Privacy Policy

Introduction

buildexpert Ltd ("we", "us", or "our") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website buildexpert.top or use our business assessment services.

Data Controller Information

buildexpert Ltd is the data controller for the purposes of the General Data Protection Regulation (GDPR). Our company registration number is HE917352, and we are registered in Cyprus. Our registered office is located at Ledra Street 52, Paralimni, 5295, Famagusta District, Cyprus.

Data We Collect

We may collect and process the following types of personal information about you through our data collection processes:

• Contact Information: Name, email address, phone number, company name, and business address
• Communication Data: Records of communications between you and buildexpert, including emails, phone calls, and messages
• Technical Information: IP address, browser type, operating system, referring website, pages visited, and time spent on our website
• Business Information: Details about your business, industry sector, and assessment requirements
• Assessment Data: Information provided during business assessments and consultations

How We Use Your Information

We use your personal data for the following purposes, and how we use your information depends on the legal basis for processing:

• Service Provision: To provide business assessment services, respond to enquiries, and deliver requested information
• Communication: To communicate with you about our services, respond to your questions, and provide customer support
• Business Operations: To manage our business relationship with you and improve our services
• Legal Compliance: To comply with applicable laws, regulations, and legal processes
• Marketing: With your consent, to send you marketing communications about our services
• Website Analytics: To analyse website usage and improve user experience

Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds:

• Contractual Necessity: Processing necessary for the performance of our service contracts
• Legitimate Interests: For business operations, fraud prevention, and service improvement
• Consent: Where you have given explicit consent for marketing communications
• Legal Obligation: To comply with applicable laws and regulations

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner. For detailed information about our use of cookies, please see our Cookie Policy.

Data Sharing and Disclosure

We may share your personal information in the following circumstances:

• Service Providers: With trusted third-party service providers who assist us in operating our business
• Legal Requirements: When required by law, court order, or government authority
• Business Transfers: In connection with any merger, sale, or transfer of company assets
• Consent: With your explicit consent for specific purposes

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting, or reporting requirements. Our data retention periods vary depending on the type of information and the purpose for which it was collected. Contact information is typically retained for up to 7 years after our last interaction, whilst assessment data may be retained for longer periods as required by professional standards.

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include encryption, access controls, regular security assessments, and staff training on data protection principles.

Your Rights

Under GDPR, you have the following rights regarding your personal data:

• Right of Access: To request copies of your personal data
• Right to Rectification: To request correction of inaccurate personal data
• Right to Erasure: To request deletion of your personal data in certain circumstances
• Right to Restrict Processing: To request limitation of processing in certain situations
• Right to Data Portability: To request transfer of your data to another organisation
• Right to Object: To object to processing based on legitimate interests or for marketing purposes
• Right to Withdraw Consent: To withdraw consent where processing is based on consent

International Data Transfers

As we operate within the European Union, your personal data is primarily processed within the EU. If we transfer data outside the EU, we ensure appropriate safeguards are in place, such as adequacy decisions, standard contractual clauses, or other approved mechanisms under GDPR.

Children's Privacy

Our services are not intended for children under the age of 16. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by posting the updated policy on our website and updating the "last updated" date. We encourage you to review this policy periodically.

Contact Information

If you have any questions about this Privacy Policy, wish to exercise your rights, or need to contact us regarding data protection matters, please contact us using the following details:

Supervisory Authority

If you are not satisfied with our response to your privacy concerns, you have the right to lodge a complaint with the relevant supervisory authority. In Cyprus, this is the Commissioner for Personal Data Protection. You can also contact the supervisory authority in your EU member state of residence.