Privacy Policy.

Effective: February 2026 · Last updated: February 2026


1. Controller & Contact

The controller responsible for data processing on this website is:

Arsolabs Ltd
Kosta Monti 3, 8025 Paphos, Cyprus
Registration: HE488219
Email: contact@arsolabs.com

If you have questions about data protection, you can reach us at the email address above.


2. Overview of Data Processing

We process personal data only to the extent necessary for providing a functional website and our services. Processing of personal data occurs regularly only with user consent, except where prior consent cannot be obtained for practical reasons and processing is permitted by law.


3. Legal Bases (GDPR)

This policy applies under the EU General Data Protection Regulation (GDPR), the Cyprus Processing of Personal Data (Protection of the Individual) Law of 2001 (as amended), and where applicable, the German TDDDG/TTDSG.

  • Art. 6(1)(a) GDPR — Consent (e.g., newsletter, cookies)

  • Art. 6(1)(b) GDPR — Performance of a contract or pre-contractual measures

  • Art. 6(1)(c) GDPR — Legal obligation

  • Art. 6(1)(f) GDPR — Legitimate interests (e.g., analytics, security)


4. Hosting & Server Logs

This website is hosted on infrastructure that automatically collects and stores information in server log files, which your browser transmits automatically. This includes:

  • Browser type and version

  • Operating system

  • Referrer URL

  • IP address (anonymized)

  • Time of the server request

This data cannot be attributed to specific persons. It is not combined with other data sources. The basis for processing is Art. 6(1)(f) GDPR — our legitimate interest in a technically error-free presentation of our website.


5. Cookies & Tracking

This website currently does not use cookies or third-party tracking tools. If this changes in the future, we will update this policy and implement an appropriate consent mechanism (cookie banner) in accordance with GDPR and the German TDDDG.


6. Contact Form & Email

If you contact us by email, your data (email address, name, message content) will be stored for the purpose of processing the inquiry and for follow-up questions. We do not share this data without your consent. Processing is based on Art. 6(1)(b) GDPR if your request relates to a contract, or Art. 6(1)(f) GDPR (our legitimate interest in responding to inquiries).


7. Your Rights (EU/EEA)

Under the GDPR, you have the following rights regarding your personal data:

  • Right of access (Art. 15 GDPR) — obtain information about your stored data

  • Right to rectification (Art. 16 GDPR) — correct inaccurate data

  • Right to erasure (Art. 17 GDPR) — request deletion of your data

  • Right to restriction (Art. 18 GDPR) — restrict processing

  • Right to data portability (Art. 20 GDPR) — receive your data in a portable format

  • Right to object (Art. 21 GDPR) — object to processing based on legitimate interests

  • Right to withdraw consent (Art. 7(3) GDPR) — withdraw consent at any time

You also have the right to lodge a complaint with the Office of the Commissioner for Personal Data Protection (Cyprus DPA) or any other EU supervisory authority.


8. California Residents (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

  • Right to know what personal information is collected, used, shared, or sold

  • Right to delete personal information held by us

  • Right to opt-out of the sale or sharing of personal information

  • Right to non-discrimination for exercising your privacy rights

We do not sell personal information. To exercise your rights, contact us at contact@arsolabs.com.


9. Data Transfers

As a Cyprus-based company within the EU, your data is processed within the European Economic Area (EEA). If data is transferred to third countries (e.g., US-based service providers), we ensure appropriate safeguards are in place, such as EU Standard Contractual Clauses (SCCs) or adequacy decisions by the European Commission (e.g., the EU-U.S. Data Privacy Framework).


10. Data Retention

We retain personal data only for as long as necessary for the purposes for which it was collected, or as required by applicable law (e.g., tax retention obligations). Server logs are deleted after 14 days. Contact inquiries are retained for 6 months after the last communication unless a longer retention period is required.


11. Changes to This Policy

We reserve the right to update this privacy policy to reflect changes in our practices or applicable law. The current version is always available at arsolabs.com/privacy.