Last updated: July 2026

In short

We keep data collection to a minimum. We only process what we need to answer you and to run this website. We use no tracking or advertising cookies, we never sell data, and we embed no third-party trackers. You always have the right to access, correct and delete your data.

1. Controller

The controller responsible for processing personal data within the meaning of the GDPR is:

Software-Kontor Cyprus Ltd
Reg. No. HE 495568
Georgiou Karaiskaki 11-13, Carisa Salonica, Office 102
7560 Pervolia, Larnaca, Republic of Cyprus
Director: Carola Muschke
E-mail: info@software-kontor.com

For any question about data protection or to exercise your rights, contact us at the e-mail address above. We have not appointed a data protection officer, as we are not required to under the GDPR.

2. Principles and Legal Bases

We process personal data lawfully, fairly and in a way you can follow. We collect only what a given purpose requires, and we keep it no longer than necessary. Every processing activity rests on one of the following legal bases under Article 6(1) GDPR:

  • Article 6(1)(a) – your consent, for example when you voluntarily send us details through a form.
  • Article 6(1)(b) – performance of a contract, or steps taken at your request before entering into one.
  • Article 6(1)(c) – compliance with a legal obligation we are subject to, such as commercial and tax retention duties.
  • Article 6(1)(d) – protection of the vital interests of a natural person.
  • Article 6(1)(e) – performance of a task carried out in the public interest.
  • Article 6(1)(f) – our legitimate interests, such as running our website securely and defending it against misuse, provided your interests do not override them.

In practice we rely mainly on (b) and (f). We name the specific basis for each processing activity in the sections below.

3. What Data We Process

Contact via form or e-mail

When you write to us through the contact form or by e-mail, we process the details you provide: usually your name, your e-mail address, your company where relevant, and the content of your message. We use this data to handle your request and to correspond with you. The legal basis is Article 6(1)(b) GDPR where it concerns a contract or the steps leading to one; otherwise your consent under (a) or our legitimate interest in replying under (f).

We keep these messages for as long as handling your request requires. If a business relationship results, statutory retention periods apply. After that we delete the data, unless a retention obligation stands in the way.

Server log files

When you open this website, our hosting provider automatically records the technical access data your browser transmits. This usually includes:

  • the anonymised or shortened IP address,
  • the date and time of the request,
  • the page or file requested,
  • the referrer, that is the page you visited before,
  • the browser type, version and operating system.

This data is technically necessary to deliver the website, to keep it stable and secure, and to detect attacks. The legal basis is our legitimate interest under Article 6(1)(f) GDPR. Log data is stored only briefly and then deleted, unless it is needed to investigate a specific incident.

4. Cookies and Tracking

This website runs without tracking. We set no analytics, advertising or tracking cookies, and we embed no third-party services that follow your behaviour across websites. There is no profiling and no automated decision-making.

Because we use no cookies that require consent, we show you no cookie banner. Should a strictly necessary cookie ever be used to enable a basic function of the site, it happens solely on the basis of our legitimate interest under Article 6(1)(f) GDPR and without any analysis of your usage behaviour.

5. Recipients of Your Data

We do not pass your data on for advertising and we do not sell it. Only parties that support us in running the business have access to personal data, in particular:

  • our hosting and infrastructure provider, which technically delivers the website and the server log files,
  • e-mail and communication providers through which we handle your enquiries.

These service providers act as processors under Article 28 GDPR and are contractually bound to process your data only on our instructions and in line with the GDPR. We disclose data to public authorities only where we are legally obliged to do so.

6. International Transfers

We prefer service providers located in the European Union or the European Economic Area. If a transfer to a third country outside the EEA becomes necessary, it takes place only where an adequate level of data protection is ensured. The basis is either an adequacy decision of the European Commission or appropriate safeguards within the meaning of Articles 44 to 49 GDPR, in particular the European Commission's Standard Contractual Clauses. On request we will inform you about the specific safeguards in place.

7. Your Rights

Under the GDPR you have the following rights against us as controller:

Your data-subject rights under the GDPR at a glance.
RightBasisWhat it means
AccessArt. 15You can learn whether and which data we process about you, and obtain a copy.
RectificationArt. 16You can have inaccurate data corrected and incomplete data completed.
ErasureArt. 17You can request deletion of your data, unless a retention obligation stands in the way.
RestrictionArt. 18You can have processing temporarily restricted in certain cases.
Data portabilityArt. 20You can receive your data in a common format or have it transferred to another controller.
ObjectionArt. 21You can object, on grounds relating to your particular situation, to processing based on our legitimate interest.

Where you have given consent to a processing activity, you may withdraw it at any time with effect for the future. This does not affect the lawfulness of processing carried out before the withdrawal. To exercise your rights, a message to info@software-kontor.com is enough. Access and the exercise of your rights are generally free of charge.

8. Right to Lodge a Complaint

If you believe that we process your data in a way that does not comply with the GDPR, you can lodge a complaint with a data-protection supervisory authority. The authority competent for us is the Cypriot authority:

Office of the Commissioner for Personal Data Protection
(Γραφείο Επιτρόπου Προστασίας Δεδομένων Προσωπικού Χαρακτήρα)
1 Iasonos Street, 1082 Nicosia, Cyprus
E-mail: commissioner@dataprotection.gov.cy
Web: www.dataprotection.gov.cy

Regardless of this, you may also contact the supervisory authority of your place of residence or work within the EU.

9. Data Security

We take appropriate technical and organisational measures to protect your data against loss, misuse and unauthorised access. This includes encrypted transmission over TLS/HTTPS when you open this website. We review our measures regularly and adjust them to the state of the art. No one, however, can guarantee complete security for data transmitted over the internet.

10. External Links

Our website may contain links to third-party websites. We have no influence over their content or data-protection practices and take no responsibility for them. Once you follow such a link, the privacy terms of the respective provider apply. We recommend checking those before you use the site.

11. Changes to This Privacy Policy

We update this Privacy Policy when our processing or the legal requirements change. The version published on this page always applies. The date above shows the status of the current version. Where changes are significant, we will point them out in an appropriate way.

Questions about data protection? Write to us at info@software-kontor.com.