Privacy Policy

Last updated: March 2025

1. Data Controller

Bastion Operations, registered in Estonia, EU, is the data controller for personal data collected through our website and services.

2. Data We Collect

We collect information you provide directly to us, including: name, email address, and any information submitted through our contact forms. We do not collect personal data from visitors who do not contact us.

3. How We Use Your Data

We use personal data solely to: respond to enquiries, provide requested services, and communicate about our products. We do not use your data for marketing without explicit consent.

4. Data Processing in Our Products

Data processed within our software platforms (player assessments, risk scores, surveillance reports) is processed on behalf of our clients. Bastion Operations acts as a data processor. All such data remains the property of the client and is processed in accordance with applicable data protection regulations including GDPR.

5. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected. Contact form submissions are retained for 12 months unless you request earlier deletion.

6. Your Rights (GDPR)

Under GDPR, you have the right to: access your personal data, request correction or deletion, restrict processing, data portability, and object to processing. To exercise these rights, contact us at the address below.

7. Cookies

Our website uses only essential cookies required for site functionality. We do not use tracking cookies or third-party advertising cookies.

8. Third-Party Services

We use Vercel for hosting and Vercel Analytics for anonymous usage statistics. No personally identifiable information is shared with these services.

9. Contact

For privacy-related enquiries or to exercise your data rights, contact us at bastionops.io@gmail.com.