Privacy Policy

Last updated: March 15, 2026

1. Data Controller

Bodhi8 Ltd, a company registered in Cyprus (EU), is the data controller responsible for processing your personal data as described in this policy.

For any data-related inquiries, please use the contact form on our homepage or write to us at our registered address.

2. Data We Collect

We only collect personal data that you voluntarily provide through our contact form:

  • Name
  • Email address
  • Company name (optional)
  • Message content
  • Budget range (optional)

We do not collect data through cookies, tracking pixels, or similar technologies.

3. Purpose of Processing

Your data is processed solely for the purpose of responding to your business inquiry and any subsequent communication related to your request.

4. Legal Basis

We process your personal data based on your explicit consent, which you provide by checking the consent box on our contact form (Article 6(1)(a) GDPR). You may withdraw your consent at any time by submitting a request via our contact form.

5. Analytics

We use Umami Analytics, a privacy-focused, cookieless analytics tool. Umami does not use cookies, does not collect personal data, and does not track users across websites. All data is aggregated and no individual visitor can be identified. Umami is fully GDPR-compliant and does not require a cookie consent banner.

6. Third-Party Sharing

We do not sell, trade, or otherwise transfer your personal data to third parties. Contact form submissions are sent via Resend (a transactional email service) solely for the purpose of delivering your inquiry to our team. No third-party tracking scripts are present on this website.

7. Data Retention

We retain your contact form data for a maximum of 24 months from the date of submission, or until the business inquiry is resolved — whichever comes first. After this period, your data is permanently deleted. You may request early deletion at any time.

8. Your Rights Under GDPR

As an EU data subject, you have the following rights regarding your personal data:

  • Right of access — request a copy of the data we hold about you
  • Right to rectification — request correction of inaccurate data
  • Right to erasure — request deletion of your data
  • Right to data portability — receive your data in a structured, machine-readable format
  • Right to object — object to the processing of your data
  • Right to withdraw consent — withdraw your consent at any time without affecting the lawfulness of prior processing

To exercise any of these rights, please use the contact form on our homepage or write to us at our registered address. We will respond within 30 days.

9. Supervisory Authority

If you believe your data protection rights have been violated, you have the right to lodge a complaint with the Commissioner for Personal Data Protection in Cyprus or your local EU data protection authority.

10. Changes to This Policy

We may update this privacy policy from time to time. Any changes will be posted on this page with an updated revision date. We encourage you to review this page periodically.