1. Introduction

This Privacy Policy sets out how Release ASAP Ltd (incorporated and registered in Cyprus with company number 447164, registered office at Konstantinoupoleos 24, MAZOTOS HILLS 4, Flat/Office 103, Larnaca, Mazotos 7577, Cyprus) (“Company” , “we” , “us” or “our”) collects, uses, stores, and discloses personal data in connection with our website and services.

By accessing or using our services, you confirm that you have read, understood, and agree to the terms of this Privacy Policy. If you do not agree, please discontinue use and contact us to request data deletion.

2. Definitions

• You: The individual or entity using the service;
• Controller: Release ASAP Ltd, which determines the purposes and means of data processing;
• Personal Data: Information related to an identified or identifiable person;
• Processing: Any operation performed on personal data, such as collection, storage, or use;
• Service Provider: Third parties who process data on our behalf.

3. Categories of Personal Data We Collect

We may collect and process the following categories of personal data:

• Identification Data: Full name, company name, job title;
• Contact Data: Email address, telephone number, mailing address;
• Account Data: Username, hashed password, user settings;
• Billing and Payment Data: Billing address, permitted portions of payment card data, transaction history;
• Technical and Usage Data: IP address, browser type, device information, user behavior metrics;
• Communication Data: Messages, support tickets, chat logs, user feedback;
• Authentication and Security Data: 2FA tokens, session records, login timestamps;
• Marketing and Preferences: Newsletter subscriptions, campaign interaction, user consents.

4. Legal Basis for Processing

Our processing activities rely on several lawful bases under the General Data Protection Regulation (EU) 2016/679 (“GDPR”), including performance of a contract, legitimate interests, compliance with legal obligations, and consent where applicable.

5. Cookies and Tracking Technologies

Our website uses cookies and similar tracking tools to enhance your user experience, monitor website performance, and understand user interaction. These technologies collect certain data automatically, including:

• Your IP address;
• Browser type and version;
• Device information;
• Time and date of access;
• Pages visited and time spent on the site.

Cookies may also support security features, remember user preferences, and facilitate certain functionalities such as logging in or submitting forms. You can manage your cookie preferences through your browser settings. Disabling cookies may impact the availability and functionality of some parts of the website.

6. Data Sharing

We may share your personal data with:

• Authorized Service Providers;
• Our Affiliates and business partners (subject to similar protections);
• Authorities, courts, or regulators where legally required;

7. International Data Transfers

Where data is transferred outside the EEA, we ensure appropriate safeguards under GDPR, such as Standard Contractual Clauses, are in place.

8. Data Retention. Security measures

We retain your personal data for no longer than necessary for the purposes described in this Policy or as required by law.

We treat the protection of your Personal Data as a core operational priority. The Company has put in place appropriate technical and organizational controls to address potential threats to your data and ensure its security. As a PCI DSS Level 1 certified provider, we adhere to the highest standards in handling payment information. While we make every effort to secure your data using industry-recognized safeguards, we acknowledge that no system can be entirely immune to security risks.

9. Your Data Protection Rights

• Right to Withdraw Consent
  If your personal data is being processed based on your consent, you may revoke that consent at any time. This withdrawal does not affect the lawfulness of any processing carried out prior to your revocation. You can withdraw consent by contacting our Support team at support@truegate.tech with the subject line “Consent Withdrawal” or by adjusting your preferences within the application settings.
• Right to Be Informed
  You are entitled to clear information about what personal data we collect, how it is processed, and for what purposes. You may request a copy of the personal data we hold about you. To make such a request, please contact us with specific details of the information you wish to access.
• Right to Rectification
  You can ask us to correct or update any personal data that is inaccurate, incomplete, or outdated, pursuant to Article 16 of the GDPR. In certain circumstances, you may also request the deletion of such data.
• Right to Erasure (“Right to Be Forgotten”)
  You have the right to request the deletion of your personal data under specific legal conditions. We may not be able to comply if the data is still required for the purpose it was collected, if we have overriding legitimate interests (e.g., fraud prevention), or if retention is required by law or for the establishment, exercise, or defense of legal claims.
• Right to Object
  You can object to our processing of your personal data when it is based on legitimate interests or used for direct marketing. If you object, we will stop processing your data unless we demonstrate compelling legitimate grounds to continue.
• Right to Restrict Processing
  Under Article 18 of the GDPR, you may request the restriction of your data processing if the data is inaccurate, unlawfully processed, no longer required, or pending an objection review.
• Right to Data Portability
  In certain scenarios, you may request that the personal data you provided be supplied to you in a structured, commonly used, and machine-readable format. This data may also be transmitted directly to another controller upon your request. Such requests can be made by contacting us at support@truegate.tech.
• Right to Lodge a Complaint
  If you believe that your data rights have been infringed, you may contact your national data protection authority. EU residents can find relevant contacts here: https://edpb.europa.eu/about-edpb/board/members_en . Swiss residents may refer to: https://www.edoeb.admin.ch/edoeb/en/home/the-fdpic/contact.html.
• Right to Access, Amend, or Delete Data
  You have the right to request access to your personal information, to have it updated, or to request its deletion under applicable legal conditions. We respond to verified requests within 30 business days. You may request one free copy of your data; additional copies may be subject to a reasonable fee. Requests should be directed to support@truegate.tech.
• Additional Rights for EEA Residents
  If you reside in the EEA, you have the right to file a complaint with a supervisory authority in your home country, workplace, or the country where you believe your rights have been violated. We welcome the opportunity to address your concerns directly before formal complaints are made.

10. California Residents

If you are a California resident, you may have the following rights under the California Consumer Privacy Act (CCPA):

• The right to know what personal data we collect, use, disclose, and sell (we do not sell personal data);
• The right to request access to specific pieces of personal data collected about you within the past 12 months;
• The right to request deletion of personal data, subject to certain exceptions;
• The right not to receive discriminatory treatment for exercising your privacy rights.

You can exercise these rights by contacting us at: support@truegate.tech and including “CCPA Request” in the subject line. We may verify your identity before fulfilling your request.

13. Contact Us

For questions about this Privacy Policy or to exercise your rights, contact:
Email: support@truegate.tech
Address: Konstantinoupoleos 24, MAZOTOS HILLS 4, Flat/Office 103, Larnaca, Mazotos 7577, Cyprus