Privacy Policy

• Contact Information: Name, email address, phone number, company name
• Business Information: Project requirements, industry, company details
• Communication Data: Messages, inquiries, and feedback you send us
• Usage Data: Information about how you use our website (IP address, browser type, pages visited)
• Payment Data (processed via PayMob): Payment card information is processed directly through PayMob, our PCI DSS-compliant payment gateway. We do not collect, store, or process full card numbers, CVV codes, or cardholder authentication data on our systems. Tokenized payment references and transaction amounts are stored for billing and reconciliation purposes.

• Provide and improve our services
• Respond to your inquiries and requests
• Send you updates about our services (with your consent)
• Analyze website usage and improve user experience
• Comply with legal obligations
• Process payments and refunds in accordance with our Refund Policy

• Service Providers: Third-party services that help us operate our business (hosting, analytics, email services)
• Legal Requirements: When required by law or to protect our rights
• Business Transfers: In connection with a merger, acquisition, or sale of assets

• Contact and communication data: Retained for the duration of our business relationship plus 3 years following the last interaction
• Financial and payment records: Retained for the period required by applicable tax, financial, and anti-money laundering regulations
• Usage data and analytics: Retained for 26 months from the date of collection
• Account information: Retained until account closure, then deleted within 90 days

We implement appropriate technical and organizational measures to protect your personal information from unauthorized access, loss, or misuse, including encryption, access controls, and secure infrastructure. While we strive to protect your data, no method of transmission or storage is completely infallible.

• Access: Request a copy of your personal data
• Correction: Request correction of inaccurate data
• Deletion: Request deletion of your data
• Opt-Out: Unsubscribe from marketing communications
• Data Portability: Receive your data in a structured format
• Restriction: Request restriction of processing (GDPR)
• Objection: Object to processing based on legitimate interests (GDPR)
• Withdraw Consent: Withdraw consent at any time where processing is based on consent
• Lodge a Complaint: File a complaint with your local data protection supervisory authority
• Know / Opt-Out of Sale (CCPA): California residents may request disclosure of data collected and opt out of any sale of personal information. We do not sell your personal information, and you have the right to non-discrimination for exercising any of your CCPA rights.
• Rights under local data protection law: Residents of certain jurisdictions may have additional rights under applicable local data protection laws

• Strictly Necessary: Required for the website to function (e.g., session management, security). These cannot be disabled.
• Analytics & Performance: Help us understand how visitors interact with our site (e.g., Google Analytics). Only deployed with your consent.
• Marketing & Targeting: Used to deliver relevant ads and track campaign performance. Only deployed with your consent.

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place to protect your data in accordance with this Privacy Policy.

Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected personal data from a child without verification of parental consent, we will take steps to delete that information promptly.

In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the relevant data protection authority within the timeframe required by applicable law. If the breach is likely to result in a high risk to your rights and freedoms, we will also notify you without undue delay, providing information about the nature of the breach, the categories of data affected, and the measures we have taken or propose to take to address it.

• Email: dpo@sia-tech.org

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy on our website and updating the "Last Updated" date.

If you are a client who requires a Data Processing Agreement (DPA) as a data controller under applicable law, please contact us at contact@sia-tech.org to request a signed DPA.