Privacy policy
Protecting your personal data is important to us. Here you'll find transparent information about which data we process and what rights you have under the General Data Protection Regulation (GDPR).
1. Controller
The controller within the meaning of the General Data Protection Regulation (GDPR) is:
CONFLUO GROUP LIMITEDGeorgiou Karaiskaki 11-13, Carisa Salonica, Office 102
7560 Pervolia, Larnaca, Republic of Cyprus
Email: [email protected]
2. General information on data processing
In principle, we only process the personal data of our users to the extent necessary to provide a functioning website together with our content and services. Processing generally takes place only with the user's consent or where processing is permitted by statutory provisions.
3. Legal bases
Depending on the operation, the processing of personal data is based on the following legal bases:
- Art. 6(1)(a) GDPR in the case of consent,
- Art. 6(1)(b) GDPR for the performance of a contract or pre-contractual measures,
- Art. 6(1)(c) GDPR for compliance with a legal obligation,
- Art. 6(1)(f) GDPR to safeguard legitimate interests.
4. Visiting our website & server log files
This website is hosted on Cloudflare Pages, operated by Cloudflare, Inc. on our behalf. Each time the website is accessed, our hosting processor (Cloudflare) automatically records information that your browser transmits. These are typically:
| Data category | Purpose |
|---|---|
| IP address (shortened/anonymised where possible) | Delivery of the website, security |
| Date and time of access | Technical operation, error analysis |
| Browser type and version, operating system | Compatibility, optimisation |
| Page accessed / volume of data transferred | Stable operation, abuse prevention |
This data is processed to ensure a smooth connection, system security and stability. The server log files are handled by Cloudflare as part of operating the hosting infrastructure. The legal basis is Art. 6(1)(f) GDPR; our legitimate interest lies in the secure and functional operation of the website. The log files are deleted after a short storage period, unless they are required to preserve evidence in the event of a security incident.
5. No cookies for marketing or tracking purposes
Our website does not use any tracking, analytics or marketing cookies and does not embed any external web fonts, analytics services or advertising networks. Fonts are loaded exclusively from the system fonts installed on your device, so that simply visiting the site does not transfer any data to third parties (e.g. font providers). A cookie banner is therefore not required.
6. Getting in touch & the contact form
If you contact us via the contact form or by email, we process the data you provide (in particular your name, email address, the selected subject and the content of your message) in order to handle your enquiry. The legal basis is Art. 6(1)(b) GDPR where your enquiry is aimed at concluding a contract, otherwise Art. 6(1)(f) GDPR (legitimate interest in responding to enquiries).
Note: The contact form on this website processes your input purely on the client side and, without a connected backend, does not transmit it automatically. The most reliable way to get in touch with binding effect is directly by email to [email protected].
We delete the data arising in this context as soon as the respective enquiry has been fully processed and no statutory retention obligations stand in the way.
7. Recipients of the data / processing on our behalf
To provide this website we use Cloudflare, Inc., which operates Cloudflare Pages and the associated content-delivery and security infrastructure on our behalf and according to our instructions (processing on our behalf pursuant to Art. 28 GDPR). Cloudflare may process technical connection data, including server log files, as described above. Your data is only passed on to other third parties where this is legally permissible or necessary for the performance of a contract.
8. Storage period
We only store personal data for as long as is necessary for the respective purposes or as required by statutory retention periods. Once the purpose no longer applies or these periods expire, the data is routinely deleted.
9. Your rights as a data subject
Under the GDPR you have the following rights:
- Access to the data processed about you (Art. 15 GDPR),
- Rectification of inaccurate data (Art. 16 GDPR),
- Erasure of your data (Art. 17 GDPR),
- Restriction of processing (Art. 18 GDPR),
- Data portability (Art. 20 GDPR),
- Objection to processing (Art. 21 GDPR),
- Withdrawal of consent with effect for the future (Art. 7(3) GDPR).
To exercise your rights, an informal message to [email protected] is sufficient.
10. Right to lodge a complaint with a supervisory authority
Without prejudice to any other remedy, you have the right to lodge a complaint with a data protection supervisory authority if you believe that the processing of your data infringes the GDPR. The competent authority is the Office of the Commissioner for Personal Data Protection of the Republic of Cyprus, as well as the supervisory authority of your habitual place of residence.
11. Data security
We use appropriate technical and organisational measures to protect your data against loss, manipulation and unauthorised access. Transmission is encrypted via a secured TLS/SSL connection (recognisable by the "https" in your browser's address bar).
12. Currency of this privacy policy
This privacy policy is updated where necessary, for example when the legal situation, processing activities or technical circumstances change. The current version published on this page always applies.