Privacy Policy

The data controller for your personal data is: **Ironbat Digital LLC** Address: 8 The Green (Suite B), Dover, DE 19901, United States Email: [email protected] Website: https://ironbat.digital We are committed to protecting your privacy and processing your personal data in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR) for European Union users.

We may collect the following types of personal data: • **Identification data**: name, surname, email, phone • **Company data**: company name, sector, position • **Browsing data**: IP address, browser type, pages visited • **Project data**: information you provide about your project or needs This data is collected when: - You fill out the contact or quote form - You subscribe to our newsletter - You browse our website - You communicate with us by email or phone

We process your personal data for the following purposes: 1. **Request management**: Respond to your inquiries and quote requests 2. **Service provision**: Execute contracted services 3. **Commercial communications**: Send you information about our services (only with your consent) 4. **Service improvement**: Analyze website usage to improve user experience 5. **Legal compliance**: Comply with our legal and tax obligations

The processing of your data is based on: • **Consent**: For sending commercial communications and using non-essential cookies • **Contract execution**: For providing requested services • **Legitimate interest**: For improving our services and website security • **Legal obligation**: For compliance with tax and legal obligations You can withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.

We retain your personal data for as long as necessary to fulfill the purpose for which it was collected: • **Contact data**: As long as there is a business relationship or until you request its deletion • **Billing data**: For the legally established period (minimum 6 years) • **Browsing data**: Maximum 2 years • **Commercial communications**: Until you withdraw your consent Once the retention period ends, data will be deleted or anonymized.

We implement appropriate technical and organizational measures to protect your personal data against: • Unauthorized access • Accidental or unlawful alteration or destruction • Accidental loss • Unauthorized disclosure These measures include: - Data encryption in transit (HTTPS/TLS) - Restricted access to personal data - Regular backups - Staff training in data protection

Some of our service providers may be located outside the European Economic Area (EEA). In these cases, we ensure that adequate safeguards exist to protect your data: • European Commission adequacy decisions • EU-approved standard contractual clauses • Certifications such as Privacy Shield (where applicable) You can request more information about the safeguards applied by contacting us.

According to the GDPR, you have the following rights: • **Access**: Know what personal data we process about you • **Rectification**: Correct inaccurate or incomplete data • **Erasure**: Request deletion of your data ("right to be forgotten") • **Restriction**: Restrict processing of your data in certain circumstances • **Portability**: Receive your data in a structured, commonly used format • **Objection**: Object to processing of your data in certain circumstances To exercise these rights, contact us at: **[email protected]** You also have the right to lodge a complaint with the competent data protection authority in your jurisdiction if you consider that your rights have been violated.