Privacy Policy

Who we are

This site (SaaS True Cost, operating on saastruecost.com) is published by [Your Company Ltd], registered office at [Registered office address, Malta]. You can reach us at [email protected].

Data we collect

We collect the minimum data needed to operate the site and understand how visitors use it:

• Page visits and clicks via Google Analytics 4. Includes: pages viewed, time on page, country (city-level only), device type, browser. Does NOT include: name, email, IP address (anonymized), or any directly identifying data.
• Cookies set by advertising partners (Google AdSense) once you have consented. These enable personalized ads. You can withdraw consent at any time via the cookie banner.
• Optional contact form submissions (when you email us). We use those emails only to reply to your message.

We do not sell visitor data. We do not maintain user accounts. There is no sign-up or login on this site.

Legal basis (GDPR Article 6)

• Analytics: legitimate interest, understanding which pages help visitors.
• Advertising cookies: explicit consent via the cookie banner. You can refuse without losing access to any content.
• Contact emails: legitimate interest, responding to your inquiry.

Cookies and tracking

On your first visit we show a cookie banner. The site loads functional content immediately. Advertising and analytics cookies are loaded only after you accept.

• Necessary (always on): session cookies for cookie-consent state. No tracking purpose.
• Analytics (after consent): _ga, _ga_* from Google Analytics 4. 13-month expiry.
• Advertising (after consent): cookies set by Google AdSense for ad personalization and frequency capping. See Google's advertising cookies policy.

You can change your choice at any time by clicking "Cookie settings" in the footer.

Third parties we share data with

• Google LLC, Google Analytics 4 (aggregated traffic data) and Google AdSense (ad personalization, with your consent). Data may be transferred to the US under Standard Contractual Clauses (SCCs) and the EU-US Data Privacy Framework.
• Cloudflare, Inc., content delivery and DDoS protection. Cloudflare processes IP addresses to route requests and block attacks; it does not log visitor browsing behavior.

Your rights under GDPR

If you are in the EU/EEA, UK, or Switzerland you have the right to:

• Access, request a copy of your data
• Rectification, correct inaccurate data
• Erasure ("right to be forgotten")
• Restrict or object to processing
• Data portability
• Withdraw consent at any time
• Lodge a complaint with your national supervisory authority (in Malta: IDPC)

To exercise these rights, email [email protected]. We respond within 30 days.

Data retention

• Analytics data: retained 14 months in Google Analytics 4, then automatically deleted.
• Cookie consent state: 12 months from your last interaction.
• Contact emails: retained as long as needed to respond and for a reasonable record-keeping period, max 24 months.

Children

This site is not directed at children under 16. We do not knowingly collect data from children.

Changes to this policy

Material changes will be noted at the top of this page. Continued use of the site after a change constitutes acceptance.

Contact

Questions or requests: [email protected].