Privacy Policy
Last updated: 2025-02-10
2. Scope
This policy explains how we process personal data when you use our website and related services.
Cookies & Tracking: We do not set cookies or use tracking technologies. If we introduce non-essential cookies in the future, we will request your consent before setting them.
3. What Data We Collect
We aim to collect the minimum amount of personal data. Depending on how you interact with us, we may process:
- Contact details (e.g., name, email address, message content) — when you contact us via email or the contact page.
- Transactional/contract data — only if you become a customer or supplier (e.g., invoicing details, contract terms).
- Technical delivery data (server logs) — IP address, timestamp, requested URL, and user-agent may be processed transiently by our hosting provider to ensure availability and security.
Special categories of data: We do not intentionally collect sensitive data (e.g., health, religion). Please do not share such data with us.
4. Legal Bases for Processing
- Contract — to perform a contract or take steps at your request prior to entering a contract.
- Legitimate interests — to operate, secure, and improve our services (balanced against your rights).
- Legal obligation — to comply with applicable laws (e.g., tax, accounting).
- Consent — only where we explicitly ask for it and you freely give it (e.g., certain communications). You may withdraw consent at any time.
5. How We Use Your Data
- Respond to your inquiries and provide support.
- Provide and maintain our services and website.
- Ensure security, fraud prevention, and service integrity (e.g., logs by our host).
- Fulfill legal obligations (e.g., record retention).
6. Sharing & Processors
We do not sell your personal data.
Where processors are used, we have data processing agreements in place that meet GDPR requirements.
7. International Transfers
If personal data is transferred outside your jurisdiction, we will ensure appropriate safeguards (e.g., EU Standard Contractual Clauses, adequacy decisions) and supplementary measures where required.
8. Data Retention
We retain personal data only as long as necessary for the purposes described above:
- Contact inquiries: typically deleted within [X months] after resolution unless needed for legal claims.
- Contract/transaction records: retained for statutory periods (e.g., accounting/tax) of [Y years].
- Security logs: kept for [Z days/weeks] unless needed to investigate an incident.
9. Security
We implement appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction. Nevertheless, no method of transmission or storage is completely secure.
10. Your Rights (GDPR)
- Access — obtain a copy of your personal data.
- Rectification — correct inaccurate or incomplete data.
- Erasure — request deletion in certain circumstances (“right to be forgotten”).
- Restriction — limit processing in specific cases.
- Data portability — receive your data in a portable format.
- Objection — object to processing based on legitimate interests.
- Withdraw consent — where processing relies on consent.
These rights may be subject to legal limitations. We will respond without undue delay and within one month (extendable by two months for complex requests).
11. How to Exercise Your Rights
Send a request to our privacy contact:
To protect your data, we may need to verify your identity. Please describe which right you wish to exercise and any relevant details to help us locate your data.
12. Children’s Data
Our website is not directed at children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us data, please contact us to delete it.
13. Changes to This Policy
We may update this policy from time to time. Significant changes will be indicated on this page and, where appropriate, notified to you through other channels. The “Last updated” date shows the latest revision.