Privacy Policy
Last updated: March 24, 2026
1. Who We Are
Trembit (“we,” “us,” or “our”) is a software development company registered in the United Kingdom, specialising in WebRTC, video streaming, and custom software engineering services.
Website: https://trembit.com
Contact email: info@trembit.com
This Privacy Policy explains how we collect, use, store, and protect your personal data when you visit our website or interact with our services. It applies to all visitors of trembit.com and its subdomains.
2. What Data We Collect
2.1 Data You Provide Directly
When you submit a contact form, request a consultation, or email us, we may collect:
- Full name
- Email address
- Phone number (if provided)
- Company name (if provided)
- Project description or message content
2.2 Data Collected Automatically
When you browse our website, we automatically collect:
- IP address (anonymised where possible)
- Browser type and version
- Operating system
- Pages visited and time spent on each page
- Referring website URL
- Device type (desktop, tablet, mobile)
This data is collected via Google Analytics 4 (GA4) and standard server logs.
2.3 Cookies and Tracking Technologies
We use cookies and similar technologies to improve your experience. For details, see our Cookie Policy.
3. How We Use Your Data
We use the personal data we collect for the following purposes:
- Respond to inquiries: To reply to your contact form submissions and provide requested information about our services.
- Improve our website: To analyse how visitors use our site and make improvements to content, navigation, and performance.
- Security and fraud prevention: To protect our website from spam, abuse, and malicious activity (via Google reCAPTCHA).
- Legal compliance: To comply with applicable legal obligations under UK and EU law.
We do not sell, rent, or trade your personal data to third parties.
4. Legal Basis for Processing (GDPR)
Under the General Data Protection Regulation (GDPR), we process your data based on the following legal grounds:
| Legal Basis | When It Applies |
|---|---|
| Consent | When you submit a contact form or accept cookies |
| Legitimate interest | Website analytics, security, and spam prevention |
| Legal obligation | When we must comply with UK/EU law |
You may withdraw your consent at any time by contacting us at info@trembit.com.
5. Third-Party Data Processors
We share your data with the following third-party services, each of which processes data on our behalf:
| Service | Purpose | Data Processed | Privacy Policy |
|---|---|---|---|
| Google Analytics 4 | Website analytics | Anonymised usage data, IP address | Google Privacy Policy |
| Google reCAPTCHA | Spam and bot prevention | IP address, browser data | Google Privacy Policy |
| Botpress | Website chatbot | Chat messages, session data | Botpress Privacy Policy |
All third-party processors are contractually obligated to process data in accordance with GDPR requirements.
6. International Data Transfers
Some of our third-party processors (Google, Botpress) may transfer data outside the European Economic Area (EEA). Where this occurs, we ensure appropriate safeguards are in place, including:
- Standard Contractual Clauses (SCCs) approved by the European Commission
- Adequacy decisions where applicable
7. Data Retention
We retain your personal data only for as long as necessary to fulfil the purposes described in this policy:
| Data Type | Retention Period |
|---|---|
| Contact form submissions | 24 months from submission |
| Analytics data | 14 months (GA4 default) |
| Server logs | 90 days |
| Chat conversations (Botpress) | 12 months |
After the retention period, data is securely deleted or anonymised.
8. Your Rights Under GDPR
If you are located in the EEA or the United Kingdom, you have the following rights regarding your personal data:
- Right of access — Request a copy of the personal data we hold about you.
- Right to rectification — Request correction of inaccurate or incomplete data.
- Right to erasure — Request deletion of your personal data (“right to be forgotten”).
- Right to restrict processing — Request that we limit how we use your data.
- Right to data portability — Receive your data in a structured, machine-readable format.
- Right to object — Object to processing based on legitimate interest.
- Right to withdraw consent — Withdraw previously given consent at any time.
To exercise any of these rights, contact us at info@trembit.com. We will respond within 30 days.
If you believe your data protection rights have been violated, you have the right to lodge a complaint with:
- UK: Information Commissioner’s Office (ICO) — ico.org.uk
- EU: Your local Data Protection Authority
9. Data Security
We implement appropriate technical and organisational measures to protect your personal data, including:
- HTTPS encryption across all pages
- Secure hosting infrastructure
- Access controls limiting who can view personal data
- Regular security reviews
While no system is 100% secure, we take reasonable steps to protect your data from unauthorised access, disclosure, alteration, or destruction.
10. Children’s Privacy
Our website and services are not directed at individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child without parental consent, we will delete it promptly.
11. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will update the “Last updated” date at the top of this page. We encourage you to review this policy periodically.
12. Contact Us
If you have questions about this Privacy Policy or wish to exercise your data rights, contact us:
Email: info@trembit.com
Website: https://trembit.com/contacts