Privacy Policy

1. Who We Are

Intrusti GmbH is a German company specializing in EU Data Act compliance services. We help businesses implement data portability requirements and ensure compliance with European data regulations.

2. Information We Collect

2.1 Information You Provide

When you contact us through our website forms, we may collect:

• Your name (optional)
• Email address
• Company name and details (optional)
• Message content and inquiry details
• Any other information you choose to provide

2.2 Analytics Information

We use PostHog analytics in cookie-free mode to understand how visitors use our website. This includes:

• Pages visited and time spent on site
• General location data (country/region level)
• Device and browser information
• Referral sources

Important: We do not use cookies for analytics and do not track individual users across sessions.

3. No Cookies Policy

Our website does not use cookies for any purpose. We have specifically configured our analytics to operate in cookie-free mode to respect your privacy and eliminate the need for cookie consent banners.

4. How We Use Your Information

We use the information we collect for the following purposes:

• Responding to your inquiries and providing customer support
• Providing information about our services
• Improving our website and services through analytics
• Complying with legal obligations

We do not use your personal information for marketing purposes unless you explicitly consent to receive marketing communications.

5. Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds:

• Legitimate Interest: For analytics and website improvement
• Contract Performance: To respond to your service inquiries
• Consent: When you voluntarily submit information through our forms
• Legal Compliance: To meet our legal obligations

6. Data Sharing and Third Parties

6.1 Service Providers

We work with the following third-party service providers:

• Vercel: Website hosting and infrastructure
• PostHog: Privacy-focused analytics (cookie-free mode)

These providers have access to your data only as necessary to perform their services and are bound by data protection agreements.

6.2 No Sale of Data

We do not sell, rent, or trade your personal information to third parties for any purpose.

7. Data Storage and Security

We take appropriate technical and organizational measures to protect your personal data:

• Data is encrypted in transit and at rest
• Access to personal data is restricted to authorized personnel only
• Regular security assessments and updates
• Secure hosting infrastructure provided by Vercel

Your data is primarily stored within the European Union and processed in accordance with GDPR requirements.

8. Data Retention

We retain your personal data only for as long as necessary:

• Contact Form Data: Retained for up to 3 years to provide ongoing support
• Analytics Data: Aggregated and anonymized data retained for statistical purposes
• Legal Requirements: Some data may be retained longer to comply with legal obligations

9. Your Rights Under GDPR

As a data subject, you have the following rights:

• Right of Access: Request a copy of your personal data
• Right to Rectification: Correct inaccurate personal data
• Right to Erasure: Request deletion of your personal data
• Right to Restrict Processing: Limit how we use your data
• Right to Data Portability: Receive your data in a portable format
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent at any time

To exercise any of these rights, please contact us at patrick@intrusti.com. We will respond within 30 days.

10. International Data Transfers

When we transfer your data outside the EU/EEA, we ensure appropriate safeguards are in place, such as adequacy decisions, standard contractual clauses, or other approved transfer mechanisms under GDPR.

11. Children's Privacy

Our services are not directed to children under 16 years of age. We do not knowingly collect personal information from children under 16. If you believe we have collected information from a child under 16, please contact us immediately.

12. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of any material changes by posting the new policy on this page with an updated revision date. We encourage you to review this policy periodically.

13. Contact Us

If you have any questions about this privacy policy or our data practices, please contact us:

You also have the right to lodge a complaint with a supervisory authority if you believe your data protection rights have been violated.