// Legal

Privacy Policy

Last updated: February 23, 2026

1. Data Controller

The data controller responsible for the processing of your personal data is:

Rudolf Run Ltd
Falirou 13, 7550 Kiti, Cyprus
Registration No. HE434878
Email: support [at] rudolf.run
Phone: +357 (95) 95-3970

2. Scope of This Policy

This Privacy Policy explains how Rudolf Run Ltd ("we", "us", "our") collects, uses and protects personal data when you visit our website rudolf.run or contact us via email or telephone. This policy applies in accordance with the General Data Protection Regulation (EU) 2016/679 ("GDPR") and the Cyprus Processing of Personal Data (Protection of the Individual) Law of 2018 (Law 125(I)/2018).

3. What Personal Data We Collect

We collect and process the following categories of personal data:

3.1 Data You Provide Voluntarily

When you contact us by email or telephone, we may collect:

  • Your name
  • Your email address
  • Your phone number
  • Your company name and role
  • Any other information you choose to include in your message

3.2 Data Collected Automatically (Server Logs)

When you visit our website, our hosting provider automatically collects and stores certain technical data in server log files. This may include:

  • Your IP address
  • Date and time of access
  • Pages visited and files requested
  • HTTP status codes
  • Referring URL (the page you came from)
  • Browser type and version
  • Operating system

This data is collected to ensure the security and proper functioning of our website. It is not combined with other data sources and cannot be attributed to specific persons without additional information.

4. Cookies and Tracking Technologies

Our website does not use cookies. We do not use any analytics tools, tracking pixels, fingerprinting or similar technologies. No data is stored on your device when you visit our website.

5. External Resources

Our website uses self-hosted web fonts (Inter, JetBrains Mono) stored on our own server. No external font delivery services or CDNs are used. Loading fonts does not trigger any connections to third-party servers.

6. Legal Basis for Processing

We process personal data on the following legal bases under Art. 6(1) GDPR:

  • Art. 6(1)(b) GDPR — Performance of a contract or pre-contractual measures: When you contact us to enquire about our consulting services, we process your data to respond to your request and, where applicable, to enter into a contractual relationship.
  • Art. 6(1)(f) GDPR — Legitimate interest: We have a legitimate interest in processing server log data to ensure the security, stability and availability of our website, and to prevent and investigate unauthorized access or misuse.

7. How We Use Your Data

We use the personal data we collect for the following purposes:

  • Responding to your enquiries and communicating with you about our services
  • Entering into and performing consulting engagements
  • Ensuring the security and proper operation of our website
  • Complying with legal obligations

8. Data Recipients and Third Parties

We do not sell, rent or trade your personal data. Your data may be shared with the following categories of recipients only to the extent necessary:

  • Hosting provider: Our website is hosted by a third-party provider that processes server log data on our behalf. This provider acts as a data processor under Art. 28 GDPR.
  • Email provider: Emails sent to us are processed by our email service provider, acting as a data processor under Art. 28 GDPR.
  • Professional advisors: Where required, we may share data with legal and accounting advisors who are bound by professional confidentiality obligations.
  • Legal authorities: We may disclose data where required by applicable law, regulation or court order.

9. International Data Transfers

We endeavour to process all personal data within the European Economic Area (EEA). If any data is transferred to a country outside the EEA, we will ensure that appropriate safeguards are in place in accordance with Chapter V of the GDPR (e.g. EU Standard Contractual Clauses or an adequacy decision by the European Commission).

10. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected:

  • Enquiry data (emails, messages): Retained for the duration of ongoing communication and for up to 3 years after last contact, unless a contractual relationship is established.
  • Contractual data: Retained for the duration of the contract and for up to 6 years thereafter, in accordance with Cyprus statutory retention requirements for tax and commercial records.
  • Server log data: Automatically deleted after 30 days unless longer retention is necessary for security incident investigation.

11. Your Rights

Under the GDPR, you have the following rights regarding your personal data:

  • Right of access (Art. 15 GDPR) — You may request confirmation of whether we process your personal data and, if so, obtain a copy of that data.
  • Right to rectification (Art. 16 GDPR) — You may request that inaccurate or incomplete data be corrected.
  • Right to erasure (Art. 17 GDPR) — You may request the deletion of your personal data where the processing is no longer necessary or lawful.
  • Right to restriction of processing (Art. 18 GDPR) — You may request that we restrict the processing of your data in certain circumstances.
  • Right to data portability (Art. 20 GDPR) — You may request to receive your personal data in a structured, commonly used, machine-readable format.
  • Right to object (Art. 21 GDPR) — You may object to the processing of your personal data where it is based on legitimate interests.

To exercise any of these rights, please contact us at support [at] rudolf.run or by post at the address listed above. We will respond to your request within one month.

12. Right to Lodge a Complaint

If you believe that our processing of your personal data infringes the GDPR, you have the right to lodge a complaint with a supervisory authority. The competent supervisory authority for Rudolf Run Ltd is:

Commissioner for Personal Data Protection
1 Iasonos Street, 1082 Nicosia, Cyprus
Phone: +357 22 818 456
Website: www.dataprotection.gov.cy

13. Links to Third-Party Websites

Our website may contain links to third-party websites (e.g. LinkedIn). We are not responsible for the content or privacy practices of those websites. We encourage you to read the privacy policies of any third-party website you visit.

14. Automated Decision-Making

We do not use automated decision-making or profiling as defined in Art. 22 GDPR.

15. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure or destruction. These measures include encrypted data transmission (TLS/SSL), access controls and regular security assessments.

16. Children's Privacy

Our website and services are directed at businesses and professionals. We do not knowingly collect personal data from children under the age of 16. If we become aware that we have collected data from a child, we will take steps to delete it promptly.

17. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. The updated version will be published on this page with a revised "Last updated" date. We encourage you to review this page periodically.

18. Contact

If you have any questions about this Privacy Policy or our data processing practices, please contact us:

Rudolf Run Ltd
Falirou 13, 7550 Kiti, Cyprus
Email: support [at] rudolf.run
Phone: +357 (95) 95-3970