Privacy Policy

Last Updated: April 12, 2025

1. Introduction

Welcome to www.colombianpassport.com (hereinafter, "the Website", "we", "us", "our"). Your privacy is of utmost importance to us. This Privacy Policy aims to inform you clearly and transparently about how we collect, use, share, and protect your personal information when you visit and use our Website. We are committed to protecting your personal data and complying with all applicable data protection laws. Specifically, this policy adheres to the requirements of the General Data Protection Regulation (GDPR) of the European Union (Regulation (EU) 2016/679) for users located in the European Economic Area (EEA), the United Kingdom (UK), and Switzerland, as well as Google's privacy and user consent policies, whose services we use on this Website. The GDPR establishes a robust legal framework for the protection of personal data of individuals in the EU, applicable to organizations that process such data, regardless of their location, if they offer goods/services or monitor the behavior of people in the EU. Google's policies, such as the EU User Consent Policy, align with these legal requirements, especially regarding the use of cookies and ad personalization.

To help you understand this policy, we define some key terms according to the GDPR:

• Personal Data: Any information relating to an identified or identifiable natural person ('data subject'). This may include name, email address, IP address, cookie identifiers, location data, etc.
• Processing: Any operation performed on personal data, such as collection, recording, organization, structuring, storage, adaptation, consultation, use, disclosure, erasure, or destruction.
• Data Controller: The natural or legal person who determines the purposes and means of the processing of personal data. In this case, it is us.
• Data Processor: The natural or legal person who processes personal data on behalf of the controller.
• Data Subject: The natural person whose personal data is being processed (you, the user).

We recommend reading this policy carefully to understand our practices regarding your personal data.

2. Data Controller

The entity responsible for processing the personal data collected through www.colombianpassport.com is: Alejandro Moreno Azcárate. For any inquiries or requests related to the privacy of your data and the exercise of your rights, you can contact us via: Email: amoreno@colombianpassport.com. The clear identification of the controller is a fundamental requirement of the GDPR to establish accountability and ensure that users know who to contact.

EU Representative (if applicable): If our entity is established outside the EEA but we process personal data of EEA residents regularly or on a large scale, we have appointed an EU representative as required by Article 27 of the GDPR. Their contact details are: Alejandro Moreno Azcárate, amoreno@colombianpassport.com.

3. Information We Collect

We collect different types of personal information about you when you interact with our Website. Data collection and processing are audited to ensure compliance. The types of data we may collect include:

Data you provide directly:

• Contact Information: Name, email address, phone number, when you use our contact forms, subscribe to our newsletter (if available), or otherwise interact directly with us.
• Communication Content: The content of messages you send us via contact forms, email, or other channels.
• Comments and Contributions: Information you provide when posting comments on the Website (if this functionality is enabled).
• Sensitive Data: We do not collect special categories of personal data (sensitive data according to Art. 9 GDPR, such as racial origin, political opinions, health, etc.).

Data we collect automatically:

• Technical and Device Information: IP (Internet Protocol) address, browser type and version, operating system, device type, unique device identifiers (including mobile advertising identifiers like Apple's IDFA or Android's Advertising ID if accessed from a mobile device). Your IP address may be used to determine your general location.
• Website Usage Information: The pages you visit on our Website, the date and time of your visit, the time spent on each page, the links you click, the URL of the website you came from (referring URL).
• Cookie Data and Similar Technologies: Much of the automatically collected information is obtained through the use of cookies, web beacons, pixels, and other tracking technologies. These technologies help us and third parties (like Google) operate the site, analyze usage, and display advertising. The collected data may include unique identifiers associated with your browser or device. See Section 5 for more details on cookies.

Data we may receive from third parties:

Occasionally, we might receive information about you from other sources, such as social media platforms (if you interact with our content on them) or advertising partners (e.g., aggregated data on ad performance). Google, as a provider of analytics and advertising services, also collects information when you interact with our site.

It is important to understand that even technical data such as IP addresses or cookie identifiers can be considered personal data under the GDPR if they allow an individual to be identified, directly or indirectly. Therefore, we treat this information with due safeguards.

4. Purposes and Legal Bases for Processing

We process your personal data only for specific, explicit, and legitimate purposes, and we do not process it in a manner incompatible with those purposes (principle of purpose limitation of the GDPR). For each purpose, we ensure we have a valid legal basis according to Article 6 of the GDPR. The main legal bases we use are:

• Consent (Art. 6(1)(a) GDPR): You have given us clear and affirmative permission to process your data for a specific purpose.
• Contract (Art. 6(1)(b) GDPR): Processing is necessary for the performance of a contract to which you are party or to take steps at your request prior to entering into a contract.
• Legal Obligation (Art. 6(1)(c) GDPR): Processing is necessary for compliance with a legal obligation to which we are subject.
• Legitimate Interests (Art. 6(1)(f) GDPR): Processing is necessary for our legitimate interests or those of a third party, except where such interests are overridden by your interests or fundamental rights and freedoms. When we use this basis, we conduct a balancing test to ensure it is appropriate.

Below, we detail the purposes for which we process your data and the corresponding legal bases. To facilitate understanding, we present a summary in the following table:

Summary of Data Processing:

4.1. Contact Information (name, email, phone), Communication Content:

Specific Purpose of Processing: Respond to your inquiries, requests for information, or comments submitted via contact forms or email. Provide the requested information or services related to Colombian passports.

Legal Basis (Article 6 GDPR): Contract (Art. 6(1)(b)) if the inquiry is pre-contractual or to fulfill a requested service. Legitimate Interests (Art. 6(1)(f)) to respond to general inquiries and manage communication.

Retention Period: (See Section 10).

4.2. Technical Information, Usage Information, Cookie Data (Necessary):

Specific Purpose of Processing: Operate and maintain the technical functionality of the Website. Ensure the security of the Website, prevent fraud and abuse.

Legal Basis (Article 6 GDPR): Legitimate Interests (Art. 6(1)(f)), as it is indispensable to provide the service.

Retention Period: (See Section 10).

4.3. Technical Information, Usage Information, Cookie Data (Analytics):

Specific Purpose of Processing: Analyze how users use the Website (e.g., pages visited, time spent) to understand performance, improve user experience, and optimize content (e.g., using Google Analytics).

Legal Basis (Article 6 GDPR): Consent (Art. 6(1)(a)) obtained through our cookie banner, in accordance with the ePrivacy Directive and Google's policies.

Retention Period: (See Section 10).

4.4. Technical Information, Usage Information, Cookie Data (Personalized Advertising / Remarketing):

Specific Purpose of Processing: Show you relevant ads on other websites and platforms (including Google's) based on your previous visit to our Website (remarketing), using services like Google Ads.

Legal Basis (Article 6 GDPR): Explicit Consent (Art. 6(1)(a)), obtained through our cookie banner, required by the ePrivacy Directive, the GDPR, and Google's EU User Consent Policy.

Retention Period: (See Section 10).

4.5. Technical Information (general location derived from IP), Cookie Data (Non-Personalized Advertising):

Specific Purpose of Processing: Show ads based on the context of the page you are visiting or your general location, without relying on your individual behavioral profile.

Legal Basis (Article 6 GDPR): Legitimate Interests (Art. 6(1)(f)) to finance the site through non-intrusive contextual advertising, after balancing interests.

Retention Period: (See Section 10).

4.6. Email address (if you subscribe):

Specific Purpose of Processing: Send you newsletters, updates, or marketing communications about our services (if you have opted in).

Legal Basis (Article 6 GDPR): Explicit Consent (Art. 6(1)(a)) obtained at the time of subscription.

Retention Period: (See Section 10).

4.7. Any relevant personal data:

Specific Purpose of Processing: Comply with legal obligations, respond to requests from competent authorities, defend our legal rights.

Legal Basis (Article 6 GDPR): Legal Obligation (Art. 6(1)(c)) or Legitimate Interests (Art. 6(1)(f)) to protect our legal rights.

Retention Period: (See Section 10).

5. Use of Cookies and Similar Technologies

Our Website uses cookies and similar technologies (such as tracking pixels or local storage) to automatically collect information, improve your Browse experience, analyze site usage, and display relevant advertising.

What are Cookies?

Cookies are small text files stored on your browser or device when you visit a website. They can be:

• First-party cookies: Set directly by our Website.
• Third-party cookies: Set by domains other than ours, such as Google (for analytics or advertising).
• Session cookies: Temporary, deleted when you close your browser.
• Persistent cookies: Remain on your device for a set period or until you delete them.

Types of Cookies We Use:

We use the following categories of cookies on our Website:

Strictly Necessary Cookies:

• Purpose: Essential for the Website to function correctly. They enable basic navigation, access to secure areas (if any), and ensure security.
• Legal Basis: Legitimate Interests (Art. 6(1)(f) GDPR), as they are indispensable for providing the service you request when visiting the site. They do not require your consent, but we inform you about their use.
• Examples: Session cookies, security cookies.

Preference or Functionality Cookies:

• Purpose: Allow the Website to remember choices you have made (such as preferred language, region) to provide a more personalized experience.
• Legal Basis: Consent (Art. 6(1)(a) GDPR).
• Examples: Language setting cookies.

Statistics or Analytics Cookies:

• Purpose: Help us understand how visitors interact with the Website by collecting information in an aggregated and, as far as possible, anonymous form. We use this data to improve the site's performance and content. We primarily use Google Analytics and Wix.
• Main Provider: Google LLC.
• Data Collected: Pages visited, time on site, device/browser type, general location, cookie/device identifiers. Google may process this information.
• Legal Basis: Consent (Art. 6(1)(a) GDPR). Although some data may be aggregated, the initial collection often involves personal identifiers requiring consent under the ePrivacy Directive and GDPR.

Marketing or Advertising Cookies:

• Purpose: Used to track your Browse activity across websites to show you ads that are more relevant to your interests (personalized advertising or remarketing). They are also used to measure the effectiveness of advertising campaigns. We use services like Google Ads for this purpose.
• Main Provider: Google LLC.
• Data Collected: Websites visited, interactions with ads, cookie/device identifiers, IP address (to infer location and interests). Google uses this information to create audience profiles and display personalized ads on its network. Google is experimenting with Privacy Sandbox technologies to perform these functions more privately.
• Legal Basis: Explicit and informed Consent (Art. 6(1)(a) GDPR). This consent is a strict requirement of both GDPR/ePrivacy and Google's EU User Consent Policy for ad personalization.

Details of Specific Cookies:

The following table provides details about some of the specific cookies that may be used on our Website. Please note that the exact list may vary, and it is recommended to use our consent management tool to view the most up-to-date information.

• _ga (Google Analytics): Distinguish users for statistical analysis. Type: Analytics. Duration: 2 years. Legal basis: Consent.
• _gid (Google Analytics): Distinguish users for statistical analysis. Type: Analytics. Duration: 24 hours. Legal basis: Consent.
• IDE (Google DoubleClick/Ads): Register and report user actions to measure ad effectiveness and present targeted ads. Type: Advertising. Duration: 13 months. Legal basis: Consent.
• Wix: Maintain the user's active session. Type: Necessary. Duration: Session. Legal basis: Legitimate Interest.
• Cookie Information + Consent Mode v2: Store the user's cookie consent preferences. Type: Necessary. Duration: 12 months. Legal basis: Legitimate Interest.

Your Consent:

Except for strictly necessary cookies, we will only activate other cookies (analytics, marketing, etc.) if you give us your prior, explicit, informed, and granular consent through our banner or consent management tool. Consent must be a clear affirmative action (such as clicking "Accept") and cannot be inferred from inaction or continued Browse. We will provide clear options to accept all, reject all, or customize your preferences by cookie category. We comply with Google's EU User Consent Policy and use a compliant Consent Management Platform (CMP), possibly certified by Google if we serve ads, to manage this process transparently and documented.

6. How to Manage Cookies and Withdraw Consent

You have control over the use of cookies and can withdraw your consent at any time. We offer several ways to manage your preferences:

Consent Management Tool (CMP):

Our Website uses a tool (cookie banner/widget) that allows you to grant, deny, or customize your consent for different cookie categories (except strictly necessary ones) the first time you visit the site.

You can change your preferences or withdraw your consent at any time by accessing the cookie settings via a persistent link or icon available on the Website ("Data Security Policies"). Withdrawing consent will not affect the lawfulness of processing based on consent before its withdrawal.

Browser Settings:

Most web browsers allow you to control cookies through their settings. You can configure your browser to reject all cookies, accept only first-party cookies, or notify you each time a site tries to set a cookie. You can also delete cookies already stored.

Please note that blocking or deleting all cookies (including necessary ones) may negatively affect the functionality of many websites, including ours. This option does not offer the granular control by purpose provided by our CMP.

Google Advertising Management:

You can control the information Google uses to show you personalized ads through Google Ad Settings.

You can also visit Google's My Ad Center to manage your ad preferences, limit ads on sensitive topics (such as alcohol, dating, etc.), and see what information is used for personalization.

You can turn off Google ad personalization completely through these tools. If you do, you will still see ads, but they may not be based on your interests, search history, or Browse history.

On mobile devices (Android): You can reset or delete your device's advertising identifier in the privacy settings, which will limit tracking for ad personalization in apps.

Withdrawal of Consent for Other Processing:

If you have given consent for other non-cookie related purposes (e.g., receiving our newsletter), you can withdraw it at any time by following the instructions provided in the relevant communication (e.g., using the "unsubscribe" link in emails).

It is important to distinguish between withdrawing consent given on our site via the CMP (which affects how we and our partners use cookies on this site) and opting out of personalized advertising via Google settings (which affects Google's ad personalization in general). Both are important tools for managing your privacy.

7. Who We Share Your Data With

We do not sell your personal information. However, we may share your personal data with certain categories of third parties for the purposes described in this policy, always ensuring appropriate safeguards are in place:

Service Providers (Data Processors):

We hire third-party companies and individuals to perform services on our behalf. This may include web hosting providers, data analysis services, email providers, advertising and technology partners, and potentially payment processors (if we offer payment services).

These providers act as data processors and only have access to the personal data necessary to perform their tasks. They are contractually obligated (through Data Processing Agreements - DPAs) to protect the confidentiality and security of your data, not to use it for their own purposes, and to act only according to our documented instructions, complying with GDPR requirements (Art. 28). We review our providers to ensure they meet data protection standards.

Google:

As mentioned earlier, we use Google services like Google Analytics and Google Ads. By using these services, we share certain information with Google (such as cookie identifiers, IP address, site usage data).

Google uses this information to provide its services (including measuring and personalizing ads, if you have consented), maintain and improve its services, develop new services, protect against fraud, and personalize the content and ads you see on Google and partner sites.

Depending on the service and context, Google may act as a data processor (following our instructions) or as an independent data controller (for its own purposes, e.g., improving its advertising products). We recommend reviewing Google's privacy policy and its page on how it uses information from sites or apps that use its services to better understand its practices. Google requires us to identify all parties receiving personal data as a result of using its products.

Legal Obligations and Protection of Rights:

We may disclose your personal data if we believe in good faith that it is necessary to:

• Comply with a legal obligation, subpoena, court order, or valid government request.
• Protect and defend our rights or property, or the safety of our users or the public.
• Prevent or investigate possible wrongdoing in connection with the Website.

Business Transfers:

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of all or part of our assets, your personal information could be transferred as part of that transaction. We would notify you of such an event and any change in control of your personal information, as well as any choices you may have.

Transparency about who data is shared with is a key requirement of both the GDPR and Google's policies.

8. International Data Transfers

Since we use global service providers, such as Google, and potentially other hosting or technology services based outside the European Economic Area (EEA), United Kingdom (UK), or Switzerland, your personal data may be transferred to and processed in countries outside these regions. The GDPR imposes strict restrictions on transfers of personal data outside the EEA/UK/Switzerland to ensure that the level of protection for your data is not undermined. We will only carry out such transfers if one of the following conditions established in Chapter V of the GDPR is met:

• Adequacy Decisions (Art. 45 GDPR): The European Commission has determined that the recipient country offers an adequate level of data protection. Countries such as the UK, Switzerland, Canada (for commercial organizations), Argentina, Uruguay, Israel, Japan, New Zealand, South Korea, Andorra, and others have adequacy decisions. For transfers to the United States, we rely on the EU-US Data Privacy Framework if the recipient company is certified under this framework. Google LLC is certified under this framework. If an adequacy decision exists, the transfer can take place without additional safeguards.
• Appropriate Safeguards (Art. 46 GDPR): In the absence of an adequacy decision, we use other legal guarantees to protect your data. The most common are:
  • Standard Contractual Clauses (SCCs): These are model contracts approved by the European Commission that include data protection obligations for the data exporter and importer. We use the updated SCCs (adopted in 2021) for transfers to providers in countries without an adequacy decision. When using SCCs, we also conduct a Transfer Impact Assessment (TIA) to assess whether the laws of the recipient country could undermine the protection offered by the SCCs and, if necessary, implement supplementary measures.
  • Binding Corporate Rules (BCRs): These are internal data protection policies approved by competent authorities, used by multinational corporate groups to regulate transfers within the group.
  • Approved Codes of Conduct or Certification Mechanisms (Art. 46 GDPR): If approved codes or certifications exist that include binding commitments to protect the transferred data.
• Derogations for Specific Situations (Art. 49 GDPR): Only in limited and non-repetitive circumstances, we may rely on exceptions such as your explicit consent for a specific transfer (after informing you of the risks), if the transfer is necessary to perform a contract with you, for important reasons of public interest, or to establish, exercise or defend legal claims.

In the case of Google services, data transfers outside the EEA/UK/Switzerland are carried out under mechanisms such as Adequacy Decisions (including the EU-US Data Privacy Framework) and/or Standard Contractual Clauses, ensuring the protection of your data in accordance with the GDPR. You can request more information about the specific safeguards applied to international transfers of your data by contacting us using the means indicated in Section 2.

9. Security Measures

We take the security of your personal data very seriously and have implemented appropriate technical and organizational measures to protect it against unauthorized access, alteration, disclosure, accidental or unlawful destruction, and any other form of unlawful processing. These measures are based on a risk approach and take into account the nature, scope, context, and purposes of the processing, as well as the risks to your rights and freedoms. Our security measures include, among others:

• Encryption: We use SSL/TLS encryption to protect data transmitted between your browser and our server. We may also apply encryption to stored data (encryption at rest) where appropriate.
• Access Controls: We limit access to your personal data only to authorized personnel who need to know such information to perform their duties. We implement role-based access controls and secure authentication.
• Infrastructure Security: We use hosting providers and services that meet high standards of physical and logical security. Google, for example, has advanced security infrastructures.
• Data Minimization: We collect and process only the personal data that is strictly necessary for the stated purposes.
• Pseudonymization and Anonymization: Where possible and appropriate, we use pseudonymization or anonymization techniques to reduce the risks associated with data processing.
• Regular Audits and Assessments: We conduct periodic reviews of our security practices and evaluate the effectiveness of our measures. We may conduct Data Protection Impact Assessments (DPIAs) for high-risk processing.
• Staff Training: We provide regular training to our staff on the importance of data protection and security practices.
• Incident Management: We have procedures in place to detect, investigate, and respond to potential data security breaches in a timely manner. In the event of a breach that may pose a risk to your rights, we will notify the competent supervisory authority within 72 hours and, if the risk is high, we will notify you directly, as required by the GDPR (Art. 33 and 34).

Although we strive to protect your personal data, no security measure is completely infallible. We ask that you also contribute to the security of your information, for example, by maintaining the confidentiality of your passwords (if applicable).

10. Data Retention Period

We retain your personal data only for the time strictly necessary to fulfill the purposes for which it was collected, as described in Section 4 of this policy, or for the time required by legal obligations or to resolve disputes. The principle of storage limitation of the GDPR (Art. 5(1)(e)) guides our practices. The specific retention periods or the criteria used to determine them vary depending on the type of data and the purpose of processing:

• Inquiry Data (Contact Forms/Email): Generally, we retain this data for the time necessary to resolve your inquiry and for a reasonable additional period for follow-up or internal management (e.g., 6 months to 1 year after the last interaction), unless a legal obligation requires longer retention.
• Newsletter Subscription Data: We retain your email address as long as you maintain your active subscription. If you unsubscribe, we will remove your data from our active marketing lists within a reasonable time, although we might keep a record of your opt-out request to avoid sending future communications.
• Cookie Data: The duration of cookies varies depending on their type (session or persistent) and purpose. Specific details can be found in the cookie table (Section 5) and/or in our consent management tool. Persistent cookies have a defined expiration date. Your consent for the use of non-essential cookies is generally renewed periodically (e.g., every 12 months, although local guidelines may vary). Google partially anonymizes ad log data after 9 months (IP) and 18 months (cookies).
• Analytics Data (Google Analytics): User-level and event-level data associated with cookies, user identifiers, or advertising identifiers are typically retained in Google Analytics for a configurable period (by default, it can be 14 or 26 months) before being automatically deleted. Aggregated reports are retained longer. Google has implemented automatic deletion as the default option for some account activity data.
• Data Required by Law: Certain data (e.g., financial or tax records if we conduct transactions) may require longer retention periods according to applicable legislation.

Once personal data is no longer necessary for the stated purposes, we will securely delete or anonymize it.

11. Your Data Protection Rights (According to GDPR)

If you are located in the European Economic Area (EEA), the United Kingdom (UK), or Switzerland, the GDPR and equivalent laws grant you a series of rights over your personal data. We are committed to facilitating the exercise of these rights. Your rights include:

• Right to be Informed (Art. 13 and 14 GDPR): You have the right to receive clear, transparent, and understandable information about how we process your personal data. This Privacy Policy fulfills this right.
• Right of Access (Art. 15 GDPR): You have the right to request confirmation as to whether or not we are processing your personal data and, if so, to access that data and obtain additional information about the processing (purposes, categories of data, recipients, etc.).
• Right to Rectification (Art. 16 GDPR): You have the right to request the correction of your personal data if it is inaccurate or to have it completed if it is incomplete.
• Right to Erasure ('Right to be Forgotten') (Art. 17 GDPR): You have the right to request the deletion of your personal data in certain circumstances...
• Right to Restriction of Processing (Art. 18 GDPR): You have the right to request that we restrict the processing of your data in certain situations...
• Right to Data Portability (Art. 20 GDPR): You have the right to receive the personal data you have provided to us in a structured, commonly used, and machine-readable format...
• Right to Object (Art. 21 GDPR): You have the right to object at any time...
• Rights in relation to Automated Individual Decision-Making and Profiling (Art. 22 GDPR): You have the right not to be subject to a decision based solely on automated processing...
• Right to Withdraw Consent: Where the processing of your data is based on your consent, you have the right to withdraw it at any time...
• Right to Lodge a Complaint with a Supervisory Authority: If you consider that the processing of your personal data infringes the GDPR, you have the right to lodge a complaint with a data protection supervisory authority...

These rights are fundamental for you to maintain control over your personal information, as provided by the GDPR.

12. How to Exercise Your Rights

To exercise any of the rights mentioned above, please contact us using the contact details provided in Section 2 of this policy (Data Controller). You can send us an email at amoreno@colombianpassport.com or use our contact form. To process your request, we may need to verify your identity to ensure we are dealing with the correct person and protect your data from unauthorized access. We will ask for the minimum information necessary for this verification. We will respond to your request without undue delay and, in any case, within one month of receiving the request, as a general rule according to Article 12 of the GDPR. This period may be extended by two further months where necessary, taking into account the complexity and number of requests. If we need an extension, we will inform you of this and the reasons for the delay within one month of receiving your request. Exercising your rights is generally free of charge. However, if your requests are manifestly unfounded or excessive (particularly because of their repetitive character), we may charge a reasonable fee based on administrative costs or refuse to act on the request. We have established internal procedures to ensure that your rights requests are handled efficiently and in accordance with legal requirements. Facilitating the exercise of your rights is a key obligation under the GDPR.

13. Specific Information for Google Ads

As mentioned, we use Google advertising services (Google Ads) on our Website. This section summarizes important information specifically related to the use of these services, reinforcing key points already discussed:

• Use of Data for Advertising: We use Google Ads to display ads on our site and potentially on other websites (remarketing). If you have given consent, these ads may be personalized based on your previous activity on our Website and other factors Google uses to infer your interests. If you do not consent to personalization, you may see generic or contextual ads.
• How Google Uses Data: Google collects and uses data from sites and apps that use its services (like ours) to provide, measure, and improve its advertising and analytics services, detect fraud, ensure security, and personalize content and ads (with your consent). Google uses cookies, advertising identifiers, and IP addresses (to infer location, for example) for these purposes. You can find more detailed information on Google's page: "How Google uses information from sites or apps that use our services".
• No Sale of Personal Information: We declare that we do not sell your personal information. Google also states in its policies that it does not sell users' personal information.
• Restrictions on Sensitive Data: Google expressly prohibits advertisers (including us) from using sensitive categories of information (such as health, race, religion, sexual orientation, precarious financial status, etc.) to target personalized ads. It also does not use the content of your emails, documents, or photos stored in services like Gmail or Google Drive for advertising purposes.
• Your Controls over Google Advertising: We remind you that you have control over Google advertising through the tools Google provides:
  • Google Ad Settings
  • My Ad Center
• Compliance with the EU User Consent Policy: We comply with Google's EU User Consent Policy. This means we obtain your legally valid consent (freely given, specific, informed, and unambiguous) before using cookies or collecting, sharing, and using personal data for ad personalization, if you are located in the EEA, UK, or Switzerland. We use a compliant Consent Management Platform (CMP) to facilitate this process and allow you to easily manage your choices. Google conducts audits to verify compliance with this policy.

Google's prominence in the digital advertising ecosystem makes these specific disclosures essential for transparency towards you.

14. Notification of Changes to the Privacy Policy

We may update this Privacy Policy occasionally to reflect changes in our data processing practices, our services, or due to changes in applicable legislation (such as the GDPR or Google policies) or new interpretations by authorities. Policies and procedures must be reviewed and updated periodically to maintain compliance. When we make significant changes to this Privacy Policy, we will notify you appropriately. This might include posting a prominent notice on our Website before the change takes effect, or sending an email notification if we have your address and the change is substantial. We encourage you to review this page periodically to stay informed about any changes. The "Last Updated" date at the top of this policy indicates when the last revision was made. Your continued use of the Website after the changes are posted will constitute your acceptance of those changes, subject to applicable consent requirements. Keeping you informed about how we process your data is part of our commitment to transparency.

15. Last Updated Date

This Privacy Policy was last updated on the date indicated at the beginning of this document.