Skip to content
Virtual Sport Group logo

Privacy Policy

Effective date: 18 March 2026

This Privacy Policy explains how Virtual Sport Group Ltd (“VSG”, “we”, “us”) collects, uses and protects personal data when you visit our website, when you use our Quest app “Leeds Rhinos - Legends” and related services, and when you contact us.

1. Who we are

VSG is the data controller for the personal data processed through our website and through our Quest app “Leeds Rhinos - Legends” and related services. If you have questions about this policy, please contact us using the details in section 12.

2. Personal data we collect

The types of personal data we may collect include:

  • • Information you provide via our contact form and/or other enquiry routes (when operational), such as name, email address, organisation, role, and the message you send.
  • • Technical and device data such as your IP address, browser/device type, approximate location derived from IP, and identifiers related to your device and connection, as well as information about pages viewed and interactions with our website and the Leeds Rhinos - Legends app and related services (including where relevant, information provided to us by Meta or similar platforms).
  • • Any other details you choose to include when you contact us or use our services.

In the current implementation of our website, the contact form does not transmit your submission to us (it displays a confirmation message in your browser). If we do not receive your details, we cannot process them. Where you contact us through other operational channels, we process the information you provide for the purposes described in this policy.

3. How we use your data

We use personal data for the following purposes:

  • • To respond to enquiries we receive from you, and manage communications with you about our website and services.
  • • To provide, maintain and improve the Leeds Rhinos - Legends app and related services, including understanding how they are used and diagnosing issues.
  • • To administer our website and services and ensure security.
  • • To meet legal obligations and handle complaints or legal claims.

4. Legal basis

Under UK GDPR and the EU GDPR (where applicable), the legal bases we rely on include:

  • • Contract or steps prior to entering a contract (for example, to respond to an enquiry you send us).
  • • Legitimate interests (for example, improving our website and ensuring security), where those interests are not overridden by your rights.
  • • Consent (only where we use cookies or similar technologies that require consent).
  • • Legal obligation (where we must comply with applicable law).

5. Cookies and similar technologies

We may use cookies and similar technologies to help the website function properly, to understand usage, and to improve your experience. Where required, we will ask for your consent before placing non-essential cookies.

You can control cookies through your browser settings. If you disable certain cookies, some parts of the website may not function as intended.

6. Sharing your personal data

We do not sell your personal data. We may share personal data with:

  • • Service providers who help us operate the website and services (for example, hosting providers and suppliers of analytics or security tools).
  • • Professional advisers, such as legal or financial advisers, when necessary.
  • • Authorities, where required by law.

When we share data with service providers, we ensure appropriate safeguards are in place, and those providers only process data on our instructions (where applicable).

7. International transfers

If we use service providers that process data outside the UK or the EEA, we will ensure that transfers are protected by appropriate safeguards, such as adequacy decisions or standard contractual clauses, where required.

8. Data retention

We keep personal data only for as long as necessary for the purposes set out in this policy, including to fulfil our legal, accounting and reporting obligations. Retention periods vary depending on the type of data and why it is processed.

9. Your rights

Depending on where you are located, you may have rights under applicable data protection laws, including:

  • • The right to access your personal data.
  • • The right to rectification if data is inaccurate.
  • • The right to erasure in certain circumstances.
  • • The right to restrict or object to processing.
  • • The right to data portability (where applicable).
  • • The right to withdraw consent at any time (where processing is based on consent).

You can exercise these rights (including requests for erasure/deletion) by contacting us using the details below. You also have the right to lodge a complaint with your local data protection authority.

10. Security

We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse or alteration. However, no method of transmission over the internet or method of electronic storage is 100% secure.

11. Deletion requests

You can request deletion (erasure) of your personal data by contacting us at [email protected]. We will take reasonable steps to delete the relevant data, or restrict processing where required by law.

To help us locate your data, please include enough information for us to identify your request (for example, the email address you used to contact us).

12. Contact us

If you have any questions about this Privacy Policy or our data practices, please contact:

Email: [email protected]

Address: Sticks & Glass, York Place Buildings 6-8, York Place, Leeds, West Yorkshire, England, LS1 2DS

Note: This page should be reviewed and updated if your data flows change (for example, enabling contact form submission, adding analytics, or deploying cookies).