Privacy Policy


Last Updated: September 2019 


This Privacy Policy explains rules applicable to the processing of personal data by the companies of RVG group (including Rovagold RVG Ltd., hereinafter: RVG Group) in business, commercial and marketing relations. This Policy describes RVG group, explains why and how companies from the group process your personal data, what rights you have in relation to the processing of your personal data, and how you can contact us. 

I. Glossary – basic concepts

Personal data – all information related to you that we process. For example first name, last name, e-mail address, telephone number, information about your professional experience, etc. 


Processing – all activities performed relating to your personal data. For example: collecting, retaining, updating, sending messages to you, deleting data. 


GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation). 

II. Information about RVG group – the data controller

This information applies to companies of the RVG group. The list of the companies along with their contact details can be provided via the message service in our “Contact Us" section.


As a rule, each of the companies independently decides about the purposes and methods of personal data processing, which means that each of them is a separate data controller – depending on which company you contact, conclude a contract with, run business relations with etc., this company, usually, will be the data controller of your personal data.  


It may also happen that a particular company performs activities for another company from the RVG group, e.g. related to marketing – in this case, the company that performs such activities does not become the data controller of your personal data, but processes it on the basis of a data processing agreement concluded with the data controller. 

III. What personal data do we gather? What is the purpose and legal basis of processing?

We can process your personal data in the following situations:

o When you are our prospective or actual client, supplier or contractor;

o When you are interested in our activities (e.g. as the media);

o When you are acting on behalf of one of the persons/entities mentioned above, including when you are its employee or associate.

Therefore, your personal data can be processed:

o When you have provided us with your personal data through various communication channels (e.g. by sending an inquiry/ offer via e-mail, telephone or form on our website);

o As a part of our cooperation when signing or performing a contract, including when your personal data have been disclosed to us as a contact for the purpose of execution of a contract;

o When we have obtained your personal data from other sources (e.g. from the company which you cooperate with and which is our contractor/ client, including from another company of the RVG group, during events, or from publicly available sources/ websites).

The scope of personal data we process depends on the information that is vital for a given relationship 

o It primarily encompasses the content of documents, our correspondence/ communication, along with other information we have obtained from publicly available sources (e.g. LinkedIn). These data include in particular:

o Identification data, including first name and last name,

o Information regarding professional activity, including place of employment, position and/or department, qualifications;

o Contact details, including correspondence address, telephone number, e-mail address or other contact information.

When RVG group is processing your personal data in conjunction with a contract that is being concluded with you, the legal basis for such processing will then be Art. 6(1)(b) GDPR (it is necessary for the performance of a contract or in order to take steps at the request of the data subject prior to entering into a contract). 


If you are contacting us on your own behalf, for example, you have given us your business card with a request to send you particular information, we process your data in order to respond to your query and for the purpose of further correspondence/ contact in this matter. The legal basis for the processing of your personal data in accordance with this purpose will be your consent (Art. 6(1)(a) GDPR). 


If you are acting on behalf of our client, supplier, or another entity, we process your data in the context in which you are acting in the name of the third party, as well as for the conclusion and/or processing of a contract with that third party and/or carry out a joint project. The legal basis for processing of your personal data in accordance with this purpose will be our legitimate interest (Art. 6(1)(f) GDPR) – building and maintaining relations with the third party in whose name you are acting, including the conclusion and performance of relevant contracts with that party, as well as the intention of building a positive image of RVG group. 


Regardless of the foregoing, your personal data, that is, in particular, your first name and last name, as well as correspondence address and/or e-mail address, can be used by us in order to contact you from time to time (for example, to say thank you, send holiday season greetings, or to promote RVG group’s services). The legal basis for the processing of your personal data in accordance with this purpose will be our legitimate interest (Art. 6(1)(f) GDPR) – maintaining relations, building a positive image of RVG group and marketing of RVG group’s products and services. 


Additionally, with regard to the processing of your personal data in order to:

• Defend against potential claims, as well as for the purpose of potential directing claims – the legal basis for the processing of your personal data will be our legitimate interest (Art. 6(1)(f) GDPR);

• Fulfill legal obligations of the data controller (e.g. tax, accounting) – the legal basis for the processing of your personal data will be the necessity for compliance with a legal obligation to which the controller is subject (Art. 6(1)(c) GDPR).

When you use our website, we may process the following data:

• Technical information, including the IP address used to connect the computer to the Internet, logging information, the type and version of web browser, time zone settings, types and versions of browser plugins, operating system and platform;

• Information about your visit, including full URL, click path to, around and from our website (including time and date), services you browsed or searched for, response times, errors in downloading, duration of visit on some pages, information about interactions on the page (scrolling, clicking, mouse movements), methods used to exit the page, telephone number and/or social media used.

We process that data for the purpose of proper management of our website, to improve its performance, ensure its security, adapt its content to your preferences. In addition, we gather this data for internal purposes, including resolving issues, conducting data analyses, testing, research, statistics, and for survey purposes. The legal basis of our activities is your consent, except for cases when the use of such data is essential for the functioning of our website (electronic provision of a service to you within that scope); in such cases the legal basis will be our legitimate interest (Art. 6(1)(f) GDPR).