Privacy policy
We value our privacy and we respect yours. This website does not use tracking or analytics. We collect personal data only when provided by you, and we process it solely to respond to your enquiry.
Summary
This policy covers our website (nofuss.consulting) and the services we make available through it for enquiries and communication.
We do not track visitors, run analytics, or profile behaviour. The services in scope of this policy set only a few essential cookies needed for proper functioning and security. We collect personal data only when you actively provide it — by submitting a form, starting a chat, booking an appointment, etc. We only use such data to respond to your enquiry.
We don’t share or sell your data. Your data is subject to processing by third parties only when required for operational reasons, such as the operation of our infrastructure, or by law. Our infrastructure is hosted in Germany and Finland. NoFuss Consulting is based in Macedonia, which maintains data protection legislation aligned with the GDPR.
Data processing during service engagements is covered separately as part of the contracting process.
Data controller
NoFuss Consulting DOOEL
Ul. 35 br. 6
1054 Sopishte, Skopje
N. Macedonia
Registration: 7861680
Tax ID: 4076025502826
Represented by: Pece Miloshev
Phone:
Email:
What we collect and why
The legal bases for collecting and processing your data (GDPR Article 6) include: taking steps at your request prior to entering into a contract, such as responding to enquiries and scheduling appointments; maintaining the operability and security of our infrastructure; and compliance with legal obligations where applicable.
Surveys, contact form and appointments
We collect your name, email address, and the content of your message. During scheduling of appointments you will also share with us information such as your time zone. These are used to respond to your enquiry.
Surveys collect your views and opinions on a particular subject and help us improve our services.
When email is used for communication, we collect the same categories of data: your name, email address, message content, and standard email metadata such as timestamps and headers.
Chat & online meetings
We collect your name and any messages exchanged in the chat. In case of online meetings, we process your audio and video stream for the duration of the call. Calls are not recorded unless explicitly agreed.
Please note that data exchanged in public chat rooms (such as the one linked to our contact page) is accessible to all participants, not just us.
File sharing
When we share files publicly (for example, as blog post resources) no additional data is collected beyond what your browser transmits in a standard web request.
Server logs
Our web server records access logs that include IP addresses, request timestamps, URLs accessed, and other network and application data. These logs are used for operational and security monitoring, audit, and troubleshooting.
Retention
In principle we try to minimise data. Any data removed from active storage gets removed completely, including all backup copies, within three months.
Server logs are retained in active storage for up to 30 days and removed from all copies within four months, unless they are part of an internal investigation or there is a legal requirement to retain them longer.
Messages in public chat rooms are automatically deleted after four weeks, with complete removal from all copies within four months. Information from public chat messages may be retained longer where it forms part of an enquiry or constitutes survey feedback, subject to the retention periods below.
For general enquiries that have not led to an engagement, we retain your data for up to three months from the last contact, with complete removal from all copies within six months.
Surveys and other feedback may be retained for up to three years to support service improvement.
We do not restore deleted data from backups except in disaster recovery situations.
Third-party services
We use a small number of EU-based service providers to operate our infrastructure.
| Provider | Role | Location | Privacy policy |
|---|---|---|---|
| Hetzner (Hetzner Online GmbH) | IaaS — website and integrated services | Germany and Finland | Link |
| mailbox.org (Heinlein Hosting GmbH) | SaaS — email and backup video conferencing | Germany | Link |
Infrastructure as a service (IaaS) means Hetzner provides virtual infrastructure while we operate the services running on it. Your data is not directly exposed to Hetzner beyond what is inherent in hosting (such as storage and network transport). This is our primary infrastructure, except for email services.
Software as a service (SaaS) means mailbox.org operates the service directly. Besides email services, we use mailbox.org as a backup for other groupware services, such as video conferencing and file sharing. When you send us email or join a video call through their platform, your data is processed by mailbox.org under their own privacy policy.
Your rights
Under the GDPR and Macedonian data protection law, you have the right to access your personal data, rectify inaccurate data, request erasure, restrict processing, object to processing based on legitimate interest, and receive your data in a portable format.
To exercise any of these rights, contact us and we will respond within 30 days. If you believe we have not handled your data properly, you have the right to lodge a complaint with a supervisory authority. In Macedonia, this is the Agency for Personal Data Protection . Individuals in the EU may contact their national data protection authority.
Policy change log
We may update this policy to reflect changes in our practices or legal requirements. We will not reduce your rights under this policy without notifying you.
| Version | Date | Change log |
|---|---|---|
| 1.0 | 2026-03-10 | Initial version |