Privacy Policy

Last updated: 20 January 2026

1. Who is responsible for your data?Controller
Techtoria d.o.o.
Novi Sad, Serbia
Email: [email protected]If you have any questions about this Policy or how we handle personal data, contact us by email.

2. What data we collectWe collect and process only the data needed to operate this website, respond to enquiries, and provide our services.2.1 Data you provide directlyWhen you contact us (for example by email, booking a call, or via LinkedIn), we may receive:
• Your name
• Your email address
• Company name and role (if you provide them)
• Any other information you include in your message, meeting description, or attachments2.2 Data collected automaticallyWhen you visit our website, basic technical data may be collected automatically by our hosting and infrastructure providers, such as:
• IP address
• Browser type and version
• Device type and operating system
• Date and time of access
• Pages visited and basic interactions with the siteThis data is typically stored in server logs for security, diagnostics, and operational purposes.2.3 Cookies and similar technologies
• We currently do not use third-party advertising or marketing cookies.
• Our hosting platform and tools we use may set strictly necessary cookies (for example, for load balancing, security, or basic site functionality).
• If we add analytics or additional cookies in the future, we will update this Policy accordingly.

3. How we use your dataWe use personal data for the following purposes:

• Responding to enquiries
  To read and reply to emails and other messages you send us, and to schedule and hold meetings or calls.
• Preparing and delivering services
  To discuss potential work, prepare proposals, and perform our obligations under any contract with you or your company.
• Operating and securing the website
  To ensure the site is available, secure, and functioning correctly, and to detect and prevent abuse.
• Business administration
  To handle invoicing, accounting, legal, and tax obligations.
• Improving our services
  To understand what types of requests we receive and to improve how we present and deliver our services.We do not sell your personal data.

4. Legal bases for processingWhere data protection laws such as the GDPR apply, we rely on the following legal bases:

• Performance of a contract and steps prior to entering into a contract
  When you contact us about a potential engagement or we work with you as a client.
• Legitimate interests
  To operate and protect our website and systems, manage our business, and communicate with people who contact us, where these interests are not overridden by your rights and interests.
• Legal obligation
  To comply with legal requirements (for example, accounting and tax rules).
• Consent
  Where required (for example, for certain optional communications). You can withdraw consent at any time by contacting us.

5. How long we keep data

We keep personal data only as long as necessary for the purposes described above, including to comply with legal obligations.
Indicative retention periods:

• General enquiries and emails
  Usually up to 12–24 months after the last relevant contact, unless needed longer for potential engagement, record-keeping, or legal reasons.
• Client and project-related data
  For the duration of the engagement and for as long as required by law afterwards (for example, up to several years for accounting and tax records, depending on local regulations).
• Technical logs
  For a limited period as determined by our hosting and infrastructure providers, typically for security and diagnostics.When data is no longer needed, we delete or anonymize it where reasonably possible.

6. Who we share data withWe share personal data only where necessary for the purposes described above, or where required by law.Typical recipients and categories of third parties:
• Email and communication services
  For example, email hosting and related tools used to send and receive emails and meeting invites.
• Scheduling and meeting tools
  If you book a call or meeting via a scheduling link, your name and email may be processed by the scheduling provider and online meeting service.
• Website hosting and infrastructure providers
  That host our website and process technical data and logs on our behalf.
• Professional advisers
  Such as accountants, lawyers, or similar, where necessary for business and compliance.
• Public authorities
  Where we are legally required to disclose information (for example, tax authorities, regulators, or courts).These third parties act as independent controllers or as processors, depending on their role. We aim to work with reputable providers that have appropriate security and data protection practices.We do not share personal data with advertisers or data brokers.

7. International transfersSome of the service providers we use may store or process data in countries outside your own, including outside the EU/EEA.When this happens, we rely on the legal and contractual safeguards offered by those providers (for example, standard data protection clauses in their terms) to help protect your data.If you want to know more about where your data may be processed, you can contact us at [email protected].

8. Your rightsDepending on your location and applicable law (for example, if you are in the EU/EEA), you may have some or all of the following rights regarding your personal data:

• Right of access
  To know whether we process your personal data and to request a copy of it.
• Right to rectification
  To ask us to correct inaccurate or incomplete personal data.
• Right to erasure
  To request deletion of your personal data where there is no longer a valid reason for us to keep it.
• Right to restriction of processing
  To ask us to restrict processing of your data in certain circumstances.
• Right to data portability
  To receive personal data you have provided to us in a structured, commonly used, machine-readable format, where applicable.
• Right to object
  To object to certain processing based on our legitimate interests, in which case we will stop that processing unless we have compelling legitimate grounds to continue.
• Right to withdraw consent
  Where we rely on consent, you can withdraw it at any time; this will not affect the lawfulness of processing carried out before withdrawal.To exercise any of these rights, contact us at [email protected]. We may need to verify your identity before acting on your request.You also have the right to lodge a complaint with your local data protection authority if you believe your rights have been violated. We encourage you to contact us first so we can try to resolve any issue.

9. SecurityWe take reasonable technical and organizational measures to protect personal data from loss, misuse, unauthorized access, disclosure, alteration, or destruction.No system can be completely secure, but we aim to use sensible, industry-standard practices and to work with reputable service providers.

10. Third-party linksOur website may contain links to third-party websites or services (for example, LinkedIn, scheduling or meeting tools). We are not responsible for the privacy practices or content of those third parties.We encourage you to review the privacy policies of any third-party sites or services you visit.

11. Changes to this Privacy PolicyWe may update this Privacy Policy from time to time to reflect changes in our practices, technologies, or legal requirements.The “Last updated” date at the top of this page indicates when this Policy was last revised. If we make significant changes, we may provide additional notice (for example, on the website).

If you have any questions about this Privacy Policy or how we handle personal data, contact us at [email protected].