Skip to main content

Legal

Privacy Policy

Last updated:

Who we are

This site (webnestify.cloud) is operated by Webnestify s.r.o., a Slovak limited liability company (spoločnosť s ručením obmedzeným). For any question about personal data, write to privacy@webnestify.cloud.

Address for postal correspondence: Karpatské námestie 7770/10A, 831 06 Bratislava – Rača, Slovakia.
Reg No: 54449375 · VAT ID: SK2121679758 · Municipal Court Bratislava III, Section: Sro, Insert No: 158957/B.

Summary

We run this site with a strong privacy-first posture:

  • No advertising cookies, no cross-site trackers, no behavioural profiling.
  • Analytics is a self-hosted instance of Plausible — cookieless and anonymised.
  • Fonts and most assets are served from our own domain — no Google Fonts, no advertising CDNs.
  • Forms are processed by Web3Forms only to deliver your message to our inbox; Cloudflare Turnstile guards them against bot abuse without tracking you across sites.
  • The only cookies set are strictly necessary security cookies from our CDN (Cloudflare).

What data we process, and why

Analytics — Plausible Analytics (self-hosted)

We run our own instance of Plausible Analytics at pa.webnestify.cloud, hosted on Hetzner servers in Germany (EU). Plausible does not use cookies, does not track individuals, and does not share data with third parties. It processes anonymised, aggregated traffic data only: page paths, referrers, country-level geolocation, device type, and browser family. IP addresses are hashed with a daily rotating salt and are not retained.

Legal basis: legitimate interest (Art. 6(1)(f) GDPR) — we need aggregate traffic data to understand which pages help visitors and to improve the site.

Contact and application forms — Web3Forms

When you submit a form on this site (the contact form or the partnership application form), we use Web3Forms as a processor to forward your submission to our inbox. The data you send (your name, email address, message, and any other fields you fill in) passes through Web3Forms' servers briefly and is then delivered to hello@webnestify.cloud.

Web3Forms retains form submissions for up to 90 days for delivery reliability and abuse prevention. We keep contact and application correspondence in our inbox for up to 24 months unless the conversation is still active or unless we have a legal obligation to retain it longer (for example as part of an executed contract).

Legal basis: consent by action (Art. 6(1)(a)) — you choose to send us a message — and steps prior to entering into a contract (Art. 6(1)(b)) when you ask us about a partnership.

Bot protection — Cloudflare Turnstile

Our forms use Cloudflare Turnstile to verify that the submission comes from a human and not an automated script. Turnstile does this by collecting limited, privacy-preserving browser signals (timing, canvas rendering, environment checks) and sending them to Cloudflare for scoring. Turnstile does not set tracking cookies and does not identify individual users across sites.

Legal basis: legitimate interest (Art. 6(1)(f) GDPR) — we need to keep our forms usable against spam and abuse.

Trustpilot reviews widget

We display verified Trustpilot reviews on the homepage and in the footer. The widget loads from widget.trustpilot.com and renders our public review score. When the widget loads, your browser makes a request to Trustpilot's domain, so Trustpilot may receive your IP address, the URL of the page where the widget loads, and standard browser headers. We do not pass any personal data to Trustpilot. If you choose to read or write a review on Trustpilot, that interaction is governed by Trustpilot's own privacy policy.

Legal basis: legitimate interest (Art. 6(1)(f)) — verified independent reviews are an important trust signal for visitors evaluating a managed-services partnership.

Hosting and CDN — Cloudflare

This site is served through Cloudflare's global CDN. Cloudflare's edge servers process each request, including your IP address and the page you are requesting, in order to deliver the page and protect the site from attacks. Cloudflare may set the following strictly necessary cookies for security:

  • __cf_bm — bot management, ~30 minutes lifetime.
  • cf_clearance — set only after a visitor passes a security challenge.

These cookies fall under the strictly-necessary exemption in Article 5(3) of the ePrivacy Directive and therefore do not require consent. See the Cloudflare Privacy Policy and the Cloudflare Cookie Policy for details.

Server logs

Cloudflare keeps short-term edge logs (typically a few hours) containing IP addresses, timestamps, request paths, and user-agents. These logs are used to mitigate attacks and to debug infrastructure issues. We do not use them for analytics or profiling.

Cookies used on this site

The only cookies this site can set are strictly necessary security cookies from Cloudflare:

  • __cf_bm — Cloudflare Bot Management — 30 minutes.
  • cf_clearance — Cloudflare challenge clearance — up to 30 days, only after an interactive challenge.

We do not use analytics cookies, advertising cookies, A/B testing cookies, or any third-party tracking pixels.

Who we share data with (processors)

We work with a small number of service providers who process personal data on our behalf. Each is bound by a Data Processing Agreement.

  • Cloudflare, Inc. (US, with EU Standard Contractual Clauses) — hosting, CDN, edge security, Turnstile bot protection. DPA.
  • Web3Forms — contact and application form relay. See their privacy policy.
  • Hetzner Online GmbH (Germany, EU) — infrastructure hosting for our Plausible instance and any self-hosted services.
  • Trustpilot A/S (Denmark, EU) — verified review platform; loads the widget that displays our public score on this site. Privacy.

We never sell personal data. We never share data with advertising networks.

Where data is stored

Analytics and self-hosted services are stored on Hetzner servers in Germany. Static site assets are served from Cloudflare's global edge — when you visit from the EU, Cloudflare normally serves you from an EU point of presence. Form submissions pass briefly through Web3Forms' infrastructure; check their current privacy policy for specifics. Inbound email then lands in our inbox and stays there.

How long we keep data

  • Plausible analytics — aggregated, anonymised, kept indefinitely (no individual data).
  • Form submissions in Web3Forms — up to 90 days.
  • Contact and application correspondence in our inbox — up to 24 months unless still active or required to be retained for an executed contract.
  • Cloudflare edge logs — a few hours.

Your rights

Under the GDPR you have the right to:

  • Access the personal data we hold about you (Art. 15).
  • Ask us to correct inaccurate data (Art. 16).
  • Ask us to erase your data (Art. 17).
  • Ask us to restrict or object to processing (Art. 18, 21).
  • Receive your data in a portable format (Art. 20).
  • Withdraw consent at any time, where consent is the legal basis.

To exercise any of these rights, email privacy@webnestify.cloud. We reply within 30 days.

If you believe we have mishandled your data, you have the right to lodge a complaint with the Slovak Office for Personal Data Protection (Úrad na ochranu osobných údajov SR), dataprotection.gov.sk.

Changes to this policy

When we change how we handle data — for example when we add a new processor or launch a new feature — we update this page and bump the last updated date at the top.

Verified independent reviews

Reviewed openly. Read what our partners say.

Trustpilot