Derg Technology

Privacy Policy

Last updated January 15, 2025 · GDPR compliant

Your privacy is important to us. This policy explains how Derg Tech collects, uses, and protects your personal information in compliance with the GDPR and other applicable privacy laws. By using our website or services, you agree to the practices described below.

Data Controller

Derg Tech is the controller responsible for your personal data. You can reach us about any privacy matter at privacy@dergtech.com, or contact our Data Protection Officer at dpo@dergtech.com.

Information We Collect

We only collect the information we need to provide and improve our services. This includes:

  • Contact information — such as your name, email address, phone number, and company, provided when you reach out to us. Retained for up to 3 years after our last contact.
  • Technical information — such as IP address, browser type, device details, and usage analytics. Analytics data is kept for 12 months and server logs for 30 days.
  • Project information — requirements, specifications, and communications shared during a project. Retained as part of our business records as required by law.
  • Marketing preferences — your subscription and consent choices, kept until you withdraw consent.

Legal Basis for Processing

Under the GDPR, we rely on one or more of the following legal bases to process your data:

  • Consent — for newsletters, marketing, cookies, and other optional processing.
  • Contract performance — to deliver the services and support you have requested.
  • Legitimate interest — for service delivery, customer support, and quality assurance.
  • Legal obligation — where processing is required by law, such as tax and compliance records.

Your Rights

You have the right to access, correct, delete, or export your personal data, as well as to object to or restrict its processing. To exercise any of these rights, email us at privacy@dergtech.com. We respond to verified requests within 30 days, and immediately for direct-marketing objections.

Third-Party Services

We work with trusted providers to operate our business — for example, analytics, email and document collaboration, cloud hosting, and payment processing. Each provider is bound by a data processing agreement and appropriate safeguards, and we prioritize services that store data within the EU/EEA.

International Data Transfers

When we transfer personal data outside the EU/EEA, we ensure appropriate safeguards are in place. We prioritize countries covered by European Commission adequacy decisions, use EU-approved Standard Contractual Clauses where needed, and apply additional technical measures such as encryption and access controls.

Updates to This Policy

We may update this policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make significant changes, we update the “Last updated” date above, notify active clients by email at least 30 days in advance, post a notice on our website, and obtain fresh consent where the law requires it.

Questions & Complaints

If you have a question or are not satisfied with our response, you can contact your local data protection authority. EU residents can find theirs through the European Data Protection Board at edpb.europa.eu.

Privacy Policy | Derg Tech