Privacy Policy

Salitas Technology Solutions Limited ("we," "us," or "our") is committed to protecting your privacy. This comprehensive Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website [www.salitastech.com] and use our services. We comply with the EU General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other global privacy frameworks.

1. Information We Collect

A. Personal Data

We may collect personally identifiable information when you voluntarily provide it:

• • Contact Information: Name, email address, phone number, company name
• • Professional Data: Job title, department, business interests
• • Account Credentials: Username, password (for client portals)
• • Payment Information: Billing address, transaction history (processed via PCI-compliant third parties)
• • Communications: Email content, chat transcripts, call recordings

B. Automatic Data Collection

When you interact with our website:

• • Usage Data: IP address, browser type, device identifiers, operating system
• • Browsing Activity: Pages visited, clickstream data, session duration
• • Location Data: Approximate geographic location (derived from IP)
• • Cookies & Tracking: See Section 9 for details

C. Data from Third Parties

We may receive information from:

• • Business partners (e.g., event co-sponsors)
• • Public databases and social media platforms
• • Service providers (e.g., analytics platforms)

2. Legal Basis for Processing (GDPR Compliance)

We process personal data under these legal bases:

• • Consent: When you opt-in to communications
• • Contractual Necessity: To fulfill service agreements
• • Legitimate Interests: For website security, fraud prevention, and business operations
• • Legal Obligation: To comply with applicable laws

3. How We Use Your Information

4. Data Sharing and Disclosure

We may share information with:

• • Service Providers: Hosting, analytics, payment processing (subject to strict data protection agreements)
• • Business Partners: Only with explicit consent for joint offerings
• • Legal Authorities: When required by law or to protect rights
• • Corporate Transactions: In mergers, acquisitions, or asset sales

We never sell personal data to third parties.

5. International Data Transfers

Data may be transferred outside your home country, including to:

• • United Kingdom (UK GDPR compliance)
• • European Economic Area (EEA)
• • United States (under Standard Contractual Clauses or Privacy Shield frameworks)

All transfers adhere to Chapter V of the GDPR and local regulations.

6. Data Retention

We retain personal data only as long as necessary:

• • Active clients: Duration of service + 6 years
• • Marketing contacts: Until consent withdrawal or 3 years of inactivity
• • Legal obligations: As required by applicable laws

Aggregated/anonymized data may be retained indefinitely.

7. Your Privacy Rights

Depending on your jurisdiction, you may have rights to:

• • Access: Request copies of your data
• • Rectification: Correct inaccurate information
• • Erasure: Delete your data ("Right to be Forgotten")
• • Restriction: Limit processing under certain conditions
• • Portability: Receive data in machine-readable format
• • Object: Opt-out of specific processing activities
• • Withdraw Consent: For consent-based processing

To exercise rights, contact us at [email protected]. We respond within 30 days and may require identity verification.

CCPA-Specific Rights: California residents may request disclosure of data categories sold/disclosed and opt-out of "sales" (we do not sell data).

8. Cookies and Tracking Technologies

We use:

• • Essential Cookies: Necessary for website functionality
• • Analytics Cookies: Google Analytics, Cloudflare Web Analytics (anonymized data)
• • Marketing Cookies: For targeted advertising (opt-in required)

Cookie Management:

Adjust preferences via our Cookie Banner or browser settings. Blocking essential cookies may impact website functionality.

9. Security Measures

We implement technical and organizational safeguards:

• • Encryption: TLS/SSL for data in transit, AES-256 for storage
• • Access Controls: Role-based permissions and MFA
• • Security Testing: Regular vulnerability scans and penetration testing
• • Employee Training: Annual privacy and security awareness programs

Despite these measures, no electronic transmission is 100% secure. We maintain incident response procedures for data breaches and will notify affected parties where legally required.

10. Children's Privacy

Our services are not directed to individuals under 16. We do not knowingly collect children's data. If we become aware of such collection, we will delete it immediately.

11. Third-Party Links

Our website may contain links to external sites. This Privacy Policy does not apply to third-party content. Review their privacy policies before engaging.

12. Policy Updates

We may update this policy periodically. Material changes will be:

• • Posted on this page with updated effective date
• • Communicated via email for significant revisions
• • Announced via website banner for 30 days

13. Contact Us

For privacy inquiries or to exercise rights:

14. Supervisory Authority (GDPR)

EU/EEA/UK residents have the right to lodge complaints with your local Data Protection Authority. For UK residents:

This policy was last reviewed and updated on 3 June 2025 to ensure continued compliance with evolving global regulations including the GDPR, CCPA/CPRA, Brazil's LGPD, and Canada's PIPEDA.