Partners: In connection with potential business transactions (with appropriate confidentiality measures)

We ensure that all third parties who process your data on our behalf are bound by appropriate confidentiality and data protection obligations.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected and to comply with legal obligations:

  • Client Records: Maintained for the duration of the client relationship and up to 10 years after termination (as required by financial services regulations)
  • Marketing Data: Until you withdraw consent or opt out of marketing communications
  • Website Analytics: Typically stored for 26 months (Google Analytics default)
  • Communication Records: Maintained for up to 7 years for business and legal purposes

After the retention period expires, we securely delete or anonymise your personal data in accordance with our data retention policy.

Your Rights

Under GDPR and Austrian data protection law, you have the following rights regarding your personal data:

  • Right of Access: Request a copy of the personal data we hold about you
  • Right to Rectification: Request correction of inaccurate or incomplete personal data
  • Right to Erasure: Request deletion of your personal data in certain circumstances
  • Right to Restrict Processing: Request limitation of how we process your data
  • Right to Data Portability: Request transfer of your data to another service provider
  • Right to Object: Object to processing based on legitimate interests or for marketing purposes
  • Right to Withdraw Consent: Withdraw consent for processing where consent is the legal basis

To exercise any of these rights, please contact us using the information provided in the "Contact Us" section below. We will respond to your request within one month.

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit and at rest
  • Regular security assessments and updates
  • Access controls and user authentication
  • Staff training on data protection
  • Secure backup and recovery procedures

While we strive to protect your personal data, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security but are committed to maintaining industry-standard protection measures.

International Data Transfers

Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA) where our service providers are located. When such transfers occur, we ensure appropriate safeguards are in place, such as:

  • European Commission adequacy decisions
  • Standard contractual clauses approved by the European Commission
  • Binding corporate rules
  • Other legally recognised transfer mechanisms

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or business operations. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically.

Contact Us

If you have any questions about this Privacy Policy, wish to exercise your data protection rights, or have concerns about how we handle your personal data, please contact us:

Privacy Officer
Email: privacy@vexlorium.top
Phone: +43 4243561254
Post: Vexlorium AG, Taborstraße 52, 9567 Villach, Austria

You also have the right to lodge a complaint with the Austrian Data Protection Authority (Datenschutzbehörde) if you believe we have not handled your personal data in accordance with applicable law.

Legal Basis for Processing

We process your personal data based on the following legal grounds under GDPR:

  • Consent: When you have given clear consent for specific processing activities
  • Contract Performance: When processing is necessary for performing our services
  • Legal Obligation: When processing is required to comply with legal or regulatory requirements
  • Legitimate Interest: When processing is necessary for our legitimate business interests, balanced against your rights and interests