Effective Date: 01.10.2025
Sqilli (operated by Thinkness) is committed to protecting your personal data in compliance with the EU's General Data Protection Regulation (GDPR). This policy explains how we collect, use, and process your personal data and your rights as a Data Subject.
1. Data Controller Contact Information
Sqilli (operated by Thinkness) acts as the Data Controller for the personal data covered by this policy.
To exercise your rights or ask questions about this policy, please contact us:
Organisation: Sqilli (operated by Thinkness)
Address: [Insert Full Address of Thinkness]
Email for Privacy Requests: [Insert a dedicated contact email address, e.g., [email protected]]
2. Personal Data We Collect
We collect the following types of personal data:
Identity and Contact Data: This primarily includes your Email Address when you subscribe to our newsletter or use a contact form. It may also include your name if you voluntarily provide it.
Technical and Usage Data: This includes information automatically collected when you use our website, such as your IP address, browser type, operating system, and details about the pages you view. This data is collected through cookies and analytics tools.
3. Lawful Basis and Purpose of Processing
Under GDPR, we must have a legal reason (Lawful Basis) to process your data.
Processing Based on Consent
For the following purposes, we rely on your explicit consent (Article 6(1)(a) of the GDPR). You have the right to withdraw this consent at any time.
Sending Marketing Communications: We use your Email Address to send you newsletters, updates, and promotional content.
Non-Essential Tracking: We use Technical/Usage Data collected via non-essential cookies (such as analytics or marketing cookies) to analyze website traffic and user behavior.
Processing Based on Legitimate Interest
For the following purposes, we rely on our Legitimate Interest (Article 6(1)(f) of the GDPR) to operate and secure our website, provided your rights are not overridden.
Website Security and Functionality: We process necessary Technical Data to ensure the basic security and stable operation of the website (e.g., essential session cookies, fraud detection).
4. Cookies and Tracking Technologies
We use cookies to improve your user experience. Cookies are small files stored on your device that help us remember your preferences and analyze how you use our site.
A Cookie Banner is displayed when you first visit our site. This banner provides you with the choice to Accept, Reject, or manage Granular Preferences for non-essential cookies. Non-essential cookies are not set until you provide consent.
We generally use the following types of cookies:
Strictly Necessary Cookies: Essential for the website to function securely and correctly (e.g., for user login sessions or security checks). These do not require consent.
Analytics/Performance Cookies: Used to measure website performance, count visits, and see how visitors move around the site. These require your consent.
[Add other categories like Functional or Marketing Cookies if applicable]: [Briefly describe the purpose of any other cookie category you use].
You can manage or withdraw your cookie consent at any time by clicking the "Cookie Settings" or "Manage Preferences" link usually located in the website footer.
5. Sharing and Transfer of Personal Data
We do not sell, rent, or trade your personal data. We may share your data with the following third parties who act as Data Processors on our behalf, solely for the purposes listed above:
Email Service Provider: To manage email lists and send communications.
Analytics Providers: To process usage data for performance analysis (e.g., Google Analytics).
Website Hosting Providers: To securely host our website and data.
International Data Transfers
If we transfer your personal data outside the European Economic Area (EEA), we ensure a similar degree of protection is afforded by using legally approved safeguards. This usually means relying on Standard Contractual Clauses (SCCs) approved by the European Commission, or ensuring the recipient country has an adequacy decision.
6. Data Retention and Security
We only retain your personal data for as long as necessary to fulfill the purposes for which we collected it, including satisfying any legal, accounting, or reporting requirements.
Email Subscriptions: We retain your email address until you exercise your right to unsubscribe or request deletion.
Data Security: We have implemented appropriate security measures, including encryption and access controls, to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way.
7. Your GDPR Rights as a Data Subject
Under the GDPR, you have the following rights regarding your personal data. You can exercise any of these rights by contacting us via the Email for Privacy Requests listed in Section 1.
Right to Access: You can request a copy of the personal data we hold about you.
Right to Rectification: You can ask us to correct incomplete or inaccurate data we hold about you.
Right to Erasure ('Right to be Forgotten'): You can request that we delete or remove personal data where there is no good reason for us to continue processing it.
Right to Restrict Processing: You can object to or ask us to suspend the processing of your personal data.
Right to Data Portability: You can request to receive your personal data in a structured, commonly used, machine-readable format.
Right to Object: You can object to the processing of your personal data where we are relying on a legitimate interest.
Right to Withdraw Consent: Where we rely on consent to process your data, you have the right to withdraw that consent at any time.
8. Right to Lodge a Complaint
If you believe our processing of your personal data infringes the GDPR, you have the right to lodge a complaint with a Supervisory Authority, particularly in the EU Member State of your habitual residence, place of work, or the place of the alleged infringement.
