Privacy policy

1. Data controller

The controller for personal data described here is Gatewazer Ltd, with operations correspondence in Paphos, Cyprus. Contact: info@gatewazer.net. Registered company identifiers are published on our About page.

2. What data we collect

Website and forms

When you submit a contact or quote request, we may process:

• Name and business contact details
• Corporate email address and company name
• Country, VAT or registration identifiers you provide
• Message content and product requirements
• Technical metadata necessary to deliver the form securely

Nicotine product access

If you use gated nicotine product information, we may additionally process verification data required by our access policy, such as corporate email confirmation and declared business credentials. Details are handled under the same confidentiality standards as other B2B inquiries.

Analytics

With your consent, we use privacy-oriented analytics to understand site usage. Without consent, analytics cookies and similar technologies remain off, as described in our cookie policy.

3. Purposes and lawful bases

We process personal data to:

• Respond to contact and quote requests (contractual steps / legitimate interest)
• Operate and secure the website (legitimate interest)
• Comply with legal obligations where applicable
• Measure site performance when you consent to analytics (consent)

Where we rely on legitimate interest, we balance our needs against your rights, particularly given the B2B context and limited optional tracking.

4. Retention

Inquiry records are retained for the period needed to evaluate and manage commercial correspondence, follow regulatory record-keeping requirements, and defend legal claims. Retention schedules will be defined in the published policy; this draft assumes routine business retention measured in years unless a shorter period is agreed or erasure is requested.

5. Processors and recipients

We use service providers that process data on our instructions, including:

• Resend — transactional email delivery for form submissions and verification messages
• Vercel — website hosting and related infrastructure metrics where enabled
• Google Analytics 4 — only after you accept analytics in our cookie banner
• Cloudflare Turnstile — bot protection on forms when enabled

Providers are selected for reliability and security. Written agreements requiring appropriate safeguards will be maintained before launch.

6. Cookies and similar technologies

Necessary cookies support core site operation. Analytics technologies are optional and controlled through the consent banner stored under gatewazer-consent-v1 in your browser. See our Cookie policy for detail.

7. International transfers

Some processors may process data outside the European Economic Area. Where required, transfers will rely on appropriate safeguards such as Standard Contractual Clauses or equivalent mechanisms defined in the published policy.

8. Your rights

Under the GDPR, you may have rights to access, rectify, erase, restrict, object, and port personal data, and to withdraw consent for analytics at any time via the cookie banner or browser settings. You may lodge a complaint with your supervisory authority.

To exercise rights, email info@gatewazer.net with sufficient detail for us to verify your request in a B2B context.

9. Security

We apply technical and organizational measures appropriate to a B2B supplier website, including transport encryption, access controls, and form abuse mitigation. No method of transmission is completely secure.

10. Changes

This draft will be replaced by a dated policy after legal review. Material changes will be communicated as required before they take effect.