Privacy Policy

Introduction

We respect your privacy. This policy explains what data we collect, how we use it, and your rights. infront.cy is operated from Cyprus.

What we collect

• Contact form: name, email, phone, business name, message
• Website audit: URL, email, business name
• Payments: handled by Stripe (we never see or store card details)
• Analytics: anonymised usage data via Plausible (cookieless, no personal data)
• Cookies: only set with your consent (see Cookies Policy)

How we use your data

• To respond to your enquiry
• To deliver the services you have engaged us for
• To send you your website audit report
• To process payments
• To improve our website and services

Who we share data with

• Stripe (payment processing)
• Resend (transactional email)
• Plausible (cookieless analytics, no personal data)
• Chatwoot (live chat, if you initiate a conversation)

We do not sell, rent, or share your personal data with third parties for marketing purposes.

Data retention

• Contact form submissions: retained for the duration of the business relationship, then deleted upon request
• Audit reports: retained for 12 months
• Payment records: retained as required by law (minimum 6 years for tax purposes)

You may request deletion of your data at any time by contacting us.

Your rights

Under GDPR, you have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate data
• Request deletion of your data
• Object to processing of your data
• Data portability
• Withdraw consent at any time

Contact hello@infront.cy to exercise any of these rights.

Security

We use HTTPS encryption, secure authentication, and access controls to protect your data. Payment data is handled entirely by Stripe and never passes through our servers.

Changes to this policy

We may update this policy from time to time. Material changes will be communicated to active clients via email.

Contact

If you have questions about this policy, contact us at hello@infront.cy.