Skip to main content

Privacy Policy

Last updated: March 2026

Introduction

We respect your privacy. This policy explains what data we collect, how we use it, and your rights. infront.cy is operated from Cyprus.

What we collect

  • Contact form: name, email, phone, business name, message
  • Website audit: URL, email, business name
  • Payments: handled by Stripe (we never see or store card details)
  • Analytics: anonymised usage data via Plausible (cookieless, no personal data)
  • Cookies: only set with your consent (see Cookies Policy)

How we use your data

  • To respond to your enquiry
  • To deliver the services you have engaged us for
  • To send you your website audit report
  • To send follow-up recommendations related to your website audit results
  • To process payments
  • To improve our website and services

Legal basis for processing

Under GDPR, we process your personal data on the following legal bases:

  • Consent: When you submit the website audit form, you explicitly consent to us processing your data and sending you your audit results by email. You may withdraw this consent at any time.
  • Legitimate interest: We may send limited follow-up communications related to your audit results, such as recommendations for improving issues identified in your audit. You can opt out at any time.
  • Contractual necessity: When you engage us for paid services, we process your data as necessary to deliver those services.
  • Legal obligation: We retain payment records as required by Cyprus tax law.

Email communications

When you submit the website audit form, you will receive:

  • Audit results email: An immediate email containing your audit score and a link to your full report.
  • Follow-up recommendations: We may send a limited number of follow-up emails with actionable recommendations based on your audit results. These are not marketing emails and are directly related to the service you requested.

You can unsubscribe from any follow-up emails by replying with "unsubscribe" or contacting hello@infront.cy. Your audit results will remain accessible regardless of your email preferences.

Who we share data with

  • Stripe (payment processing)
  • Resend (transactional email)
  • Plausible (cookieless analytics, no personal data)

We do not sell, rent, or share your personal data with third parties for marketing purposes.

Data retention

  • Contact form submissions: retained for the duration of the business relationship, then deleted upon request
  • Audit reports: retained for 12 months
  • Payment records: retained as required by law (minimum 6 years for tax purposes)

You may request deletion of your data at any time by contacting us.

Your rights

Under GDPR, you have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Object to processing of your data
  • Data portability
  • Withdraw consent at any time

Contact hello@infront.cy to exercise any of these rights.

Security

We use HTTPS encryption, secure authentication, and access controls to protect your data. Payment data is handled entirely by Stripe and never passes through our servers.

Changes to this policy

We may update this policy from time to time. Material changes will be communicated to active clients via email.

Contact

If you have questions about this policy, contact us at hello@infront.cy.