Privacy Policy

This Privacy Policy outlines the practices of The Obsidian Co. Ltd (referred to as "we", "us", "our", or "Company"). We are a digital marketing agency specializing in Google Ads, SEO, Social Media Marketing, and Branding. This policy explains the types of information we collect, how we use it, and how we protect your data.

We collect and process personal data under the legal basis of Legitimate Interest in order to develop business relationships and provide our services. We ensure that our interest does not override your rights and freedoms.

‍2.1 Types of Data CollectedWe may collect and process the following information:Publicly Available Data: Information sourced from publicly accessible websites, social media, print or broadcast media.Directly Provided Data: Information you provide to us via email, phone, in-person meetings, website forms, or other communications.Third-Party Data: Information obtained from employees of your organization or professional contacts who may have introduced us.

‍2.2 Purpose of Data ProcessingYour data is used for the following purposes:To contact you regarding business opportunities relevant to your organization.To ensure we communicate with the most relevant person at your organization.To manage and improve our marketing, sales, and client relationship efforts.We do not use your data for automated decision-making or profiling.

We take appropriate technical and organizational measures to safeguard your data. Your information is stored securely in data centers located in the European Union and the United States, specifically with Linode, SiteGround, and Google. Data transfers outside the EU comply with the EU-U.S. Data Privacy Framework or Standard Contractual Clauses (SCCs) to ensure lawful processing.

Access to personal data is restricted to authorized personnel responsible for business development and client relationship management.

We retain personal data only as long as necessary for the stated purposes:If there is no engagement with our company, your data will be deleted within two years.If you request deletion, we will remove your data within 30 days, unless we are required to retain it for legal or regulatory purposes.

Under the General Data Protection Regulation (GDPR), you have the following rights:
‍
‍Right to Be Informed: Know how your data is being collected and used.
‍Right of Access: Request a copy of your personal data.
‍Right to Rectification: Correct inaccurate or incomplete data.
‍Right to Erasure: Request the deletion of your personal data.
‍Right to Restrict Processing: Limit how we process your data.
‍Right to Data Portability: Request your data in a transferable format.
‍Right to Object: Opt out of data processing where legitimate interests are relied upon.

To exercise any of these rights, please contact us at info@theobsidianco.com.

If you believe we have violated your privacy rights, you have the right to file a complaint with your local Data Protection Authority:In the EU, you can find your authority at https://edpb.europa.eu.In the UK, contact the Information Commissioner’s Office (ICO) at https://ico.org.uk/concerns/.