Privacy Policy

Upholding privacy as a fundamental human right, we strictly limit our collection of personal data to only what is necessary.

The most recent update to this privacy notice occurred on June 25, 2023.

Our privacy notice delineates the ways in which we handle personal data in alignment with the General Data Protection Regulation (GDPR) and other applicable privacy laws within our sphere of operation.

Recognizing the gravity of privacy, we have implemented numerous measures to ensure we provide unambiguous and transparent information regarding our data processing practices, in addition to clarifying your rights. Should any aspects of our policy seem unclear or incomplete, please do not hesitate to reach out to us.

Your data protection rights

  • Right to Access and Rectification: You are entitled to request access to or obtain a copy of the information we hold about you, and to request corrections for any inaccuracies.
  • Right to Object to Processing: In certain situations, you have the right to request that we cease processing your data.

Should you have any queries or wish to exercise one of your rights, please reach out to us. You can expect a response within 30 days of your request.

How we get your personal data

Our typical data processing involves personal data pertaining to:

  • Existing customers
  • Prospective customers
  • Partners
  • Visitors to our website

We engage in data processing when you:

  • Purchase our products or services
  • Submit your contact information to us
  • Reach out to us via phone, text, email, social media, or our website
  • Interact with our website in any other way

The provision of personal data is entirely voluntary on your part; however, without this information, we may not be able to offer you, our services. We assure you that we neither rent, purchase, nor sell personal data to or from others, employ automated decisions or profiling in our data processing, nor handle any special category data.

Purpose, lawful basis and retention periods

We ensure that your personal data is processed solely when we have a valid purpose and a legal basis to do so.

 You have the right to withdraw your consent at any point for any data processing that relies on your consent. Furthermore, you can contact us at any time to request that we cease processing or delete any of your data.

 We maintain procedures to confirm that personal data is removed from all pertinent systems when there is no longer a purpose or legal basis for its continued processing.

Details on the processing of your personal data

In the following section, we offer an in-depth explanation of the circumstances and methods of your data processing, the associated purposes, and the legal justification (lawful bases) for such actions. Additionally, we define the timeframes for data retention associated with these processes.

We process personal data when:

You communicate with us

Whenever you engage with us via our website (through the contact form or chat), email, phone (calls or text messages), or social media, we process personal data. Depending on the method and location of contact, this might include your name, contact information, IP address, and any additional details you opt to share with us. We utilize a Customer Relationship Management (CRM) system and a customer support system to process personal data related to potential and existing customers.

The primary objective of this processing is to enable us to respond to your queries and, in certain cases, maintain records to manage complaints or legal claims. The lawful basis for this processing falls under article 6(1)(f) of the GDPR, where our legitimate interests include the ability to address your queries and, in certain instances, retain records for handling complaints or legal claims. We conduct an internal GDPR audit annually to review this data, deleting personal data as required. Owing to the nature of our operations, we may retain this category of personal data for up to 3 years, or up to 10 years if mandated by legal obligations in line with accounting and bookkeeping regulations.

You purchase our products and services

When you purchase products and services from us, we process personal data such as your name, address, contact information, IP address, order and payment details, and purchase history.

Our objective in processing this data is to fulfil our obligation to deliver the products and services you’ve purchased and to manage our relationship with you as a customer. The lawful bases for such processing are (b) contract and (c) legal obligation, which pertain to accounting, tax, and other business rules and regulations that we are obliged to comply with.

We retain this data for as long as we are legally required to do so in accordance with any applicable rules and regulations. For instance, we are obligated by law to maintain business records, which may contain personal data, for a period of 10 years for accounting, tax, and other business purposes. Please reach out to us if you would like to understand the specifics as they apply to your situation.

You sign up on our website

When you register on our website, we process personal data including your email and IP address under lawful basis (f), where the purpose and legitimate interest align with our intention to provide our services to you.

We retain and process your email for as long as your account remains active on our website. You have the right to request the removal of your account at any time, exercising your right to erasure.

You visit our website

During your visit to our website, we may process personal data like your IP address and other technical details. This is carried out strictly for technical reasons to ensure the smooth operation of our website. The lawful basis for this processing falls under article 6(1)(f) of the GDPR, with the legitimate interest being our ability to deliver our services through our website effectively.

Whom we share your personal data with

In the course of conducting our business, we may occasionally need to share your personal data with certain parties, such as:

  • Data Processors: These are service providers that handle your personal data on our behalf, for various services like IT, administrative services, accounting, cloud storage, web hosting, and emailing, among others.
  • Professional Advisors: Professionals from various fields like law, finance, accounting, auditing, and insurance who provide us with advice.
  • Public Authorities: Certain public authorities to which we are legally required to report

We ensure that all such recipients uphold data security in line with good information security practices and in compliance with the stipulations of this Privacy Notice. We enter into a data processing agreement or addendum with any entity that processes data on our behalf.

Information security

We consider information security paramount and are committed to protecting your personal data in the most effective way possible. Our security measures include robust passwords, data encryption, access control, and two-factor authentication to shield our data and prevent unauthorized access, alteration, deletion, or any form of compromise of the data we store, including your personal data.

In the event of a personal data breach—defined as a security lapse leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to personal data—that presents a medium to high risk to affected individuals, we will report it to the national data authority within 72 hours. If the risk to affected individuals is considered high, we will also aim to notify them directly, where feasible.