Privacy Policy

Introduction

This Privacy Policy explains how Plastic Machinery Consulting ('we', 'us', or 'our') collects, uses, and protects your personal information when you use our website and services.

We are committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

Data We Collect

We collect the following types of personal data:

Personal Information

• Name and contact details (email, phone number)
• Company name and business information
• Project descriptions and requirements
• Payment information (processed securely through Stripe)
• Communication preferences and consent records

Technical Information

• IP address and browser type
• Device information and operating system
• Pages visited and time spent on site
• Referral source and UTM parameters
• Cookies and similar tracking technologies

How We Use Your Data

We use your personal data for the following purposes:

• To provide consulting services and respond to inquiries
• To process bookings and payments
• To send service-related communications and confirmations
• To improve our website and services
• To analyze website usage and optimize user experience
• To comply with legal obligations and prevent fraud

Legal Basis for Processing

We process your personal data based on the following legal grounds:

• Consent: You have given explicit consent for specific processing activities
• Contract Performance: Processing is necessary to fulfill our contractual obligations to you
• Legitimate Interests: Processing is necessary for our legitimate business interests
• Legal Obligation: Processing is required to comply with legal requirements

Data Sharing and Third Parties

We may share your data with the following third parties:

• Service Providers: Email service (SendGrid), hosting (Vercel), database (PostgreSQL)
• Analytics Services: Google Analytics, Google Tag Manager (only with your consent)
• Payment Processors: Stripe for secure payment processing
• Legal Requirements: When required by law or to protect our legal rights

Data Retention

We retain your personal data for the following periods:

• Lead and contact information: 3 years from last contact
• Booking and consultation records: 5 years for business records
• Payment and invoice data: 7 years for tax compliance
• Marketing consent: Until you withdraw consent or 2 years of inactivity

Your Rights Under GDPR

You have the following rights regarding your personal data:

• Right to Access: Request a copy of all personal data we hold about you
• Right to Rectification: Request correction of inaccurate or incomplete data
• Right to Erasure: Request deletion of your personal data ('right to be forgotten')
• Right to Restriction: Request limitation of processing in certain circumstances
• Right to Data Portability: Receive your data in a machine-readable format
• Right to Object: Object to processing based on legitimate interests or direct marketing
• Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent

To exercise any of these rights, please visit our GDPR Requests page or contact us directly.

Cookies and Tracking

We use the following types of cookies:

• Necessary Cookies: Essential for website functionality, including session management and security
• Analytics Cookies: Help us understand how visitors use our website (requires consent)
• Marketing Cookies: Used for targeted advertising and tracking campaign effectiveness (requires consent)

You can manage your cookie preferences at any time through our cookie consent banner.

Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction.

These measures include encryption (SSL/TLS), secure servers, access controls, and regular security assessments. However, no method of transmission over the internet is 100% secure.

International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA). We ensure appropriate safeguards are in place, such as Standard Contractual Clauses, to protect your data in accordance with GDPR requirements.

Children's Privacy

Our services are not directed to individuals under 16 years of age. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting a notice on our website or sending you an email. Your continued use of our services after changes constitutes acceptance of the updated policy.

Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us: