Privacy Policy
1. Controller and Contact
Data Controller:
BLTR Group Ltd
Owner: Kevin Bolter
Seirinon 7, 6046 Larnaca, Cyprus
Email: info@bltr-group.com
If you have any questions about this Privacy Policy or wish to exercise your rights under the GDPR, please contact us at the address above.
2. Overview
BLTR Group Ltd takes the protection of your personal data very seriously. We process personal data only to the extent necessary and in accordance with the applicable data protection regulations โ in particular the EU General Data Protection Regulation (GDPR) and Cypriot data protection legislation.
This Privacy Policy explains what data we collect when you visit our website, why we collect it, how it is used, and what rights you have regarding your data.
3. Data We Collect
3.1 Automatically Collected Data (Server Logs)
When you visit our website, our web server automatically records the following information:
- IP address (anonymised or pseudonymised where possible)
- Date and time of the request
- URL of the page requested
- HTTP status code
- Browser type and version
- Operating system
- Referring URL (the page that linked to us)
Legal basis: Article 6(1)(f) GDPR โ legitimate interests.
Storage period: Server logs are typically deleted after 7โ14 days.
3.2 Contact Form
When you submit our contact form, we collect the information you provide, which may include:
- Name
- Email address
- Phone number (optional)
- Message content
Legal basis: Article 6(1)(a) GDPR โ your explicit consent. Article 6(1)(b) GDPR โ performance of pre-contractual measures at your request.
Purpose: To respond to your enquiry and discuss a potential business engagement.
Storage period: We retain your contact data for as long as necessary to respond to your enquiry, and no longer than 3 years unless a business relationship is established.
3.3 Google Analytics
This website uses Google Analytics 4 (GA4), a web analytics service provided by Google LLC, USA. Google Analytics uses cookies and similar technologies to collect anonymised data about how visitors use our website (pages visited, session duration, traffic sources). The data is processed in the USA under Google's Standard Contractual Clauses.
Legal basis: Article 6(1)(a) GDPR โ your consent.
Google's privacy policy: policies.google.com/privacy
3.4 Google Fonts
This website uses Google Fonts to display typography. Font files are loaded from Google's servers when a page is accessed, which may result in Google receiving your IP address. Loading is deferred using the media=print technique to minimise data transfer.
Legal basis: Article 6(1)(f) GDPR โ legitimate interests in consistent visual presentation.
4. Data Transfers to Third Countries
We may use third-party services (such as Google Analytics or Google Fonts) that may transfer your data outside the EU/EEA. Where such transfers occur, they are subject to appropriate safeguards such as Standard Contractual Clauses (SCCs) approved by the European Commission (Article 46 GDPR).
5. Data Security
We take appropriate technical and organisational measures to protect your personal data. These measures include:
- HTTPS encryption for all website traffic
- Secure password handling and access controls
- Regular security reviews
- Data minimisation โ we collect only what is necessary
6. Your Rights Under the GDPR
As a data subject under EU law, you have the following rights:
- Right of access (Art. 15 GDPR): You may request a copy of the personal data we hold about you.
- Right to rectification (Art. 16 GDPR): You may request correction of inaccurate or incomplete data.
- Right to erasure (Art. 17 GDPR): You may request deletion of your personal data ("right to be forgotten").
- Right to restriction of processing (Art. 18 GDPR): You may request that we restrict processing of your data in certain circumstances.
- Right to data portability (Art. 20 GDPR): You may request your data in a structured, machine-readable format.
- Right to object (Art. 21 GDPR): You may object to processing based on legitimate interests.
- Right to withdraw consent (Art. 7(3) GDPR): Where processing is based on consent, you may withdraw it at any time.
To exercise any of these rights, please contact us at: info@bltr-group.com. We will respond within one month.
7. Right to Lodge a Complaint
You have the right to lodge a complaint with a supervisory authority if you believe our processing of your personal data violates the GDPR. As BLTR Group Ltd is registered in Cyprus, the lead supervisory authority is:
Commissioner for Personal Data Protection (Cyprus)
1 Iasonos Street, 1082 Nicosia, Cyprus
Email: commissioner@dataprotection.gov.cy
Website: www.dataprotection.gov.cy
8. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. The date at the top of this page shows when it was last revised. Continued use of our website after changes constitutes acceptance of the updated policy.
This Privacy Policy complies with the EU General Data Protection Regulation (GDPR) and applicable Cypriot data protection legislation. Last reviewed: May 2025.