Skip to content
SIVIWeb

Data and privacy

Privacy Policy

This policy explains what data SIVI Web receives through the website, project request form and working communication channels, why it is needed and how you can manage your data.

Updated: June 25, 2026

1. Who is responsible for data

The data controller is SIVI Web. For privacy questions, contact hello@siviweb.app or Telegram: @sivi_web.

If a separate proposal or contract is agreed for a specific project, it may define additional data processing terms.

2. Data we receive

  • Project request form data: name, contact, company or brand, project type, budget, deadline and project description.
  • Messages you send directly by Telegram or email.
  • Technical data that may be generated by the server or hosting provider: IP address, request date and time, page, browser type and response status.
  • Language preferences: the technical NEXT_LOCALE cookie and a localStorage entry used to open the site in the selected language.

3. Why we use data

  • To respond to a request, clarify the task, prepare an estimate, proposal or work plan.
  • To keep the website secure, detect errors, spam or technical abuse.
  • To remember the selected interface language.
  • To perform client arrangements if a project starts after the request.

4. Legal bases

For requests and proposal preparation, we process data to respond before possible arrangements are made. For technical security and website operation, we rely on legitimate interest. For separate marketing or optional communications, consent may be used where required.

5. Services that may process data

  • Telegram, when a request or notification is sent to the team through Telegram.
  • Resend or another email provider, when a request is delivered by email.
  • Hosting and infrastructure providers that support website operation, security and server logs.

6. Data retention

Requests are kept as long as needed to respond, prepare a proposal, run a project or meet legal obligations. If cooperation does not start, you can ask us to delete the data unless there is a lawful reason to keep it longer.

Technical logs are usually stored for a limited time needed for security, diagnostics and stable website operation.

7. Your rights

  • Ask for access to your data.
  • Ask to correct inaccurate data.
  • Ask to delete data or restrict its processing.
  • Object to certain processing.
  • Receive a copy of data in a portable format where applicable.
  • Withdraw consent where processing is based on consent.

8. Cookies and localStorage

The site uses technical storage for language preference. This is not an advertising tracker and is not used to sell data. You can clear cookies or localStorage in your browser settings, but you may need to choose the site language again.

9. Sharing and security

We do not sell personal data. Access to requests is limited to people who need it to respond, estimate or perform work. We use reasonable technical and organizational protection measures, but no online service can guarantee absolute security.

10. Policy changes

We may update this policy if the website, tools or data processing requirements change. The current version is always available on this page.

11. Google services, analytics and advertising

The website uses Vercel Analytics and Speed Insights as privacy-friendly analytics without marketing cookies for aggregated statistics and technical page metrics. As of this update, the website does not load Google Analytics, Google Ads, Google Tag Manager, YouTube embeds or other Google advertising tags unless needed. If such services are connected, we will update the actual tools list and, where required by law, ask for consent first.

If Google Analytics, Google Ads or another Google product is activated, Google may receive technical information about website interactions, including page URL, IP address, device/browser data, cookie identifiers or similar technologies. We must not send personal contact details from the request form to Google unless allowed by the specific service rules and applicable law.

For users in the EEA, UK and Switzerland, non-essential cookies, local storage or ad personalization through Google services should only be used after legally valid consent where required. Users should receive clear information about who collects data, why, and how consent can be withdrawn.

How Google uses information from partner sites and appsGoogle EU User Consent PolicyGoogle Analytics Terms of Service

12. Data categories, purposes and retention

  • Project request: name, contact, company, project type, budget, deadline and message. Purpose: response, estimate, proposal and preparation of cooperation. Retention: until communication, project or legal retention need ends.
  • Communication: email, Telegram username and message history. Purpose: dialogue, agreement of terms and project delivery. Retention: while cooperation continues or there is a justified need to keep agreement history.
  • Technical logs: IP address, date, time, URL, user agent and response status. Purpose: security, diagnostics and spam protection. Retention: limited period needed for stability and safety.
  • Language settings: NEXT_LOCALE cookie and sivi-locale in localStorage. Purpose: opening the site in the selected language. Retention: until browser cleanup or technical expiry.
  • Analytics or advertising, if enabled: page view events, technical speed metrics, cookie/localStorage identifiers, approximate location and device data. Purpose: statistics, effectiveness measurement and advertising. Retention: according to service settings and your consent.

13. International transfers, processors and DPA

Data may be processed by services or infrastructure providers outside the user's country. If data is transferred outside the EEA, we use available legal mechanisms such as adequacy decisions, standard contractual clauses, provider data processing terms or another lawful basis.

Processors and service providers should receive only data needed for the specific function: message delivery, hosting, security, email, communication or analytics. For client projects, additional processing terms may be recorded in a contract or Data Processing Agreement.

14. Automated decisions, children and complaints

  • The website does not make automated decisions that produce legal or similarly significant effects for users.
  • The website and services are intended for business clients and are not directed to children. If a child sent personal data without proper consent, contact us for deletion.
  • You may contact us about access, correction, deletion, restriction, objection, portability or consent withdrawal. You may also lodge a complaint with the competent data protection authority in your country.

Questions about privacy?

Contact us if you need to clarify what data is stored or how to delete a request.

Contact us
Privacy Policy - SIVI Web