1. Data Controller

The entity responsible for data collection and processing on this website is:

SALMAN INNOVATIONS LTD
20 Wenlock Road, London N1 7GU, United Kingdom
Email: info@sakura-tec.com
Phone: +49 176 81540 703

Full contact details are available in our Imprint section.

2. Personal Data We Collect

We collect and process the following categories of personal data:

  • Data you provide (e.g., through contact forms, job applications).
  • Automatically collected technical data (e.g., IP address, browser type, OS, access time).
  • Marketing and communication preferences (if you subscribe to our newsletter).
  • Cookies and tracking technologies (detailed in Section 6).
  • Data related to online shop transactions (e.g., purchase history, payment information).

Legal Basis for Processing

Processing is based on Article 6(1) GDPR, depending on the purpose:

  • Consent (Art. 6(1)(a)) – If you actively provide data (e.g., newsletters, cookies).
  • Contractual necessity (Art. 6(1)(b)) – If data is required for service delivery.
  • Legal obligation (Art. 6(1)(c)) – If required by law.
  • Legitimate interest (Art. 6(1)(f)) – For website security and analytics.

3. How We Process Your Data & Purpose of Processing

3.1 Server Log Files

Our web hosting provider automatically collects log data when you access our website:

  • Date and time of access
  • Requested file name
  • Referrer URL (previous site visited)
  • Protocol used (e.g., HTTP, HTTPS)
  • Browser type and operating system
  • Access status (e.g., file transferred, file not found)
  • IP address of the accessing device

Retention period: 7 days (for security purposes).

Legal basis: Legitimate interest (Art. 6(1)(f) GDPR).

3.2 Contact Form

When you contact us via the contact form, we collect:

  • Name
  • Email address
  • Message content

These details are stored only for responding to your inquiry and are not shared with third parties.

Retention period: Until the inquiry is resolved (unless legal retention obligations apply).

Legal basis: Consent (Art. 6(1)(a) GDPR).

3.3 Job Applications ("Jobs")

If you apply for a position via our job application form, we process:

  • Name, email, phone number
  • CV and cover letter
  • Any additional information you provide

Data retention:

  • Unsuccessful applicants: Data is deleted after six months (to comply with employment regulations).
  • With consent: We may retain applications for up to two years for future opportunities.

Legal basis: Consent (Art. 6(1)(a) GDPR) & Contractual necessity (Art. 6(1)(b) GDPR).

3.4 Online Shop Transactions

When you make a purchase through our online shop, we collect and process:

  • Name and contact details
  • Shipping and billing address
  • Payment method (e.g., credit card, PayPal, Stripe)
  • Order details and purchase history

Important: We do not store credit card or payment details on our servers. Payments are processed securely via third-party providers such as PayPal or Stripe.

The processing of payment data is governed by the respective payment provider's Privacy Policy.

Legal basis: Contractual necessity (Art. 6(1)(b) GDPR) & Legal obligation (Art. 6(1)(c) GDPR).

3.5 Google Fonts

We use Google Fonts for a consistent website design. To ensure GDPR compliance, we host all fonts locally on our servers. No data is sent to Google when loading fonts.

Legal basis: Legitimate interest (Art. 6(1)(f) GDPR).

3.6 Google Maps

We use Google Maps API to display interactive maps. Google may process the following data:

  • Your IP address
  • Location data (if enabled in your browser)

For more details, see the Google Privacy Policy.

Google Maps is only loaded after you give your consent.

3.7 Google Analytics

We use Google Analytics to analyze website traffic and improve user experience.

  • IP address (anonymized)
  • Browser type and version
  • Time of visit
  • Pages visited

Google Analytics will only be activated after you provide consent.

You can disable tracking via:

Legal basis: Consent (Art. 6(1)(a) GDPR).

3.8 Cloudflare

We use Cloudflare for security and performance optimization. Cloudflare operates a globally distributed network, and your IP address may be routed through different locations outside the UK/EU.

Cloudflare is certified under the EU-U.S. Data Privacy Framework, ensuring appropriate data protection measures.

For more details, see the Cloudflare Privacy Policy.

4. Data Sharing with Third Parties

We do not sell or trade your personal data. However, data may be shared in the following cases:

  • You explicitly consent (Art. 6(1)(a) GDPR).
  • It is contractually necessary (Art. 6(1)(b) GDPR).
  • We are legally obligated (Art. 6(1)(c) GDPR).

International Data Transfers

We transfer certain data outside the UK/EU only if appropriate safeguards are in place, such as:

  • Standard Contractual Clauses (SCCs) approved by the European Commission.
  • EU-U.S. Data Privacy Framework Companies certified under the.
  • Other legally recognized transfer mechanisms under GDPR.

5. Cookies & Tracking Technologies

We use cookies for analytics, performance tracking, and user preferences.

5.1 Types of Cookies Used

  • Essential cookies (required for website functionality).
  • Analytics cookies (track website usage, only used after consent).
  • Marketing cookies (only used after consent).

Managing cookies: You can disable cookies via your browser settings or our cookie consent banner.

We use a cookie consent management tool to ensure that non-essential cookies are only placed after user consent. You can adjust your preferences at any time via our cookie settings.

6. Your Rights Under GDPR

You have the right to:

  • Access your data (Art. 15 GDPR).
  • Request correction (Art. 16 GDPR).
  • Request deletion ("Right to be Forgotten") (Art. 17 GDPR).
  • Restrict processing (Art. 18 GDPR).
  • Object to processing (Art. 21 GDPR).
  • Request data portability (Art. 20 GDPR).

To exercise your rights, contact info@sakura-tec.com.

7. Complaints & Supervisory Authority

If you believe your data is being processed unlawfully, you can file a complaint with the UK Information Commissioner's Office (ICO):

If you are an EU citizen, you can also complain to your local Data Protection Authority.

8. Use of This Website by Children

Our website is not intended for children under:

  • 16 years old (European Union, GDPR - unless local law allows 13+).
  • 13 years old (United States, COPPA).

If you are under this age limit, parental consent is required.

9. Automated Decision-Making & Profiling

We do not use automated decision-making or profiling.

10. Updates to This Privacy Policy

We may update this Privacy Policy periodically. Changes will be published on this page.