Privacy Policy

1. Data Controller

The data controller responsible for processing your personal data is:

If you have any questions about this Privacy Policy or our data practices, please contact us at the address above.

2. Personal Data We Collect

We collect personal data in the following ways:

Information you provide directly

• Contact form submissions — your name, email address, company name, and message content when you reach out through our contact page.
• Email correspondence — information you share when communicating with us via email.
• Business inquiries — project details, requirements, and contact information shared during consultations.

Information collected automatically

• Usage data — pages visited, time spent on site, referring URLs, and navigation patterns.
• Technical data — IP address, browser type and version, operating system, device type, and screen resolution.
• Cookies and similar technologies — as described in Section 7 of this policy.

3. Purpose and Legal Basis for Processing

We process your personal data for the following purposes:

• Responding to inquiries — to reply to your contact form submissions and emails. Legal basis: legitimate interest and, where applicable, performance of a contract.
• Service delivery — to provide consulting, software development, and AI services you have engaged us for. Legal basis: performance of a contract.
• Website improvement — to analyse how visitors use our site and improve user experience. Legal basis: legitimate interest.
• Security — to protect our website and infrastructure from abuse. Legal basis: legitimate interest.
• Legal compliance — to comply with applicable legal obligations. Legal basis: legal obligation.

4. Data Sharing and Third Parties

We do not sell, trade, or rent your personal data. We may share your data with the following categories of recipients only as necessary:

• Hosting providers — our website is hosted on infrastructure that may process technical data (IP addresses, access logs) for service delivery.
• Analytics services — we may use privacy-respecting analytics tools to understand site usage patterns. Data is anonymised or pseudonymised where possible.
• Email service providers — for delivering responses to your contact form submissions.
• Legal authorities — when required by law, court order, or regulatory obligation.

All third-party processors are contractually bound to protect your data in accordance with GDPR requirements.

5. International Data Transfers

Your data is primarily processed within the European Economic Area (EEA). If any data transfer outside the EEA is necessary (for example, through third-party service providers), we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission or adequacy decisions.

6. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected:

• Contact form data — retained for up to 12 months after your last interaction, unless a business relationship is established.
• Client project data — retained for the duration of the business relationship and up to 5 years thereafter for legal and accounting purposes.
• Analytics data — aggregated and anonymised data may be retained indefinitely. Identifiable analytics data is retained for up to 26 months.
• Technical logs — retained for up to 90 days for security purposes.

7. Cookies and Tracking Technologies

Our website uses cookies and similar technologies grouped into the following categories:

Necessary cookies

Essential cookies that enable core functionality like security, accessibility preferences, and consent management. The website cannot function properly without these cookies. They include cookies that store your accessibility preferences (font size, high contrast mode) and your cookie consent choices.

Analytics cookies

With your consent, we use analytics cookies (such as Google Analytics) to understand how visitors interact with our website. These cookies collect information in an anonymised form, including the number of visitors, the pages visited, and the source of traffic.

Marketing cookies

With your consent, marketing cookies may be used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user. These cookies may share information with third-party advertising networks.

Preference cookies

With your consent, preference cookies enable the website to remember choices you make (such as your preferred language or region) and provide enhanced, more personalized features beyond the essential functionality.

Managing cookies

When you first visit our website, a cookie consent banner will appear allowing you to accept all cookies, reject non-essential cookies, or customize your preferences by category. You can change your cookie preferences at any time by clicking the Cookie Settings link in the footer. You can also control cookies through your browser settings. Please note that disabling certain cookies may affect the functionality of this website.

8. Your Rights Under GDPR

As a data subject under the General Data Protection Regulation (GDPR), you have the following rights:

• Right of access — request a copy of the personal data we hold about you.
• Right to rectification — request correction of inaccurate or incomplete data.
• Right to erasure — request deletion of your personal data where there is no compelling reason for continued processing.
• Right to restrict processing — request limitation of how we use your data.
• Right to data portability — receive your data in a structured, machine-readable format.
• Right to object — object to processing based on legitimate interests or for direct marketing purposes.
• Right to withdraw consent — where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, please contact us at [email protected]. We will respond within 30 days of receiving your request.

9. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include encrypted data transmission (TLS/SSL), access controls, regular security assessments, and secure hosting infrastructure.

While we strive to protect your data, no method of electronic transmission or storage is completely secure. We encourage you to contact us immediately if you suspect any unauthorised use of your data.

10. Children’s Privacy

Our website and services are not directed at individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child without parental consent, we will take steps to delete that information promptly.

11. Links to External Sites

Our website may contain links to external websites (such as LinkedIn or project references). We are not responsible for the privacy practices of these third-party sites. We encourage you to review the privacy policies of any external sites you visit.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. When we make changes, we will update the “Last updated” date at the top of this page. We encourage you to review this page periodically.

13. Supervisory Authority

If you are not satisfied with how we handle your personal data or your privacy rights request, you have the right to lodge a complaint with the Croatian Personal Data Protection Agency (AZOP):

14. Contact Us

For any questions, concerns, or requests related to this Privacy Policy or our data processing practices, please contact us: