Who we are
Our website address is: https://www.virtualistant.com and we are mainly sevice based offering businesses of all sizes the required assistance through remote workers. We are locoated in Dhaka, Bangladesh and servicing clients in the US, Australia, and Canada.
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images available on the website.
Through every contact form we collect names, email addresses, and IP location of interested prospects. The submissions remain in our database for future connections, however, none of the information is neither shared nor sold to any third party. You can always reach out to us, just in case you might be interested to know what information we are currently holding in our database.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
With Analytics, we simply measure the bounce rate, how long the traffic stays on the website, the sources of traffic (channels), geographic locations of visitors and their landing pages. Based on those data our content is curated for suiting and attracting traffic of that specific category.
Who we share your data with:
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where we send your data
Visitors’ comments may be checked through an automated spam detection service first before we let them stay underneath our posts.
Your contact information
Your name, email address, phone number, and business identity are the only information we store on our database. In case you might be interested in knowing what we have stored about you, simply email us so we can share a link with you through which you could download to see whatever we have stored.
How we protect your data
Our data protection method involves encryption of plain text as well as 2FA methods to add extra security for preserving the sensitive data we hold about our stakeholders.
What data breach procedures we have in place
- In the case of a personal data breach, the controller shall without undue delay and, where feasible, not later than 72 hours after having become aware of it, notify the personal data breach to the supervisory authority competent in accordance with Article 55, unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons. 2Where the notification to the supervisory authority is not made within 72 hours, it shall be accompanied by reasons for the delay.
- The processor shall notify the controller without undue delay after becoming aware of a personal data breach.
- The notification referred to in paragraph 1 shall at least:
- describe the nature of the personal data breach including where possible, the categories and approximate number of data subjects concerned and the categories and approximate number of personal data records concerned;
- communicate the name and contact details of the data protection officer or other contact point where more information can be obtained;
- describe the likely consequences of the personal data breach;
- describe the measures taken or proposed to be taken by the controller to address the personal data breach, including, where appropriate, measures to mitigate its possible adverse effects.
- Where, and in so far as, it is not possible to provide the information at the same time, the information may be provided in phases without undue further delay.
- 1The controller shall document any personal data breaches, comprising the facts relating to the personal data breach, its effects and the remedial action taken. 2That documentation shall enable the supervisory authority to verify compliance with this Article.
What third parties we receive data from
Data generated from social channels are effectively utilized to curate content by prioritizing our clients’ intent. Through Facebook Insights we are able to collect data on impression as well as the engagement generated from our posts.
Industry regulatory disclosure requirements
Whenever a client requires HIPAA certification, we will provide a US legal-approved Business Associate Agreement, which comprises maintaining confidentiality of private information with a non-disclosure agreement (NDA) policy.
Extensive encryption method implemented to ward off unwanted access into our database. Our end-to-end data encryption method exercises 256-bit Secure Socket Layer (SSL) with the RC4 algorithm and 2048-bit key length. Moreover, our hosting partner exercises Service Organization Controls 1 (SOC 1) report, under both SSAE 16 and ISAE 3402 standards at the same time.