Privacy
Policy
Last updated: June 25, 2026
This policy explains how PaphTech collects, uses, and protects your information.
1. Information We Collect
We collect information you provide directly to us and information collected automatically when you use our services.
Information you provide
- Contact and audit requests — name, email address, website URL, and any message you submit through our contact form.
- Communications — emails, messages, or other correspondence you send us.
Information collected automatically
- Usage data — pages visited, time spent, referring URLs, and browser type.
- IP address — collected and stored with audit requests for security and fraud prevention purposes.
- Cookies and similar technologies — see Section 4 for details.
2. How We Use Your Information
We use the information we collect to:
- Respond to your audit requests and provide our services
- Send you service-related communications and updates
- Improve and personalise your experience on our website
- Detect and prevent fraud, abuse, and security incidents
- Comply with legal obligations
- Analyse usage trends to improve our website and services
We do not sell your personal information to third parties. We do not use your data for advertising purposes.
3. Data Sharing
We may share your information with the following categories of third parties only as necessary to provide our services:
- Email delivery — Resend (resend.com) processes emails on our behalf. They act as a data processor under our instructions.
- Hosting — Railway (railway.com) hosts our application and stores data on our behalf.
- Network security — Cloudflare (cloudflare.com) provides DDoS protection and may process request metadata.
- Legal requirements — We may disclose your information if required by law or to protect our rights.
All third-party processors are contractually required to handle your data securely and only for the purposes we specify.
4. Cookies
We use a minimal set of cookies necessary for the website to function:
- Session cookies — temporary cookies that expire when you close your browser, used to maintain your session state.
- Security cookies — set by Cloudflare to distinguish legitimate users from bots.
We do not use advertising cookies, tracking pixels, or third-party analytics cookies. You can control cookies through your browser settings; disabling cookies may affect some site functionality.
5. Data Retention
We retain your personal information for as long as necessary to provide our services and comply with legal obligations:
- Audit request records — retained for 2 years from submission date.
- Email communications — retained for 1 year.
- Server logs — automatically deleted after 30 days.
You may request deletion of your data at any time — see Section 6.
6. Your Rights
Depending on your location, you may have the following rights regarding your personal data:
- Access — request a copy of the personal data we hold about you.
- Correction — request correction of inaccurate or incomplete data.
- Deletion — request deletion of your personal data ("right to be forgotten").
- Objection — object to processing of your data in certain circumstances.
- Portability — request your data in a structured, machine-readable format.
To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.
7. Security
We implement industry-standard security measures to protect your information:
- All data transmitted between your browser and our servers is encrypted using TLS 1.2 or higher.
- Our infrastructure is protected by Cloudflare's WAF and DDoS mitigation.
- Access to stored data is restricted to authorised personnel only.
- We conduct regular security reviews of our systems.
No method of transmission over the internet is 100% secure. If you discover a security vulnerability, please report it to [email protected].
8. Third-Party Services
Our website may contain links to third-party websites. We are not responsible for the privacy practices of those sites and encourage you to review their privacy policies. Our policy applies only to information collected on paphtech.com.
9. Children's Privacy
Our services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us immediately at [email protected].
10. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. For significant changes, we will notify users via email where we have contact details. Your continued use of our services after any changes constitutes your acceptance of the updated policy.
11. Contact Us
If you have any questions about this Privacy Policy or how we handle your data, please contact us: