Privacy Policy
Transparent data handling practices designed with your privacy rights at the center
GDPR Compliant
Full compliance with EU data protection regulations and privacy standards
Minimal Data Collection
We only collect what's necessary to provide you with valuable compliance resources
Transparent Processing
Clear information about how and why we process your personal data
Our Commitment to Privacy
We respect your privacy and are committed to protecting your personal data in accordance with the EU General Data Protection Regulation (GDPR) and other applicable privacy laws. As experts in EU compliance, we practice what we teach.
Data Controller
EU Cyber Laws is the data controller for any personal data collected through this website. You can contact us regarding any privacy matters through our contact form or email.
What Data We Collect
2.1 Website Analytics
Privacy-FirstWe use Simple Analytics to track website statistics for the improvement of this website. This service:
- Does not use cookies or track personal data
- Collects anonymized visitor statistics (page views, referrer sources)
- Does not collect IP addresses or other personally identifiable information
- Data collected is never sold or shared with third parties
- Is fully GDPR compliant and requires no consent
2.2 Contact Information
VoluntaryWhen you contact us via email or our web contact form, we collect:
- Your name and email address
- Any additional information you choose to provide in your message
- Timestamp of your inquiry
2.3 Technical Information
AutomaticOur web server automatically collects standard technical information including:
- IP addresses (for security and performance purposes only)
- Browser type and version
- Operating system
- Pages visited and time spent
2.4 Local Storage Data
Local OnlyWe use your browser's localStorage to store data locally on your device for enhanced functionality:
- Form progress and state during navigation between pages
- Assessment tool results and compliance tracking data
- Gap analysis progress and checklist completions
- Tool configurations and user workflow preferences
- Theme preferences and accessibility settings
How We Use Your Data
3.1 Contact Data
Purpose LimitationData provided through email or contact forms is used solely to:
- Respond to your inquiries
- Provide requested information about EU cybersecurity laws
- Improve our content based on user questions
3.2 Analytics Data
AnonymizedAnonymized website statistics are used to:
- Improve website performance and user experience
- Understand which content is most valuable to our users
- Identify technical issues
3.3 Local Storage Usage
Device OnlyData stored locally in your browser is used exclusively to:
- Preserve your progress through forms and assessment tools
- Remember your tool configurations and workflow preferences
- Maintain theme and accessibility settings between sessions
- Enable resumable gap analysis and compliance tracking
- Provide seamless user experience without data transmission
Legal Basis for Processing
Legal Foundations for Data Processing
GDPR Article 6We process your personal data based on the following legal grounds:
- Legitimate interest: Website analytics for improvement purposes
- Consent: When you voluntarily contact us via email or contact form
- Legitimate interest: Local storage for enhanced user experience and functionality
- Legal obligation: Compliance with applicable laws and regulations
Data Retention
5.1 Contact Data
User ControlDetails sent by email or through the web contact form will be retained until you request their removal. Upon receiving a removal request:
- Your data will be immediately removed from active systems
- Due to rolling backup procedures, definitive removal occurs within 3 months after your request
- You will be notified when complete removal is achieved
5.2 Analytics Data
AnonymousSimple Analytics retains anonymized data for statistical purposes.
- This data cannot be linked to individuals and does not require deletion requests
5.3 Technical Logs
Auto-PurgeServer logs are automatically purged for security and performance reasons.
- Server logs are automatically purged after 90 days
Data Sharing
Data Sharing Policy
No Sale PolicyWe do not sell, trade, or transfer your personal data to third parties. Limited sharing may occur only:
- With trusted service providers who assist in operating our website (under strict data protection agreements)
- When required by law or to protect our legal rights
- With your explicit consent
Your Rights Under GDPR
As a data subject, you have the following rights that we actively support and respect:
Right of Access
Request confirmation of data processing and obtain copies of your data
Right to Rectification
Correct inaccurate or incomplete data
Right to Erasure
Request deletion of your personal data ("right to be forgotten")
Right to Restrict Processing
Limit how we use your data
Right to Data Portability
Receive your data in a structured format
Right to Object
Object to processing based on legitimate interests
How to Exercise Your Rights
To exercise any of these rights, simply contact us using the information provided in the "Contact Us" section below. We will respond to your request within 30 days as required by GDPR.
Data Security
Security Measures
Multi-LayerWe implement appropriate technical and organizational measures to protect your data:
- HTTPS encryption for all data transmission
- Regular security updates and monitoring
- Access controls and authentication
- Regular backup procedures with encrypted storage
- Staff training on data protection principles
International Data Transfers
Data Location & Transfers
EU-BasedOur website is hosted within the European Union with GDPR-compliant practices:
- Website hosted within the European Union
- Simple Analytics (our analytics provider) is based in the Netherlands
- All data processing in accordance with GDPR requirements
- No personal data transfers outside the EU/EEA without appropriate safeguards
Children's Privacy
Age Restrictions & Child Protection
16+ OnlyThis website is intended for legal professionals, businesses, and individuals seeking information about EU cybersecurity laws.
- We do not knowingly collect personal data from children under 16 years of age
- Content is designed for professional and business audiences
- If we become aware of data collected from children, we will delete it immediately
Contact Us
For any questions about this privacy policy or to exercise your privacy rights, please contact us:
General Privacy
privacy@eu-cyber-laws.com
For all privacy-related inquiries
Data Protection Officer
dpo@eu-cyber-laws.com
For GDPR rights and data protection
Changes to This Policy
Policy Update Procedures
TransparencyWe may update this privacy policy periodically to reflect changes in our practices or legal requirements. We will notify users of material changes by:
- Updating the "Last updated" date at the top of this page
- Displaying a prominent notice on our website
- Sending email notifications to users who have contacted us (where applicable)
Supervisory Authority
Data Protection Rights & Complaints
GDPR RightsIf you believe we have not handled your personal data in accordance with GDPR, you have the right to lodge a complaint with your local data protection supervisory authority.
- You can file a complaint with your local data protection authority
- This right exists independently of any other legal remedy
- Complaints can be made in your country of residence, workplace, or where the alleged violation occurred