Privacy Policy
How Centrue handles your data — privacy is built into the architecture, not added on.
Controller
Centrue Consultants LTD, Q-apital Tower, Rafael Santi 5 – Flat 202, 6052 Larnaca, Cyprus · info@centrue.eu. Technology/hosting processor: BOP BlueOcean Privacy LTD (BlueOcean Finance AI).
What we process
(a) Enquiry & booking forms: the details you provide (name, e-mail, company, message) to handle your request and contact you. (b) For clients: Shopify and bank/EMI data accessed read-only to produce VAT-compliant bookkeeping (orders, payouts, fees, tax lines; customer data minimised).
Purposes & legal bases
Handling your enquiry and the contractual service (Art. 6(1)(b) GDPR); website operation, security and our legitimate interest in improving the service (Art. 6(1)(f) GDPR); reach measurement only with your consent (Art. 6(1)(a) GDPR).
EU data residency & security
Processing is hosted within the EU and self-hosted-first: sensitive data does not leave the infrastructure by default; an EU-region AI model is used only for complex cases. Strict tenant isolation, role-based access and data minimisation apply. A Data Processing Agreement (DPA) is available for clients; subprocessors are documented.
Reach measurement
We use our own (first-party) reach measurement to improve the site. It is activated only after your explicit consent via the consent banner. Without consent, no analysis takes place.
Retention
We store your data only as long as necessary for the stated purposes or as required by statutory retention obligations, then delete it.
Your rights
You have the right to access, rectification, erasure, restriction of processing, data portability and objection. You may withdraw any consent with effect for the future. You also have the right to lodge a complaint with a data protection supervisory authority.