Privacy Policy

Last updated: 1st January 2026

Effective date: 1st January 2026

1. Introduction

CobaltShift Ltd ("we", "our", or "us") is committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, process, and safeguard your personal data when you visit our website at cobaltshift.top or use our services.

As the data controller, CobaltShift Ltd is responsible for determining how and why your personal data is processed. We are registered in Cyprus under company number HE251463 and our registered office is at Gladstonos Street 26, Nicosia 1043, Cyprus.

2. Data We Collect

We collect various types of personal data to provide and improve our construction estimating software comparison services. The data we collect includes:

  • Contact Information: Name, email address, phone number, company name, and postal address
  • Technical Information: IP address, browser type, device information, operating system, and website usage data
  • Business Information: Project types, team size, software requirements, and business needs
  • Communication Data: Records of our correspondence, enquiries, and support requests
  • Website Analytics: Page views, time spent on site, click patterns, and referral sources
  • Cookie Data: Information collected through cookies and similar tracking technologies

3. How We Use Your Information

We use your personal data for specific, legitimate business purposes. How we use your information depends on the services you use and your preferences:

  • Service Provision: To provide software comparison services, consultations, and recommendations tailored to your needs
  • Communication: To respond to enquiries, provide customer support, and send service-related communications
  • Business Operations: To process payments, maintain accounts, and manage our business relationship
  • Website Improvement: To analyse website performance, understand user behaviour, and improve our services
  • Marketing: To send relevant information about our services (with your consent where required)
  • Legal Compliance: To comply with legal obligations and protect our legitimate business interests

4. Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds:

  • Contractual Necessity: To perform our services and fulfil our contractual obligations
  • Legitimate Interest: To operate our business, improve our services, and communicate with clients
  • Consent: For marketing communications and non-essential cookies (where applicable)
  • Legal Obligation: To comply with applicable laws and regulations

5. Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner.

For detailed information about the cookies we use, please refer to our Cookie Policy.

6. Data Sharing and Disclosure

We do not sell your personal data to third parties. We may share your information in the following circumstances:

  • Service Providers: With trusted third-party providers who assist us in operating our website and providing services
  • Legal Requirements: When required by law, court order, or government authority
  • Business Transfers: In connection with mergers, acquisitions, or sale of business assets
  • Protection of Rights: To protect our rights, property, safety, or that of our users or others

7. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected and to comply with legal requirements. Our data retention periods are based on:

  • Client Data: Maintained for the duration of our business relationship plus 7 years for legal and tax purposes
  • Website Analytics: Typically retained for 26 months in Google Analytics
  • Marketing Data: Retained until you withdraw consent or we determine it's no longer needed
  • Legal Documentation: Retained as required by applicable laws and regulations

8. Your Rights

Under GDPR and applicable data protection laws, you have the following rights regarding your personal data:

  • Right of Access: Request copies of your personal data
  • Right of Rectification: Request correction of inaccurate or incomplete data
  • Right of Erasure: Request deletion of your personal data in certain circumstances
  • Right to Restrict Processing: Request limitation of how we process your data
  • Right to Data Portability: Request transfer of your data to another organisation
  • Right to Object: Object to processing based on legitimate interests or for direct marketing
  • Right to Withdraw Consent: Withdraw consent for processing where consent was the legal basis

9. Data Security

We implement appropriate technical and organisational security measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit and at rest
  • Regular security assessments and updates
  • Access controls and authentication procedures
  • Staff training on data protection and security
  • Secure hosting and backup procedures

10. International Data Transfers

As we operate primarily within the European Economic Area (EEA), most data processing occurs within this region. When we transfer data outside the EEA, we ensure appropriate safeguards are in place, such as adequacy decisions or standard contractual clauses approved by the European Commission.

11. Contact Information

If you have any questions about this Privacy Policy, wish to exercise your rights, or need to contact us regarding data protection matters, please reach out to us:

Data Protection Contact:

Email: privacy@cobaltshift.top

Phone: +357 22809858

Address: CobaltShift Ltd, Gladstonos Street 26, Nicosia 1043, Cyprus

12. Supervisory Authority

You have the right to lodge a complaint with the relevant supervisory authority if you believe we have not handled your personal data in accordance with applicable laws. In Cyprus, the supervisory authority is the Commissioner for Personal Data Protection.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or applicable laws. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date. Your continued use of our services after such changes constitutes acceptance of the updated policy.

14. Third-Party Services

Our website may contain links to third-party websites or services. This Privacy Policy does not apply to those external sites. We recommend reviewing the privacy policies of any third-party services you access through our website.

Need Help?

If you have questions about how we handle your personal data or need assistance exercising your rights, please contact us at privacy@cobaltshift.top. We're here to help and will respond to your enquiry within 30 days.