Legal

Privacy

How we process personal data on this website and when you contact us about our services. EU GDPR and US state privacy laws where applicable.

Last updated: 20 April 2026

Controller

Artur Au, trading as "Zen IT Digital" 19 Triq San Duminku, Attard, ATD 1314, Malta

Email: privacy@zen-it.digital

Scope

This Privacy Notice explains how we process personal data when you use this website and when you contact us regarding our services.

Categories of personal data

  • Identity and contact data (for example name, email, company)
  • Communication data (content of messages submitted through forms)
  • Usage data (for example page visits, timestamps, scroll depth, CTA clicks)
  • Technical data (for example IP-related logs, browser and device metadata)

Purposes and legal bases (Art. 6 GDPR)

  • Handling enquiries and pre-contract steps: Art. 6(1)(b) GDPR
  • Website operation, security and abuse prevention: Art. 6(1)(f) GDPR
  • First-party analytics without marketing cookies: Art. 6(1)(f) GDPR
  • Compliance with legal obligations: Art. 6(1)(c) GDPR
  • Newsletter delivery (if enabled): Art. 6(1)(a) GDPR (consent, revocable)

Processors and recipients

We use technical service providers to operate our services, including:

  • Supabase for database, form processing and admin access
  • Hosting/infrastructure providers for website delivery
  • Email providers for transactional and newsletter messages (if enabled)

We put appropriate data processing agreements in place where required by law.

Retention

  • Enquiry data: kept for as long as needed to handle requests and as required by law
  • Technical logs and analytics events: kept only as long as needed for operations, security and reporting
  • Newsletter data: kept until consent is withdrawn or the service is discontinued

International transfers

Where personal data is transferred outside the EEA, we rely on appropriate safeguards such as Standard Contractual Clauses (Art. 46 GDPR) or an adequacy decision.

Your rights

Subject to applicable law, you may have rights to:

  • Access
  • Rectification
  • Erasure
  • Restriction of processing
  • Data portability
  • Object to processing
  • Withdraw consent at any time for future processing

Right to lodge a complaint

You can lodge a complaint with a supervisory authority. In Malta, the competent authority is:

Information and Data Protection Commissioner (IDPC) Level 2, Airways House, High Street Sliema SLM 1549, Malta

Email: idpc.info@idpc.org.mt
Web: idpc.org.mt

US privacy (CCPA and similar laws)

We do not sell personal information. Where applicable under US state privacy laws, you may submit requests relating to access, deletion or correction by emailing privacy@zen-it.digital.

Updates

We may update this Privacy Notice to reflect legal, technical or operational changes.

Ready for the next step?

In 15 minutes we align goals, scope, and next actions.

Book a callSee services
Zen-IT Digital — Datenschutz · Privacy