Privacy Policy

Data Controller Information

The data controller for this website is:

Supero Ltd
1, Triq It-Tramuntana NDR 1222
In-Nadur (Ghawdex)
Republic of Malta
Email: info [at] supero [dot] com [dot] mt

Introduction

At Svalbard2009.com, we are committed to protecting your privacy and personal data. This privacy policy explains how we collect, use, and protect your information when you visit our website, in compliance with the General Data Protection Regulation (GDPR) and applicable data protection laws.

What Data We Collect

Website Analytics

We use Matomo, a privacy-focused analytics platform, to understand how visitors interact with our website. Matomo is self-hosted on our own servers and configured to respect your privacy:

Data collected: Page views, visit duration, referrer information, approximate location (country/region level), browser and device information
Data anonymization: IP addresses are anonymized and no personally identifiable information is stored
No cookies: Our Matomo installation is configured to function without cookies
Retention period: Analytics data is retained for 24 months, then automatically deleted

Comments

When you leave a comment on our website, we collect:

Required information: Email address (for comment moderation and spam prevention)
Optional information: Name or nickname (if you choose to provide it)
Automatically collected: IP address, timestamp, and browser information for spam protection
Retention period: Comments and associated data are retained indefinitely unless you request deletion

Newsletter (Future Feature)

We plan to implement a newsletter subscription feature. When active, we will collect:

Email address: To send you our newsletter
Nickname: Optional, for personalization
Subscription preferences: To respect your communication choices
Legal basis: Your explicit consent, which you can withdraw at any time

Legal Basis for Processing

We process your personal data under the following legal bases:

Legitimate interest: For website analytics to improve our content and user experience
Contract performance: For comment functionality as part of our website services
Consent: For newsletter subscriptions (when implemented)

How We Use Your Data

Your data is used exclusively for:

Analyzing website traffic and improving user experience
Enabling and moderating comments
Sending newsletters (when you subscribe to our future newsletter service)
Preventing spam and abuse
Complying with legal obligations

We do not sell, rent, or share your personal data with third parties for marketing purposes.

Cookie Policy

What Are Cookies?

Cookies are small text files stored on your device when you visit websites. They help websites remember your preferences and improve functionality.

Our Cookie Usage

Svalbard2009.com uses minimal cookies:

Essential/Technical Cookies Only

WordPress session cookies: Required for comment functionality and website operation
Security cookies: For protection against malicious attacks
No tracking cookies: We do not use advertising, social media, or tracking cookies
No consent required: As we only use essential cookies, no cookie banner is necessary under GDPR

No Matomo Cookies Our analytics system (Matomo) is specifically configured to function without cookies, ensuring complete privacy compliance.

Managing Cookies

You can disable cookies entirely through your browser settings, however, doing so will prevent essential website functions from working properly, including the ability to leave comments and may cause other website features to malfunction.

Data Storage and Security

Server Location

Our website and all associated data are stored on secure servers located in Germany, under the exclusive control of Supero Ltd.

Security Measures

We implement appropriate technical and organizational measures to protect your data:

Encrypted data transmission (SSL/TLS)
Regular security updates and patches
Secure server configuration
Regular backups stored securely
Access controls and monitoring

Data Retention

Analytics data: 24 months, then automatically deleted
Comments: Retained indefinitely unless deletion is requested
Newsletter data: Until you unsubscribe or request deletion

Your Rights Under GDPR

You have the following rights regarding your personal data:

Right of Access: Request information about what personal data we hold about you

Right to Rectification: Request correction of inaccurate or incomplete data

Right to Erasure: Request deletion of your personal data (subject to legal obligations)

Right to Restrict Processing: Request limitation of how we process your data

Right to Data Portability: Receive your data in a structured, machine-readable format

Right to Object: Object to processing based on legitimate interests

Right to Withdraw Consent: For newsletter subscriptions (when implemented)

Right to Lodge a Complaint: With your local data protection supervisory authority

Exercising Your Rights

To exercise any of these rights, please contact us at info [at] supero [dot] com [dot] mt. We will respond to your request within one month.

Third-Party Services

We do not currently use third-party services that process personal data. Our analytics (Matomo) is self-hosted, and we do not embed social media widgets, advertising networks, or other external tracking services.

International Data Transfers

Your data is processed within the European Economic Area (EEA). We do not transfer personal data to countries outside the EEA.

Children’s Privacy

Our website is not directed at children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us immediately.

Changes to This Privacy Policy

We may update this privacy policy from time to time to reflect changes in our practices or legal requirements. The date of the last update will be shown at the bottom of this page. Significant changes will be communicated through our website or newsletter (when available).

Data Breach Notification

In the unlikely event of a data breach affecting your personal data, we will notify the relevant supervisory authority within 72 hours and inform affected individuals without undue delay if the breach poses a high risk to their rights and freedoms.