Legal - Privacy Policy

1. Introduction

Welcome to Empinet, a brand operated by Mahdi Hezaveh IT Consulting (“we”, “us”, or “our”). We respect your privacy and are committed to protecting your personal data in accordance with the EU General Data Protection Regulation (GDPR) and other applicable data protection laws.

2. Data Controller

The data controller responsible for your personal data is:

For any privacy-related inquiries, please contact us at [email protected].

3. Data We Collect and Purposes

We may collect and process the following categories of personal data:

• Contact Information: When you use our contact form, we collect your name, email address, and message content to respond to your inquiry.
• Website Usage Data: We collect information about how you interact with our websites (empinet.com, band.place, postrocknation.com) through cookies and similar technologies.
• Technical Data: Including IP address, browser type, operating system, and device information for security and analytics purposes.

4. Legal Basis for Processing

We process your personal data based on the following legal grounds:

• Contractual Necessity: When processing is necessary for the performance of a contract with you.
• Legitimate Interests: For our legitimate business interests, such as improving our services and website security.
• Consent: Where we have obtained your explicit consent for specific processing activities.
• Legal Obligation: When processing is necessary to comply with legal requirements.

5. Use of Cookies

Our websites use cookies and similar tracking technologies to enhance your experience. These small text files are stored on your device to help the website function properly, analyze usage, and remember your preferences. You can control or delete cookies through your browser settings. Most web browsers allow you to manage your cookie preferences through their settings pages. Please note that disabling certain cookies may affect the functionality of our website.

6. Analytics and Third-Party Tools

We may use third-party services to analyze website usage, such as Google Analytics. These services may collect information about your use of our websites and other websites to provide analytics services.

Our websites may include embedded content from third parties (e.g., YouTube, SoundCloud, GitHub) which may collect data about your interaction with the embedded content.

7. Data Sharing and Processors

We may share your personal data with:

• Service Providers: Companies that provide services on our behalf (e.g., hosting, analytics, customer support).
• Legal Requirements: When required by law or to protect our rights and the rights of others.
• Business Transfers: In connection with a merger, acquisition, or sale of assets.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law.

8. Data Retention

We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

Typical retention periods:

• Contact Form Submissions: 12 months from last contact
• Analytics Data: 26 months from last interaction
• Technical Logs: 30 days from collection

9. Your Rights

Under GDPR, you have the following rights regarding your personal data:

• Right to Access: Request a copy of your personal data.
• Right to Rectification: Request correction of inaccurate or incomplete data.
• Right to Erasure: Request deletion of your personal data.
• Right to Restriction: Request limitation of processing.
• Right to Data Portability: Request transfer of your data to another service.
• Right to Object: Object to certain types of processing.
• Right to Withdraw Consent: Where processing is based on consent.

To exercise these rights, please contact us using the details in Section 2.

10. Security Measures

We implement appropriate technical and organizational measures to protect your personal data against unauthorized or unlawful processing, accidental loss, destruction, or damage.

These measures include:

• Encryption of data in transit using TLS/SSL
• Regular security assessments and updates
• Access controls and authentication measures
• Staff training on data protection

11. International Data Transfers

Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA). When we do so, we ensure appropriate safeguards are in place to protect your data in accordance with applicable data protection laws.

12. Links to External Websites

Our websites may contain links to third-party websites. This Privacy Policy does not apply to those websites, and we encourage you to review their privacy policies before providing any personal data.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the “Last updated” date at the top.

Your continued use of our services after any changes constitutes your acceptance of the updated policy.

14. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us at:

You also have the right to lodge a complaint with a supervisory authority, in particular in the EU member state of your habitual residence, place of work, or the place of the alleged infringement.