Privacy Policy

Last updated: January 2025

1. Introduction

Cifriko Solvo ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This privacy policy explains how we collect, use, store, and protect your information when you use our website and services.

This policy complies with the General Data Protection Regulation (GDPR) and other applicable data protection laws in Belgium and the European Union.

2. Data Controller

Company Name: Cifriko Solvo
Location: Belgium
Contact: Via our contact form

3. What Data We Collect

3.1 Information You Provide

When you use our services or contact us, we may collect:

  • Contact Information: Name, email address, company name
  • Project Information: Requirements, specifications, and project details
  • Communication Data: Messages you send us via contact forms or email
  • Payment Information: Cryptocurrency wallet addresses (we do not store traditional payment card data)

3.2 Information Automatically Collected

  • Technical Data: IP address, browser type, device information
  • Usage Data: Pages visited, time spent on pages, referral sources
  • Cookies: See our Cookie Policy below

3.3 Information We Do NOT Collect

We do not:

  • Sell your data to third parties
  • Use invasive tracking or profiling
  • Store traditional payment card details (we accept cryptocurrency)
  • Collect unnecessary personal information

4. Legal Basis for Processing (GDPR)

We process your personal data based on the following legal grounds:

4.1 Contractual Necessity

Processing necessary to perform a contract with you or to take steps at your request before entering into a contract (e.g., providing services, project delivery).

4.2 Legitimate Interests

Processing necessary for our legitimate interests, such as:

  • Responding to inquiries and providing customer support
  • Improving our services and website
  • Fraud prevention and security

4.3 Consent

Where required, we obtain your explicit consent for specific processing activities, such as marketing communications or non-essential cookies.

4.4 Legal Obligation

Processing necessary to comply with legal obligations (e.g., tax law, anti-money laundering requirements).

5. How We Use Your Data

We use your personal data for the following purposes:

5.1 Service Delivery

  • Providing software development, security assessment, AI/LLM, and other IT services
  • Project management and communication
  • Technical support and troubleshooting

5.2 Communication

  • Responding to inquiries and contact form submissions
  • Sending project updates and important notices
  • Providing requested information about our services

5.3 Business Operations

  • Processing payments (including cryptocurrency transactions)
  • Maintaining financial records and accounting
  • Complying with legal and regulatory requirements

5.4 Website Improvement

  • Analyzing website usage to improve user experience
  • Identifying and fixing technical issues
  • Optimizing website performance

6. Data Sharing and Disclosure

6.1 We Do Not Sell Your Data

We never sell, rent, or trade your personal data to third parties for marketing purposes.

6.2 Service Providers

We may share data with trusted service providers who assist us in operating our business, such as:

  • Email service providers (for sending communications)
  • Hosting providers (for website infrastructure)
  • Payment processors (for cryptocurrency transactions)

All service providers are contractually bound to protect your data and use it only for specified purposes.

6.3 Legal Requirements

We may disclose your information if required by law or in response to valid legal requests from authorities.

6.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your data may be transferred to the new owner, subject to the same privacy protections.

7. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy:

  • Contact Form Data: 2 years from last contact
  • Project Data: Duration of project + 3 years for warranty/support purposes
  • Financial Records: 7 years (legal requirement in Belgium)
  • Security Assessment Data: Duration of engagement + 1 year
  • Website Logs: 90 days

After the retention period, we securely delete or anonymize your data.

8. Your Rights (GDPR)

Under GDPR, you have the following rights regarding your personal data:

8.1 Right of Access

You can request a copy of the personal data we hold about you.

8.2 Right to Rectification

You can request correction of inaccurate or incomplete data.

8.3 Right to Erasure ("Right to be Forgotten")

You can request deletion of your personal data, subject to legal retention requirements.

8.4 Right to Restriction

You can request that we limit the processing of your data in certain circumstances.

8.5 Right to Data Portability

You can request your data in a structured, machine-readable format.

8.6 Right to Object

You can object to processing based on legitimate interests or for marketing purposes.

8.7 Right to Withdraw Consent

Where processing is based on consent, you can withdraw it at any time.

8.8 How to Exercise Your Rights

To exercise any of these rights, please contact us via our contact form. We will respond within 30 days.

9. Data Security

We implement appropriate technical and organizational measures to protect your personal data:

  • Encryption: Data in transit is encrypted using HTTPS/TLS
  • Access Controls: Limited access to personal data on a need-to-know basis
  • Secure Storage: Data stored on secure servers with regular backups
  • Regular Security Audits: We perform regular security assessments
  • Employee Training: Staff are trained on data protection practices

While we strive to protect your data, no internet transmission is 100% secure. You transmit data at your own risk.

10. International Data Transfers

Your data is primarily processed within the European Economic Area (EEA). If we transfer data outside the EEA, we ensure appropriate safeguards are in place, such as:

  • EU Standard Contractual Clauses
  • Adequacy decisions by the European Commission
  • Privacy Shield certification (where applicable)

11. Cookie Policy

11.1 What Are Cookies

Cookies are small text files placed on your device when you visit our website. They help us provide a better user experience.

11.2 Types of Cookies We Use

Essential Cookies (Always Active)

These cookies are necessary for the website to function:

  • Session management
  • Security and authentication
  • Load balancing

Functional Cookies (Optional)

These cookies enhance functionality:

  • Language preference
  • Remember your settings

Analytics Cookies (Optional)

These cookies help us understand how visitors use our site:

  • Page views and traffic sources
  • User behavior and navigation patterns
  • Website performance metrics

11.3 Cookie Consent

We obtain your consent before using non-essential cookies. You can manage your cookie preferences at any time through our cookie consent banner.

11.4 How to Control Cookies

You can control cookies through:

  • Our cookie consent banner (shown on first visit)
  • Your browser settings (most browsers allow you to refuse or delete cookies)

Note: Disabling essential cookies may affect website functionality.

12. Third-Party Links

Our website may contain links to external sites (e.g., Kutimo, TechyShopping). We are not responsible for the privacy practices of these sites. We encourage you to read their privacy policies.

13. Children's Privacy

Our services are not directed at children under 16. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.

14. Cryptocurrency Transactions

14.1 Privacy Considerations

We accept cryptocurrency payments (including Monero/XMR) for enhanced privacy. Cryptocurrency transactions are recorded on public blockchains.

14.2 What We Store

We may store:

  • Transaction IDs (hashes)
  • Wallet addresses used for payment
  • Payment amounts and dates

14.3 Privacy-Preserving Cryptocurrencies

When using privacy-focused cryptocurrencies like Monero (XMR), transaction details are obfuscated on the blockchain, providing additional privacy.

15. Changes to This Policy

We may update this privacy policy from time to time. Changes will be posted on this page with an updated "Last Updated" date. Significant changes will be communicated via email or a prominent notice on our website.

We encourage you to review this policy periodically.

16. Contact Us & Data Protection Authority

16.1 Contact Information

For questions about this privacy policy or to exercise your rights, please contact us via our contact form.

16.2 Supervisory Authority

If you believe we have not addressed your concerns, you have the right to lodge a complaint with the Belgian Data Protection Authority:

Data Protection Authority (APD/GBA)
Rue de la Presse 35, 1000 Brussels, Belgium
Website: www.dataprotectionauthority.be

Last Updated: January 2025

Company: Cifriko Solvo, Belgium

GDPR Compliance: This policy complies with EU Regulation 2016/679 (GDPR)