Privacy Policy — CRC Maesta

This Privacy Policy explains how CRC Maesta ("we", "us", or "our") collects, uses, and discloses your Personal Data when you visit crc-maesta.com or use our services.

1. Who we are

CRC Maesta is the data controller responsible for your personal data collected via crc-maesta.com. If you need to contact us about privacy, please use the contact details in the Contact us section below.

2. Information we collect

We collect information that you provide directly and information automatically collected when you use the website.

  • Contact details: name, email address, phone number when you submit forms or request quotes.
  • Account data: if you register, your login credentials and profile information.
  • Communications: records of correspondence and support requests.
  • Technical & usage data: IP address, device and browser information, pages visited, referral source, cookies and similar technologies.
  • Payment & billing: (if applicable) transaction records and billing details processed via our payment provider — we do not store full card numbers on our servers.

3. How we use your information

We use your information to:

  • Provide, operate and maintain our website and services;
  • Respond to inquiries, provide customer support and communicate about your requests;
  • Process payments and manage billing (where applicable);
  • Personalize and improve our services and website content;
  • Detect and prevent fraud or other illegal activities; and
  • Comply with legal obligations.

4. Legal basis for processing (if you are in the EEA)

If you are located in the European Economic Area (EEA), our legal bases for processing personal data include:

  • Contract: processing necessary to perform a contract with you;
  • Consent: when you have given clear consent (e.g., marketing emails — you can withdraw consent anytime);
  • Legitimate interests: for our business operations such as fraud prevention and site security (we balance interests before processing);
  • Legal obligation: where we must comply with laws or court orders.

5. Cookies & similar technologies

We use cookies and similar tracking technologies to operate the site and provide analytics. Cookies may be:

  • Essential cookies (required for site functionality);
  • Performance & analytics cookies (to understand site usage);
  • Advertising cookies (to show relevant ads — used only with consent where required).

You can manage cookie preferences via your browser settings or our cookie consent tool (if available on the site).

6. Third-party services

We may share data with trusted third-party service providers who help provide, analyze, and improve the website (e.g., hosting providers, analytics platforms, payment processors, CRM providers). These parties process data on our behalf and are contractually obligated to protect it.

7. Data retention

We retain personal information only as long as necessary for the purposes set out in this policy or to comply with legal obligations. For example:

  • Form submissions & contact records: retained for up to 3 years unless you request deletion earlier.
  • Accounting & billing records: retained as required by law (typically 6–7 years depending on jurisdiction).

Retention periods above are illustrative — replace them with the actual retention rules you follow.

8. Your rights

Depending on your jurisdiction, you may have rights including:

  • Right to access the personal data we hold about you;
  • Right to request correction or deletion of your data;
  • Right to object to or restrict processing;
  • Right to data portability;
  • Right to withdraw consent (where processing is based on consent);
  • Right to lodge a complaint with a supervisory authority (e.g., data protection authority).

To exercise these rights, contact us using the details below. We may need to verify your identity before acting on requests.

9. Security

We implement reasonable technical and organizational measures to protect personal information from loss, misuse, unauthorized access, disclosure, alteration, and destruction. However, no online system is completely secure — if you suspect a security breach, contact us immediately.

10. International transfers

We may transfer personal data to countries other than where you live for processing (for example our hosting providers or third-party services). Where required, we apply appropriate safeguards (standard contractual clauses, etc.). Contact us for details about safeguards we use.

11. Children's privacy

Our services are not directed at children under 13 (or higher age limit required in your jurisdiction). We do not knowingly collect personal information from children. If you believe we have collected data from a child, please contact us to request deletion.

12. Changes to this policy

We may update this Privacy Policy periodically. When we do, we will revise the Effective date above. Significant changes will be communicated via the website or direct notice if required.

13. Contact us

If you have questions, requests, or complaints about this Privacy Policy or our data practices, please contact:

  • Company: CRC Maesta
  • Email: info@crc-maesta.com — replace with your support email
  • Address: Replace with your registered office address
  • Phone: Replace with your contact number (optional)

Note: This template is intended to be a starting point. Modify it to reflect your actual data-handling practices and legal/regulatory obligations (for example GDPR, CCPA, or local data protection laws). For high-risk or regulated processing, please consult a qualified legal professional.