Aquila Dynamics
← Back to home

Legal

Privacy Policy

Effective 22 April 2026

This policy explains what personal data Aquila Dynamics collects when you visit aquiladynamics.com or get in touch with us, why we collect it, how long we keep it, and the rights you have under the GDPR / UK GDPR.

1. Who we are

Aquila Dynamics Limited(“Aquila Dynamics”, “we”, “us”) is a digital engineering company building integrated retail technology (AquilaFlex POS, Aquila Shelf Edge, Aquila Payments and related services). Our registered office is at 79 Archiepiskopou Makariou III, Larnaca 7102, Cyprus, with operating offices in Poland, Romania, Cyprus, Ukraine, Slovakia, Czech Republic and the United Kingdom. We act as the data controller for personal data collected on this website.

For any privacy-related question or to exercise your rights, contact us at [email protected].

2. What data we collect

  • Demo / contact requests. When you submit your work email through the contact form we collect that email address and any additional context you choose to share with our team in follow-up correspondence.
  • Direct correspondence. If you email [email protected] or another team address, we keep the contents of that exchange to handle your request.
  • Recruitment. If you apply for a role through us, we process the CV, cover letter and interview notes you share. Recruitment data is handled under a separate retention schedule and deleted within 12 months unless we agree otherwise with you.
  • Technical data. When you load the website our hosting provider receives your IP address, user-agent string and basic request metadata. We use this to keep the service running and to investigate abuse.
  • Analytics & cookies. See the Cookies Policy for the full breakdown of cookies and similar technologies, and how to disable them.

3. Why we use it

PurposeLawful basis
Responding to demo / contact requestsSteps to enter into a contract at your request
Sending follow-up commercial communicationsLegitimate interest in pursuing the conversation you initiated
Operating, securing and debugging the websiteLegitimate interest in running our services safely
RecruitmentSteps to enter into an employment contract at your request
Compliance with statutory obligationsLegal obligation

4. Who we share it with

We do not sell personal data. We share it only with the third parties we need to run the service, under written processing agreements:

  • Hosting and infrastructure providers who run the servers and CDN that deliver this site.
  • CRM and email tooling used by our sales and recruitment teams to track and reply to enquiries.
  • Professional advisers (legal, accounting) where strictly necessary, and only under a duty of confidentiality.
  • Authorities where we are legally compelled to disclose information.

5. International transfers

Our team operates from offices inside and outside the EEA / UK. Where personal data is transferred outside the EEA / UK, we rely on the European Commission’s Standard Contractual Clauses (and the UK IDTA Addendum where applicable) supplemented by the technical and organisational measures described in our security documentation.

6. How long we keep it

  • Demo requests: retained for up to 24 months from your last interaction, then deleted unless you become a customer.
  • General correspondence: kept for as long as needed to handle the matter and then archived for the limitation period applicable to any related claim.
  • Recruitment data: kept for up to 12 months after the recruitment process ends, unless you ask us to keep it on file longer.
  • Server logs: kept for up to 90 days for security and debugging.

7. Your rights

Under the GDPR / UK GDPR you have the right to:

  • access the personal data we hold about you;
  • have inaccurate data corrected;
  • request deletion of your data where one of the legal grounds applies;
  • restrict or object to certain types of processing;
  • request portability of data you provided to us;
  • withdraw consent at any time where we rely on consent (this does not affect the lawfulness of processing carried out beforehand);
  • lodge a complaint with your local data protection authority (in Cyprus, the Office of the Commissioner for Personal Data Protection).

To exercise any of these rights, email [email protected]. We will respond within one month.

8. Security

We protect your data with industry-standard technical and organisational measures including TLS in transit, role-based access control, least-privilege principles, regular patching and audited backups. No system is perfectly secure; if you believe your data may have been compromised please contact us immediately.

9. Changes

We may update this policy from time to time. Any material change will be reflected in the “Effective” date at the top of this page. If a change materially affects how we use the data we already hold about you, we will let you know directly where we have the means to do so.