Privacy Policy
Protecting your personal data is important to us. Here you can transparently see which data we process and which rights you have under the General Data Protection Regulation (GDPR).
1. Controller
The controller within the meaning of the General Data Protection Regulation (GDPR) is:
CONFLUO GROUP LIMITED (Cogitavo brand)Georgiou Karaiskaki 11-13, Carisa Salonica, Office 102
7560 Pervolia, Larnaca, Republic of Cyprus
Email: [email protected]
2. General information on data processing
As a matter of principle, we only process personal data of our users to the extent necessary to provide a functioning website as well as our content and services. Processing regularly takes place only with the user's consent or where processing is permitted by statutory provisions.
3. Legal bases
The processing of personal data is based – depending on the operation – on the following legal bases:
- Art. 6(1)(a) GDPR for consent,
- Art. 6(1)(b) GDPR for the performance of a contract or pre-contractual measures,
- Art. 6(1)(c) GDPR for compliance with a legal obligation,
- Art. 6(1)(f) GDPR to safeguard legitimate interests.
4. Accessing our website & server log files
This website is provided via Cloudflare Pages. Each time the website is accessed, our hosting provider Cloudflare automatically collects information that your browser transmits. These are typically:
| Data category | Purpose |
|---|---|
| IP address (shortened/anonymized where possible) | Delivery of the website, security |
| Date and time of access | Technical operation, error analysis |
| Browser type and version, operating system | Compatibility, optimization |
| Page accessed / amount of data transferred | Stable operation, abuse prevention |
This data is processed to ensure a smooth connection setup, system security and stability. The legal basis is Art. 6(1)(f) GDPR; our legitimate interest lies in the secure and functional operation of the website. The server log files are processed at Cloudflare and deleted after a short storage period, unless they are required to preserve evidence in the event of a security incident.
5. No cookies for marketing or tracking purposes
Our website does not use any tracking, analytics or marketing cookies and does not embed any external web fonts, analytics services or advertising networks. Fonts are loaded exclusively from the system fonts installed on your device, so no data is transmitted to third parties (e.g. font providers) simply by visiting. A cookie banner is therefore not required.
6. Contact & contact form
If you contact us via the contact form or by email, we process the data you provide (in particular name, email address, and where applicable topic and content of your message) in order to handle your request. The legal basis is Art. 6(1)(b) GDPR, insofar as your request is aimed at concluding a contract, otherwise Art. 6(1)(f) GDPR (legitimate interest in answering enquiries).
Note: The contact form on this website processes input purely client-side and does not send it automatically without a connected backend. The most reliable way to make a binding contact is directly by email at [email protected].
We delete the data arising in this context as soon as the respective request has been conclusively processed and no statutory retention obligations prevent this.
7. Recipients of the data / processing on our behalf
To provide the website, we use Cloudflare, Inc. (Cloudflare Pages) as a hosting and content delivery provider, which operates the website on our behalf and according to our instructions (processing on our behalf in accordance with Art. 28 GDPR). This may also involve processing on servers outside the EU; Cloudflare ensures an adequate level of data protection through appropriate safeguards (including EU standard contractual clauses). Your data is only passed on to other third parties if this is legally permissible or necessary for the performance of a contract.
8. Storage period
We store personal data only for as long as is necessary for the respective purposes or as required by statutory retention periods. Once the purpose no longer applies or these periods expire, the data is routinely deleted.
9. Your rights as a data subject
Under the GDPR you have the following rights:
- Access to the data processed about you (Art. 15 GDPR),
- Rectification of inaccurate data (Art. 16 GDPR),
- Erasure of your data (Art. 17 GDPR),
- Restriction of processing (Art. 18 GDPR),
- Data portability (Art. 20 GDPR),
- Objection to processing (Art. 21 GDPR),
- Withdrawal of consent with effect for the future (Art. 7(3) GDPR).
To exercise your rights, an informal message to [email protected] is sufficient.
10. Right to lodge a complaint with a supervisory authority
Without prejudice to any other legal remedy, you have the right to lodge a complaint with a data protection supervisory authority if you believe that the processing of your data infringes the GDPR. The competent authority is in particular the data protection authority of the Republic of Cyprus (Office of the Commissioner for Personal Data Protection) as well as the supervisory authority of your usual place of residence.
11. Data security
We use appropriate technical and organizational measures to protect your data against loss, manipulation and unauthorized access. Transmission is encrypted via a secured TLS/SSL connection (recognizable by the "https" in the address bar of your browser).
12. Validity of this privacy policy
This privacy policy is updated as needed, for example when the legal situation, processing activities or technical circumstances change. The current version published on this page applies in each case.