Send inquiry

Privacy Policy

Last updated: 1 May 2026

Web Consilio ("we", "our", "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains what data we collect when you use our website webconsilio.com, how we use it, and what rights you have.

This policy is aligned with the EU General Data Protection Regulation (GDPR) and the Personal Data Protection Law of the Republic of Serbia (Official Gazette RS, No. 87/2018).

1. Data Controller

The controller of your personal data is:

  • Name: Web Consilio
  • Registration number (MB): 65545888
  • Tax ID (PIB): 111621867
  • Address: [address - to be provided], Novi Sad, Serbia
  • Email: office@webconsilio.com
  • Phone: [phone - to be provided]

2. What Data We Collect

2.1. Data You Provide Directly

When you fill out the contact form or send an inquiry through our modal form, we collect:

  • First and last name
  • Email address
  • Phone number (optional)
  • Company name (optional)
  • Content of the message you send us
  • Approximate budget and deadline (optional)

2.2. Automatically Collected Data

When you visit our site, we automatically collect certain technical data:

  • IP address
  • Browser and operating system type
  • Pages you visited and time spent on the site
  • Referrer (where you came from)
  • Device type (mobile, tablet, desktop)

This data is collected through cookies and analytics tools — more details in our Cookie Policy.

3. Legal Basis and Purpose of Processing

We process your data based on the following legal grounds:

  • Your consent (Art. 6(1)(a) GDPR) — when you fill out a form and send an inquiry, or accept optional cookies.
  • Contract performance (Art. 6(1)(b) GDPR) — when we are negotiating or delivering services to you.
  • Legitimate interests (Art. 6(1)(f) GDPR) — for site security, abuse prevention, analytics, and content improvement.
  • Legal obligation (Art. 6(1)(c) GDPR) — when the law requires retention of certain records (e.g. invoices).

We use your data to:

  • Respond to your inquiry and send a quote
  • Negotiate and conclude a service agreement
  • Send business communication related to the project
  • Send email campaigns and newsletter — only with your explicit consent
  • Analyze visits and improve the site
  • Prevent abuse and ensure security

4. Who We Share Your Data With

We do not sell your personal data. We share it only with verified partners that help us deliver the service:

  • Formspree (formspree.io) — contact form processing. Data passes through their US servers under appropriate safeguards (Standard Contractual Clauses).
  • Google (Google Analytics 4, Google Ads, reCAPTCHA) — analytics and security. Google may transfer data to the US under GDPR-adequate mechanisms.
  • Meta (Facebook Pixel) — if we run retargeting campaigns. Similar to Google.
  • Hosting provider [hosting company - to be provided] — where the site is hosted.
  • Email service [Mailchimp/Brevo/etc. - if used] — for newsletter delivery.
  • Authorities — only if required by law and exclusively within an official procedure.

5. Data Retention

  • Contact form data: 24 months from the last communication, or until you request deletion.
  • Client data with concluded contract: in accordance with legal obligations (accounting: 10 years; contract archive: 5 years).
  • Newsletter subscribers: as long as you remain subscribed, plus 12 months after unsubscribing.
  • Analytics data (GA4): 14 months (Google default).
  • Server logs: maximum 30 days.

6. Your Rights

Under GDPR and Serbian law, you have the following rights:

  • Right of access — you can request a copy of the data we process about you.
  • Right to rectification — if data is inaccurate or incomplete.
  • Right to erasure("right to be forgotten") — you can request deletion of your data when there's no legal basis for continued processing.
  • Right to restriction of processing — you can request temporary suspension of processing.
  • Right to data portability — you can request your data in a structured, machine-readable format.
  • Right to object — you can object to processing for direct marketing purposes.
  • Right to withdraw consent — if processing is based on your consent, you can withdraw it at any time.

To exercise any of these rights, send an email to office@webconsilio.com. We respond within 30 days.

If you believe we have violated GDPR or Serbian privacy law, you have the right to file a complaint with the Serbian Commissioner for Information of Public Importance and Personal Data Protection.

7. Data Security

We apply technical and organizational measures — HTTPS encryption, restricted data access for authorized persons only, regular security patches, encrypted backups. No one can guarantee 100% security over the internet, but we make reasonable efforts to protect your data.

8. Minors

Our site is not intended for persons under 16 years of age. We do not knowingly collect personal data from minors. If you discover that a child has sent us their data, please notify us so we can delete it.

9. Changes to the Privacy Policy

We may update this policy. If there's a material change, we'll notify you by email (if we have your address) or with a prominent notice on the site before it takes effect. The last update date is shown at the top of this page.

10. Contact

For any privacy-related question or concerning the processing of your data, send an email to office@webconsilio.com or use the contact form.