1. Who we are
StratiqWeb (“StratiqWeb”, “we”, “us” or “our”) is a web development studio operated as a sole trader established in Malta. For the purposes of the EU General Data Protection Regulation (Regulation (EU) 2016/679, the “GDPR”) and the Maltese Data Protection Act (Chapter 586 of the Laws of Malta), StratiqWeb is the data controller responsible for the personal data described in this policy.
If you have any questions about this policy or how we handle your information, you can reach our privacy contact at info@stratiqweb.com. Our full registered details and postal address are available on request.
2. Scope of this policy
This policy explains how we handle personal data when you:
- visit and interact with our website;
- contact us through our contact form, by email or by other means;
- enquire about, purchase or receive our services; or
- otherwise communicate with us as a prospective, current or former client or supplier.
Where we build or maintain websites for our clients, those clients are typically the data controllers for personal data processed through their own sites, and we act as a data processor on their behalf under a separate agreement. This policy covers our own processing as a controller.
3. Personal data we collect
Information you give us
- Contact & enquiry data — your name, email address, company name, indicative budget, the service you are interested in and the contents of your message when you complete our contact form or email us.
- Project & client data — information exchanged while scoping and delivering a project, including business contact details, billing information and any materials you share with us.
- Correspondence — records of our communications, proposals, contracts and support requests.
Information we collect automatically
- Technical & usage data — such as IP address, browser type, device information, referring pages and pages viewed, collected through server logs and, where you consent, analytics cookies.
- Cookies & similar technologies — see our Cookie Policy for full details and how to manage your choices.
We do not intentionally collect special categories of personal data (such as data revealing health, race or political opinions), and we ask that you do not send such information to us unless strictly necessary for a project.
4. How and why we use your data
We only process personal data where we have a lawful basis to do so under Article 6 of the GDPR:
| Purpose | Lawful basis |
|---|---|
| Responding to your enquiries and providing quotes | Steps taken at your request prior to entering a contract; our legitimate interests in responding to enquiries |
| Delivering our services and managing projects | Performance of a contract with you |
| Invoicing, accounting and tax records | Compliance with a legal obligation |
| Improving and securing our website (incl. analytics where consented) | Consent (analytics cookies); legitimate interests (security and core operation) |
| Occasional service updates or relevant offers to existing clients | Legitimate interests; consent where required by law |
Where we rely on consent, you may withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal. Where we rely on legitimate interests, we have assessed that these are not overridden by your rights and freedoms.
5. Cookies & analytics
Our website uses strictly necessary cookies and local storage to function and to remember your cookie preferences. With your consent, we may also use analytics cookies to understand how the site is used. Non-essential cookies and scripts are blocked until you give consent through our cookie banner. You can review or change your choices at any time via the Cookie settings link or in our Cookie Policy.
6. How we share your data
We do not sell your personal data. We share it only where necessary, with:
- Service providers (processors) who help us operate, such as website hosting, form handling, email, cloud storage and accounting providers. These parties act on our instructions under written agreements.
- Professional advisers such as accountants or legal advisers, where required.
- Authorities where we are legally required to disclose information, or to establish, exercise or defend legal claims.
Our contact form is processed through a third-party form provider so that submissions reach us by email; the data you submit is handled in accordance with that provider's terms and this policy.
7. International transfers
We aim to keep personal data within the European Economic Area (EEA). Where a provider processes data outside the EEA, we ensure an appropriate safeguard is in place — such as an adequacy decision of the European Commission or the European Commission's Standard Contractual Clauses — so that your data continues to receive a level of protection essentially equivalent to that under EU law. Details are available on request.
8. How long we keep your data
We keep personal data only for as long as necessary for the purposes set out above:
- Enquiries that do not become projects — typically up to 12 months, then deleted or anonymised.
- Client & project records — for the duration of our relationship and a reasonable period afterwards.
- Invoicing & accounting records — for the period required by Maltese tax and accounting law (generally up to 10 years).
9. Your rights under the GDPR
Subject to certain conditions, you have the right to:
- Access — obtain a copy of the personal data we hold about you;
- Rectification — have inaccurate or incomplete data corrected;
- Erasure — ask us to delete your data (“right to be forgotten”);
- Restriction — ask us to limit how we use your data;
- Portability — receive certain data in a structured, machine-readable format;
- Objection — object to processing based on legitimate interests or to direct marketing;
- Withdraw consent — at any time, where processing is based on consent.
To exercise any of these rights, email privacy@stratiqweb.com. We will respond within one month, as required by the GDPR. There is normally no charge.
If you are not satisfied with how we handle your data, you have the right to lodge a complaint with the Maltese supervisory authority, the Office of the Information and Data Protection Commissioner (IDPC) — idpc.org.mt — or with the supervisory authority in your EU country of residence.
10. Data security
We implement appropriate technical and organisational measures to protect personal data against unauthorised access, loss or misuse, including encryption in transit (HTTPS), access controls and the use of reputable providers. No method of transmission or storage is completely secure, but we take reasonable steps to safeguard your information and to notify you and the IDPC of any qualifying personal data breach as required by law.
11. Children's privacy
Our website and services are intended for businesses and adults. We do not knowingly collect personal data from children under the age of 16. If you believe a child has provided us with personal data, please contact us so we can delete it.
12. Changes to this policy
We may update this policy from time to time to reflect changes in our practices or the law. The “last updated” date at the top shows when it was last revised. Material changes will be highlighted on this page.
13. How to contact us
For any privacy matter, including requests to exercise your rights, contact us at info@stratiqweb.com or use the details on our contact page.