AshcroftTECHNOLOGIES
Get a quote Start a project
Home 00 Web Development 01 App Development 02 Custom & AI 03 Contact 04 Start a project
Home/Privacy Policy
Legal

Privacy Policy

Last updated: 26 June 2026

This document is a general template provided for transparency and is not legal advice. Please have it reviewed by a qualified professional before relying on it.

Who we are

This Privacy Policy explains how Ashcroft Technologies SIA ("Ashcroft Technologies", "we", "us" or "our") collects, uses, shares and protects your personal data. We are a private limited company (sabiedrība ar ierobežotu atbildību, "SIA") registered in the Republic of Latvia.

For the purposes of the EU General Data Protection Regulation (Regulation (EU) 2016/679, the "GDPR") and the Latvian Personal Data Processing Law, Ashcroft Technologies SIA is the data controller responsible for your personal data. Our details are:

  • Company: Ashcroft Technologies SIA
  • Registration number: 40203756999 (registered 26 June 2026)
  • Registered & postal address: Vienības iela 23-44, Daugavpils, LV-5401, Latvia
  • Email: Office@ashcroft-tech.com
  • Phone: +371 2999 9999

If you have any questions about this policy or how we handle your data, please use the contact details in the Contact us section below.

Scope of this policy

This policy applies to personal data we process when you:

  • visit or interact with our website and its pages;
  • submit an enquiry through our contact form or get in touch by email or phone;
  • engage us to deliver web, mobile, desktop or custom software work, or discuss a potential project; or
  • otherwise correspond or do business with us.

It does not cover third-party websites, products or services that we may link to. When you follow a link to an external site, that site's own privacy policy governs. Where we build and operate systems on behalf of our clients, we typically act as a processor on the client's instructions; in those cases the client is the controller and their privacy notice applies to end-user data.

Personal data we collect

We aim to collect only what we genuinely need. Depending on how you interact with us, this may include:

  • Contact-form data — your name, email address, company name, phone number and the contents of your message or project brief.
  • Correspondence — emails, messages and notes from calls or meetings, including any files or attachments you choose to share with us.
  • Project & contract data — information needed to scope, deliver and invoice a project, such as billing details, signatories, and credentials or access you provide to systems we work on.
  • Website usage & analytics data — technical information such as your IP address, device and browser type, referring page, pages viewed and approximate (city-level) location, collected to keep the site secure and understand how it is used.
  • Cookies and similar technologies — small files and identifiers stored on your device; see the Cookies & analytics section.

We do not intentionally collect special categories of data (such as health, religion or political views) and ask that you do not send such information to us through the website. Providing your data is voluntary, but if you do not provide the details needed to respond to an enquiry or deliver a project, we may not be able to help you.

How and why we use your data

We only process personal data where the GDPR gives us a lawful basis to do so. The table below maps each purpose to its legal basis under Article 6 of the GDPR.

PurposeLegal basis (GDPR)
Responding to enquiries and providing quotesSteps taken at your request prior to entering a contract; our legitimate interests in handling enquiries
Delivering, managing and supporting projectsPerformance of a contract
Invoicing, accounting and tax recordsCompliance with a legal obligation
Securing our website and preventing fraud or misuseOur legitimate interests in protecting our systems and clients
Analytics and improving our website and servicesYour consent (for non-essential cookies); otherwise our legitimate interests
Occasional service updates or relevant offers to existing clientsOur legitimate interests; or your consent where required

Where we rely on legitimate interests, we balance those interests against your rights and freedoms, and you may object at any time (see Your rights). Where we rely on consent, you can withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.

Cookies & analytics

Our website uses a small number of cookies and similar technologies. Strictly necessary cookies keep the site working and secure and do not require consent. Analytics and other non-essential cookies are only set with your consent, which you can give, refuse or change at any time.

For a full breakdown of the cookies we use, what they do and how to manage them, please see our Cookies Policy.

Sharing & processors

We never sell your personal data. We share it only where it is necessary to run our business and deliver our services, and always under appropriate safeguards. Recipients may include:

  • Hosting and infrastructure providers that store our website and project environments;
  • Email and communication providers we use to correspond with you;
  • Analytics providers that help us understand website usage (subject to your cookie choices);
  • Payment and invoicing providers that process payments — for direct debits we use the SEPA creditor identifier LV82ZZZ40203756999;
  • Professional advisers such as accountants and lawyers, where reasonably required; and
  • Public authorities where we are legally obliged to disclose information.

Where a third party processes personal data on our behalf, they act as our processor under a written data processing agreement that requires them to protect your data and use it only as instructed.

International transfers

We prefer to keep personal data within the European Union and European Economic Area (EU/EEA). Where a provider processes data outside the EU/EEA, we make sure an adequate level of protection is in place — for example, an European Commission adequacy decision for the destination country, or appropriate safeguards such as the EU Standard Contractual Clauses (SCCs) together with any supplementary measures required.

You can ask us for more information about the safeguards applied to a specific transfer using the details in the Contact us section.

How long we keep data

We keep personal data only for as long as we need it for the purposes set out in this policy, and then delete or anonymise it. In practice:

  • Enquiries that do not become projects are kept for a limited period so we can follow up, then deleted.
  • Project and contract records are kept for the duration of our engagement and for a reasonable period afterwards to handle queries, warranties and disputes.
  • Accounting and tax records are retained for the period required by Latvian law (generally several years).
  • Website analytics data is retained for a limited period in line with the settings of our analytics tools.

When a retention period ends, we securely delete or irreversibly anonymise the data.

Your rights under the GDPR

Subject to the conditions in the GDPR, you have the right to:

  • Access — obtain confirmation of whether we process your data and a copy of it;
  • Rectification — have inaccurate or incomplete data corrected;
  • Erasure — ask us to delete your data ("right to be forgotten") where applicable;
  • Restriction — ask us to limit how we use your data in certain circumstances;
  • Data portability — receive certain data in a structured, commonly used, machine-readable format and have it transmitted to another controller;
  • Objection — object to processing based on our legitimate interests, and to any direct marketing; and
  • Withdraw consent — where we rely on consent, withdraw it at any time.

To exercise any of these rights, contact us at Office@ashcroft-tech.com. We will respond within the timeframes set by the GDPR (usually one month) and will not charge a fee for a reasonable request.

If you believe we have not handled your data properly, we would appreciate the chance to put things right. You also have the right to lodge a complaint with the Latvian supervisory authority, the Data State Inspectorate (Datu valsts inspekcija), or with the authority in your EU country of residence or work.

Security

We take appropriate technical and organisational measures to protect personal data against loss, misuse, unauthorised access, disclosure or alteration. These include access controls, encryption in transit, principle-of-least-privilege practices, regular updates, and limiting access to those who need it. No method of transmission or storage is completely secure, but we work to keep our safeguards effective and up to date, and we will notify you and the relevant authority of a personal data breach where the law requires.

Children

Our website and services are intended for businesses and professional contacts and are not directed at children. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will take appropriate steps to delete it.

Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology or legal requirements. When we make material changes, we will update the "Last updated" date at the top of this page and, where appropriate, take additional steps to inform you. We encourage you to review this page periodically.

Contact us

If you have any questions, requests or concerns about this Privacy Policy or your personal data, please get in touch:

You can also reach us through our contact page. For related terms, see our Terms of Service and Cookies Policy.