Privacy Policy

Effective Date: May 11, 2026

1. Introduction

This Privacy Policy explains how PrivacyFrame ("we," "us," "our") collects, uses, and protects personal data when you use our website (https://www.privacyframe.io) and related services. As a team of privacy compliance consultants, we respect your privacy and are committed to protecting your personal data under the General Data Protection Regulation (GDPR).

2. Data Controller Information

The data controller responsible for processing your personal data is:

PrivacyFrame
Email: sk@privacyframe.io
Address: Polykarpou Smyrnis 8, 4044, Germasogeia, Limassol, Cyprus

3. Personal Data We Collect

Based on the actual setup of our website, we collect only the personal data necessary to provide our services and maintain site functionality. Specifically:

Identification details you provide directly:

  • Contact info – name and email address provided via the Consulation Request Form;
  • Communication data* – any other identification details provided as part of the communications to us which, when used in conjunction with other types of data, may potentially allow to identify yourself (e.g. company name, job title, etc.).

*Communication data covers any pieces of personal data which may be provided along with the messages, requests, or inquiries you send to us.

Technical data automatically collected through the website, limited to:

  • IP address;
  • Browser type and version;
  • Operating system;
  • Referral source (the site or search that led you to us);
  • Date and time of your visit;
  • Basic page interaction metrics (e.g., which pages you visited, time spent), if analytics tools (like Google Analytics) are active;
  • Cookies, only if you consent to their use (based on cookie banner settings).

We do not intentionally collect device-specific details like device model, screen resolution, or precise geolocation, nor do we collect sensitive personal data or data from children under 16 years of age.

4. Purposes and Legal Bases of Processing

We process your personal data only where permitted by law. Below you can find the breakdown:

Category of Personal DataSourceGrounds for processingPurposes of processing
Contact InfoUserFulfillment of contract; legitimate interest (maintenance of the clients list)(1) Conclusion of a contract;
(2) Reply to your inquiries or requests;
(3) Delivery of services
Usage and Technical DataUser; Third-partiesFulfillment of contract; legitimate interest (maintenance of the website)(1) Provision of website functions;
(2) Necessary technical analytics

5. Data Sharing and Categories of Recipients

We may share your data with the following categories of third-parties:

  • Service providers (e.g., hosting, analytics, communication tools) under strict confidentiality and data processing agreements.
  • Legal authorities if required to comply with legal obligations;
  • Third parties in the event of a business transfer or merger, in accordance with applicable laws.

We do not sell your personal data.

6. Data Retention

We retain personal data only as long as necessary for the purposes described above or as required by law. Once data is no longer needed, it is securely deleted.

7. International Data Transfers

We may transfer your personal data to countries outside of your jurisdiction, including to countries that may not provide the same level of data protection as your home country. Thus, where required, we ensure that data transfers outside of the EU to the countries, in relation to which no ‘adequacy’ decision has been made by the European Commission, are subject to appropriate safeguards such as (SCCs) and other mechanisms.

8. Your Rights

  • Right of access: You have a right to access the personal data that we collect and process about you.
  • Right to rectification: If you want to correct or revise any of the data we process on you.
  • Right to be forgotten: You have a right to request the permanent deletion your data. However, please note that exercising this right is also governed by legal and/or contractual retention guidelines.
  • Right to restrict processing: If you believe your personal data is inaccurate or collected unlawfully, you may request limited use of your personal data.
  • Right of portability: We provide you with the ability to move any of your data to a third party at any time.
  • Right to object: If you decide that you no longer wish to allow your data to be included in our analytics, you may contact us to request removal of this data. You may also achieve this by opting out of any marketing outreach that you previously agreed to either by choosing unsubscribe in the related email or by making this selection within your account.

To exercise these rights, contact us at sk@privacyframe.io.

9. Security Measures

We implement technical and organizational measures to ensure the confidentiality, integrity, and availability of your personal data, including secure hosting, encryption, and access controls.

10. Updates to This Policy

We reserve the right to update this Privacy Policy to reflect changes in law or our practices. Updates will be posted on our website with the revised effective date.

Should you have any queries or need any clarification on our privacy practices – please, email us at sk@privacyframe.io.