Scroll Top
Privacy Notice
Effective From: 03 October 2025
Purpose of Privacy Notice

Your privacy matters to Paloncode Limited, and we are dedicated to handling your personal information responsibly.

This Privacy Notice explains how we collect, use, and protect your personal information when you visit our website at https://paloncode.com/, including mobile and device-specific versions, as well as our official social media accounts (collectively referred to as the “Website”).

Identity of Data Controller

The data controller responsible for the processing of your personal data in accordance with applicable data protection laws is:

Paloncode Limited

Company registration number: C 110133

Registered Office: Paloncode Limited, Horeca Building, 3rd Floor, Triq L-Imgarr, Xewkija, Ghawdex, XWK 9012, Malta

Privacy Email: [email protected]

For the purposes of this Privacy Notice, references to the “Company”, “we”, “us”, or “our” refer to Paloncode Limited in its capacity as data controller.

Sources of Personal Data

Your personal data comes to us in three main ways

Direct Collection from Data Subjects: We collect information directly from you when you complete forms, subscribe to services, request information about our products or services, communicate with us via email, telephone, chat, or other means.

Automatic Collection: When you use our Website, we automatically collect technical information from your device, including hardware specifications, software details, browsing patterns, location data, IP addresses, and other network identifiers.

Third-Party Sources: We may receive information about you from external sources, including social media platforms, analytics service providers, advertising networks, data brokers, and publicly accessible sources.

You are under no legal obligation to provide personal data to us. However, failure to provide certain information may prevent us from fulfilling your requests or entering into business relationships with you (for example, we may be unable to process your service inquiry without your contact details). We encourage you to provide complete and accurate information.

Categories of Personal Data

We may process several types of personal data about you when you interact with our Website and services.

We collect Identity and Contact Information, which encompasses your full name, job title, organization, telephone number, email address, postal address, and social media handles. This information helps us identify you and communicate with you effectively.

Our systems maintain Correspondence Data, preserving records of all communications you have with us through our Website, email, telephone, messaging platforms, chat functions, and social media channels. These records help us provide consistent and quality service.

We also gather Commercial Data related to your business interests, including your organization name, industry sector, the products or services you are interested in, your purchasing history with us, registration records, and compliance status. This information enables us to tailor our offerings to your needs.

Technical Data is automatically collected when you visit our Website. This includes your IP address, browser type and version, operating system, device identifiers, screen resolution, time zone settings, plug-in types and versions, and the pages you visit before and after accessing our Website.

Finally, we collect Analytics Data that shows how you interact with our Website, such as navigation patterns, page views, time spent on different pages, click-through rates, download activity, and your preferences and settings. While this data typically does not directly identify you, it helps us enhance your browsing experience and improve our services.

Processing Purposes and Legal Grounds

We process your personal information for specific business purposes, each supported by a lawful basis under data protection regulations.

  • Service Delivery and Customer Support

We use your Identity and Contact Information, Correspondence Data, and Commercial Data to respond to your inquiries and provide the information, products, or services you request from us.

Legal ground: Performance of a contract with you and our legitimate interest in operating our business effectively and responding to customer needs.

  •  
  • Business Relationship Management

To manage our ongoing business relationships and fulfill obligations arising from any contracts we enter into with you, we process your Identity and Contact Information, Correspondence Data, and Commercial Data.

Legal ground: Performance of a contract and our legitimate interest in maintaining positive customer relationships and providing quality support.

  • Relevant Recommendations

We may use your Identity and Contact Information, Correspondence Data, Commercial Data, and Analytics Data to make suggestions and recommendations about products or services that may be of interest to you.

Legal ground: Our legitimate interest in developing our business and keeping you informed of offerings that may be relevant to your needs.

  • Security and Fraud Prevention

To detect and prevent fraudulent activity, unauthorized access, bot usage, and other security threats, we process your Identity and Contact Information, Commercial Data, Technical Data, and Analytics Data.

Legal ground: Compliance with legal obligations and our legitimate interest in protecting our business, managing risks, and maintaining the security of our systems.

  • Website Operation and Administration

We process your Identity and Contact Information, Commercial Data, and Technical Data to administer and protect our business and Website, including provision of IT services, network security, troubleshooting, data analysis, testing, and business reorganization or restructuring activities.

Legal ground: Our legitimate interest in ensuring reliable service delivery, maintaining system security, and managing our business operations effectively.

  • Continuous Improvement

To develop and improve our Website, products, and services, we analyze Correspondence Data, Technical Data, and Analytics Data. This helps us enhance our marketing strategies, strengthen customer relationships, and improve overall user experience.

Legal ground: Our legitimate interest in understanding our audience, keeping our Website current and relevant, and maintaining our competitive position.

  • Internal Business Coordination

We process your Identity and Contact Information, Correspondence Data, Commercial Data, Technical Data, and Analytics Data with other entities within the Company for operational purposes.

Legal ground: Our legitimate interest in efficient business operations, coordinated service delivery, and centralized administration.

  • Marketing Communications

We may use your Identity and Contact Information and Correspondence Data to send you direct marketing communications about our products and services. We will only do this in line with your preferences, and you can opt out of receiving such communications at any time.

Legal ground: Our legitimate interest in informing you about products or services similar to those you have previously shown interest in, or your explicit consent where required by law.

Disclosure of Personal Data

Sharing With Affiliated Companies:

We may share your personal data with affiliated companies within, in accordance with data protection legislation and this Privacy Notice, for business continuity and operational efficiency.

Sharing With Third-Party Service Providers:

We engage external service providers who may process your personal data on our behalf. We impose contractual obligations on these providers to ensure proper data handling and protection of your information.

  • Technology and Infrastructure Partners

We partner with cloud hosting companies, system administrators, backup services, and communication infrastructure providers. These partners operate the servers that store data, maintain our network security, ensure system availability, and enable our digital communications.

  • Customer Engagement and Analytics Services

Various platforms help us interact with visitors and understand their needs. These include relationship management systems, email marketing services, and website analytics platforms. We also use electronic signature and document management platforms for secure, compliant document workflows.

  • Security, Compliance, and Advisory Services

We engage information security providers that monitor for threats, prevent malicious activity, and detect fraudulent behavior. We also work with legal advisors, financial auditors, tax consultants, and regulatory compliance specialists who provide expert guidance on complex matters.

When our business operations require transferring your personal data to countries outside the European Economic Area (EEA), we ensure all international transfers are protected through appropriate safeguards, including transferring data to countries with adequacy decisions from the European Commission, or using Standard Contractual Clauses (SCCs) approved by relevant authorities that provide you with enforceable rights.

Security Measures

Security is fundamental to everything we do with your data. We have implemented multiple protective layers.

  • Technical Safeguards: Encryption of data in storage and transmission, secure system architecture, firewalls and intrusion detection, regular security patches and updates, access logging and monitoring.
  • Organizational Measures: Strict access controls limiting who can see data, background checks on staff with data access, comprehensive privacy and security training, clear policies and procedures, regular audits and compliance checks.

We continuously test our security, assess new risks, and update our protections based on evolving threats and best practices.

Retention Periods

Pursuant to the principle of storage limitation, the Company retains personal data in a form permitting identification of data subjects for no longer than necessary for the purposes for which it is processed.

Retention periods are determined in accordance with the following criteria: the quantity, nature, and sensitivity of personal data; applicable legal, regulatory, tax, and contractual requirements; the purposes of processing; legitimate interests of the Company; and guidance from competent supervisory authorities.

Applicable Retention Periods:

  • General inquiries: up to 36 months from final interaction;
  • Contractual relationships: up to five (5) years post-termination, subject to statutory record-keeping obligations;
  • Marketing consents: Until withdrawal or up to 24 months of inactivity;
  • Litigation-related data: Duration of proceedings plus applicable limitation periods.

Upon expiry of retention periods, personal data is securely erased or anonymized in accordance with industry-standard data sanitization protocols.

Data Subject Rights

Data protection law gives you substantial control over your personal data. Here is what you can do:

You can ask us to show you all the information we hold about you and provide copies of it (Right to Access). If you discover that something is inaccurate or incomplete, you have the right to require us to correct or complete it (Right to Rectification). When we no longer have a valid reason to keep your data, you can request that we delete it entirely (Right to Erasure).

In certain circumstances, you can ask us to pause or limit how we are using your information, for instance, while we investigate a complaint you have raised or verify the accuracy of data you have challenged (Right to Restriction of Processing). You also have the right to object when we are processing your data based on our legitimate business interests, though we may be able to demonstrate compelling reasons that override your objection (Right to Object).

If you want to move to a competitor or another service provider, you have the right to receive your data in a commonly used, machine-readable format for any information you provided to us that we process automatically based on your consent or to fulfill a contract. We will either give it directly to you or, where technically feasible, transmit it to another organization on your behalf (Right to Data Portability).

Whenever we process your data based on your consent rather than another legal basis, you can withdraw that consent at any time (Right to Withdraw Consent). Withdrawing consent does not affect the lawfulness of processing we carried out before you withdrew it, but it does stop us from continuing that particular processing going forward.

We will respond within one month of receiving your request. We may require identity verification before processing your request to ensure we disclose personal data only to the correct individual.

Finally, you have an absolute right to lodge a complaint with a data protection supervisory authority if you believe we have violated your privacy rights (Right to Complain).

You can typically file with the authority in the country where you live, where you work, or where the alleged violation occurred. While you are free to go directly to regulators, we hope you will contact us first at [email protected] so we can try to resolve your concerns directly.

Automated Processing

Purely automated decision-making occurs when technology makes decisions about you without any human involvement. We do not operate this way. All significant decisions, whether to enter into business with you, service terms we offer, how we handle your inquiries, are made by our team members who review your specific situation and apply their judgment.

The law protects you from being subjected to decisions made entirely by machines that could legally affect you or significantly impact your interests.

Amendments to this Privacy Notice

We reserve the right to update or modify this Privacy Notice from time to time to reflect changes in our data processing practices, legal obligations, or regulatory guidance.

Any revisions will be published on this page with an updated “Effective From” date. We recommend that you review this Privacy Notice periodically to remain informed of how we process and protect your personal data.

In the event of material changes that significantly affect your rights or our processing activities, we will provide prominent notice through our website or, where appropriate, communicate such changes directly to you via email.

Contact Information

If you have any questions about this Privacy Notice, wish to exercise your data protection rights, or have concerns about how we process your personal data, please submit your request to [email protected].