Privacy policy

1. Data Controller

The data controller responsible for the processing of your personal data is:

Sigmoid Consulting d.o.o.
Headquarters: Zagreb, Croatia
OIB: 41717067021

For any questions regarding personal data processing, you may contact us at:

Email: info@sigmoidconsulting.com
Phone: +385 95 7500 754

---

2. Personal Data We Collect

We may collect the following categories of personal data:

Contact and identification data, such as:

• Name
• Company name
• Email address
• Phone number

Technical and usage data, such as:

• IP address
• Browser type and device information
• Website interaction data (pages visited, session duration)

Most personal data is provided directly by you through contact forms, email communication, or consultation requests. Technical data is collected automatically through cookies and server logs.

---

3. Purpose and Legal Basis for Processing

We process personal data for the following purposes:

Responding to inquiries and preparing proposals

Legal basis: pre-contractual steps taken at your request

Providing consulting services and fulfilling contractual obligations

Legal basis: performance of a contract and legal obligations

Website analytics and service improvement

Legal basis: legitimate interest

Where consent is required (e.g., for optional cookies), data is processed based on your consent, which you may withdraw at any time.

---

4. Cookies

Our website uses cookies to ensure proper functionality, improve user experience, and analyze website performance.

These include:

• Essential cookies required for website operation
• Analytics cookies (e.g., Google Analytics)
• Third-party cookies for embedded content

When you first visit our website, you are presented with a cookie banner allowing you to accept or reject non-essential cookies.

You can manage your cookie preferences at any time through your browser settings.

---

5. Data Recipients

Personal data may be processed by trusted service providers acting on our behalf, including:

• EU-based hosting providers
• Email and communication service providers
• Analytics providers such as Google Ireland Ltd.

All processors are contractually bound to ensure appropriate data protection measures.

We do not sell, rent, or share personal data with third parties unless required by law.

---

6. Data Retention Period

Personal data is retained only as long as necessary:

• Contact inquiries: up to 12 months after communication ends
• Contractual and accounting records: up to 11 years, as required by law
• Analytics data: according to cookie retention periods

---

7. Your Rights

Under GDPR, you have the right to:

• Access your personal data
• Request correction of inaccurate data
• Request deletion of data
• Restrict processing
• Object to processing based on legitimate interest
• Request data portability

To exercise your rights, please contact:
info@sigmoidconsulting.com

You also have the right to lodge a complaint with your local data protection authority.

---

8. Data Security

We implement appropriate technical and organizational measures to protect personal data, including:

• SSL encryption
• Secure hosting infrastructure
• Access controls
• Regular system monitoring

---

9. International Data Transfers

Personal data is generally processed within the European Economic Area (EEA).

If data is transferred outside the EEA, it is protected using appropriate safeguards such as Standard Contractual Clauses.

---

10. Automated Decision-Making

We do not use automated decision-making or profiling that produces legal or similarly significant effects.

---

11. Changes to This Privacy Policy

This Privacy Policy may be updated periodically to reflect legal or operational changes.

The latest version will always be published on this page, including the effective date.

---

12. Contact

For any questions regarding this Privacy Policy or personal data processing, please contact:

Sigmoid Consulting d.o.o.
Email: info@sigmoidconsulting.com
Phone: +385 95 7500 754