RisaSolutions

Privacy Policy

Last updated: 7 July 2026

This is a working draft. Replace every highlighted placeholder with your real details and have the final text reviewed against your actual business setup before launch.

We take the protection of your personal data seriously. This policy explains what data we process when you use this website, on what legal basis, and what rights you have under the General Data Protection Regulation (GDPR).

Controller

The controller responsible for data processing on this website is:

Full legal name, street and number, postcode and city, Bulgaria. Email: info@risasolutions.eu. Phone: +49 152 51094952.

Your rights

Under the GDPR you have the right to:

  • access the personal data we hold about you (Art. 15),
  • have inaccurate data corrected (Art. 16),
  • have your data erased (Art. 17),
  • restrict processing (Art. 18),
  • data portability (Art. 20),
  • object to processing based on legitimate interests (Art. 21),
  • and lodge a complaint with a supervisory authority (Art. 77).

Hosting

This website is hosted by Vercel Inc., 340 S Lemon Ave #4133, Walnut, CA 91789, USA. When you visit the site, Vercel processes technical connection data on our behalf under a data processing agreement. Transfers to the USA are covered by the EU Standard Contractual Clauses.

Server log files

Our hosting provider automatically collects and stores information in server log files that your browser transmits: IP address, browser type and version, operating system, referrer URL, and the time of the request. This data is not merged with other data sources. The legal basis is our legitimate interest in the secure and stable operation of the site (Art. 6(1)(f) GDPR).

Contact by email, phone or form

If you contact us by email, phone, or the contact form, we process the details you provide (name, email, optionally phone, and your message) solely to handle your request. For contact-form submissions we use the email service provider Resend, Inc. (USA) as a processor to deliver the message to us; transfers are covered by Standard Contractual Clauses. The legal basis is Art. 6(1)(b) GDPR (steps prior to a contract) or Art. 6(1)(f) GDPR (our interest in answering enquiries). We delete this data once your request is resolved and no retention obligations remain.

Appointment booking (Calendly)

To book a call we use Calendly LLC, 271 17th St NW, Atlanta, GA 30363, USA. The Calendly widget loads only when you open the booking window. When you book, Calendly processes the data you enter (such as name, email and appointment time) to arrange the appointment. Transfers to the USA are covered by Standard Contractual Clauses. The legal basis is Art. 6(1)(b) GDPR. See Calendly’s own privacy notice for details.

Fonts

Fonts are served directly from our own server. No connection to Google Fonts or other third parties is established when they load, so no data is transmitted to font providers.

Cookies

The website itself does not set advertising or tracking cookies. Functional cookies may be set by Calendly only when you actively open the booking window. You can configure your browser to refuse cookies.

Data retention

We store personal data only as long as necessary for the purpose it was collected for, or as long as statutory retention periods require.

SSL/TLS encryption

This site uses SSL/TLS encryption for security. You can recognise an encrypted connection by the “https://” in your browser’s address bar.

Supervisory authority

You have the right to lodge a complaint with a data protection supervisory authority. For a controller established in Bulgaria this is the Commission for Personal Data Protection (Комисия за защита на личните данни), Sofia. If you establish a presence in Germany, name the competent German state authority here instead.

Changes to this policy

We may update this policy to reflect changes to our website or legal requirements. The current version always applies.