1. Who we are
This site (eywasolutions.net) is operated by [CLIENT-TO-PROVIDE: Registered legal name], a company registered in Malta under company number [CLIENT-TO-PROVIDE: Malta Business Registry (MBR) company number], with registered office at [CLIENT-TO-PROVIDE: Registered office address in Malta].
We act as data controller for personal data collected through this website. For client engagements, the data-controller / data-processor relationship is documented separately in each engagement contract.
2. What we collect on this website
At launch, this site is intentionally minimal in its data handling:
- No analytics — we do not run Google Analytics, Plausible, or any pageview-tracking product.
- No cookies — the site sets no first-party cookies and embeds no third-party scripts that set cookies.
- No contact form — the contact channel is email (the address is revealed by hovering or clicking the "[ reveal email ]" link). When you email us, you supply your email address and whatever content you choose to send.
- Scheduling links — clicking "Book a 30-minute discovery call" opens cal.com in a new tab. Once on cal.com, their privacy policy applies; we receive your name, email, and any notes you provide via that flow.
We will update this section the first time we add any tool that processes personal data on the marketing site.
3. Why we collect it
The only personal data we collect via this website is what you actively send us — an email enquiry or a booked discovery call. We use it to:
- Reply to your enquiry.
- Prepare for the discovery call.
- Send a written follow-up after the call, if appropriate.
Lawful basis: Article 6(1)(b) GDPR (steps taken at the request of the data subject prior to entering into a contract) or Article 6(1)(f) GDPR (legitimate interest in responding to inbound enquiries), as applicable.
4. Who else processes your data
When you interact with the site or the services it links to, the following data processors may receive your data:
Each of these processors operates under its own privacy terms. We do not sell or share your data with marketing networks, ad networks, or any third party not listed here.
5. International transfers
Where a processor (e.g. Google Fonts, Google Workspace) involves transfer of personal data to a third country, we rely on the relevant adequacy decisions or standard contractual clauses published by the European Commission.
6. How long we keep it
Email correspondence is retained for as long as the relationship is active and for a reasonable period afterwards (typically up to [CLIENT-TO-PROVIDE: retention period — recommended 24 months] for tax, accounting, and contract-history purposes). Booked call records on cal.com are subject to cal.com's retention terms.
7. Your rights
Under the GDPR, you have the right to:
- Access the personal data we hold about you.
- Correct inaccurate or incomplete data.
- Request erasure of your data ("right to be forgotten"), subject to legal retention obligations.
- Object to processing where the lawful basis is legitimate interest.
- Restrict processing while we resolve a dispute about accuracy or lawful basis.
- Receive your data in a portable, machine-readable format.
- Withdraw consent at any time where processing is based on consent.
To exercise any of these rights, email [CLIENT-TO-PROVIDE: contact email — currently [email protected]]. We respond within one calendar month, extendable by two further months for complex requests (we will tell you if that applies).
8. Supervisory authority
The supervisory authority for data protection in Malta is the Information and Data Protection Commissioner (IDPC). You have the right to lodge a complaint with the IDPC if you believe we have not handled your personal data correctly.
9. Updates
We update this policy when our data processing changes — for example, when we add a new processor or introduce a contact form. The current version is dated [CLIENT-TO-PROVIDE: last-updated date].
10. Contact
For any privacy-related question: [CLIENT-TO-PROVIDE: contact email — currently [email protected]].