Privacy Policy
Effective date: 16 June 2026 | Last updated: 16 June 2026
1. Who We Are
Orthrus Guard IT Consulting ("Orthrus Guard", "we", "us", "our") operates the website orthrus-guard.com (and the alias orthrus-guard.cc). We provide cloud migration, on-premises infrastructure, and FinOps consulting services to business clients.
Registered business address: [To be confirmed — awaiting business registration details]
Contact email: [email protected]
2. What Data We Collect and Why
2.1 Website visitors — no personal data collected
Our website is a static informational site. We do not use cookies, tracking pixels, analytics scripts, or any form of visitor identification. We do not collect names, email addresses, or any other personal data through the website itself.
2.2 Direct contact
If you contact us by email at [email protected], we will process your name, email address, and the content of your message in order to respond to your enquiry. The legal basis for this processing is our legitimate interest (Art. 6(1)(f) GDPR) in responding to business enquiries, or, where you are based in the EU/EEA, the pre-contractual steps taken at your request (Art. 6(1)(b) GDPR).
3. Third-Party Services
3.1 Cloudflare
Our website is served through Cloudflare's network (Cloudflare, Inc., 101 Townsend St, San Francisco, CA 94107, USA). Cloudflare acts as a reverse proxy and may process visitors' IP addresses and HTTP request metadata for security, DDoS mitigation, and performance purposes.
Cloudflare may set the following technical cookies or local storage entries as part of their security service. These are strictly necessary and cannot be opted out of while using this website:
| Cookie / Token | Purpose | Duration |
|---|---|---|
cf_clearance |
Cloudflare Bot Management — confirms the visitor passed a challenge | 30 minutes – 24 hours |
__cf_bm |
Cloudflare Bot Management — differentiates human traffic from automated bots | 30 minutes |
Cloudflare's transfers of personal data from the EU/EEA to the USA are covered by the EU–US Data Privacy Framework (Cloudflare is a certified participant) and, as a backstop, Standard Contractual Clauses. See Cloudflare's privacy policy at cloudflare.com/privacypolicy.
3.2 Google Fonts
We load web fonts from Google Fonts (Google LLC, USA). Your browser sends a request to Google's servers which may include your IP address. Google LLC participates in the EU–US Data Privacy Framework. See Google's privacy policy at policies.google.com/privacy.
4. Data Retention
Email correspondence is retained for a maximum of 3 years from the date of the last exchange, after which it is permanently deleted, unless a longer retention period is required by applicable law or to establish, exercise, or defend legal claims.
5. Your Rights
5.1 EU / EEA residents (GDPR)
You have the following rights under the General Data Protection Regulation:
- Right of access (Art. 15) — obtain a copy of your personal data we hold.
- Right to rectification (Art. 16) — correct inaccurate or incomplete data.
- Right to erasure (Art. 17) — request deletion of your data ("right to be forgotten").
- Right to restriction of processing (Art. 18) — limit how we use your data.
- Right to data portability (Art. 20) — receive your data in a structured, machine-readable format.
- Right to object (Art. 21) — object to processing based on legitimate interests.
To exercise any of these rights, email us at [email protected]. We will respond within 30 days. You also have the right to lodge a complaint with your local supervisory authority. A list of EU data protection authorities is available at edpb.europa.eu.
5.2 California residents (CCPA / CPRA)
California residents have the right to know what personal information is collected, to request deletion, to opt out of the sale of personal information (we do not sell personal information), and to non-discrimination for exercising these rights. To submit a request, email [email protected].
5.3 Canadian residents (PIPEDA)
Canadian residents have the right to access personal information we hold about them and to challenge its accuracy. Contact us at [email protected]. If you are not satisfied with our response, you may contact the Office of the Privacy Commissioner of Canada at priv.gc.ca.
6. Data Protection Officer
As a small business, Orthrus Guard is not currently required to appoint a Data Protection Officer (DPO) under Art. 37 GDPR. Privacy queries should be addressed to our general contact email: [email protected].
7. International Data Transfers
Where personal data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards are in place:
- Cloudflare — EU–US Data Privacy Framework certification plus Standard Contractual Clauses (SCCs, Commission Decision 2021/914).
- Google Fonts — Google LLC participates in the EU–US Data Privacy Framework.
8. Security
We implement appropriate technical and organisational measures to protect personal data against unauthorised access, loss, or destruction. Our website enforces HTTPS with HSTS, uses strict Content Security Policy headers, and is served through Cloudflare's enterprise-grade network with DDoS protection.
9. Children's Privacy
Our services are directed to businesses and professionals. We do not knowingly collect personal data from individuals under the age of 16. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.
10. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. We encourage you to review this policy periodically.
11. Contact Us
Orthrus Guard IT Consulting
Email: [email protected]
Website: orthrus-guard.com