GDPR Privacy Policy

1. Who We Are

skulls.co is committed to protecting your privacy and personal data. This policy explains how we collect, use, and protect your information in accordance with the General Data Protection Regulation (GDPR).

2. What Data We Collect

• Contact Information: Name, email address when you contact us
• Domain Inquiry Data: Offer amounts and messages for domain purchase inquiries
• Technical Data: IP address, browser type, device information, screen resolution
• Usage Data: Pages visited, time spent on site, referral sources
• Analytics Data: Click tracking, scroll depth, session duration, page views, user interactions
• Behavioral Data: Navigation patterns, form interactions, link clicks, conversion events

3. Legal Basis for Processing

We process your data based on:

• Legitimate Interest: To respond to inquiries, improve our services, and analyze website performance
• Consent: When you voluntarily submit information through our contact form
• Contract: To fulfill domain purchase negotiations
• Analytics Processing: Based on legitimate interest to understand user behavior and optimize website experience

4. Your GDPR Rights

Under GDPR, you have the right to:

• Access: Request copies of your personal data
• Rectification: Request correction of inaccurate data
• Erasure: Request deletion of your personal data
• Restrict Processing: Request limitation of data processing
• Data Portability: Request transfer of your data
• Object: Object to processing based on legitimate interests
• Withdraw Consent: Withdraw consent at any time

5. Data Retention

We retain your data only as long as necessary for the purposes outlined in this policy. Contact form submissions are retained for up to 2 years unless you request deletion. Domain inquiry data may be retained longer for business purposes.

6. Data Security

We implement appropriate technical and organizational measures to protect your data against unauthorized access, alteration, disclosure, or destruction. This includes encryption, secure servers, and regular security assessments.

7. Third-Party Services

We may use third-party services for analytics and functionality. These services may collect data according to their own privacy policies. We ensure all third parties comply with GDPR requirements.

8. International Transfers

Your data may be transferred outside the EU for processing. We ensure appropriate safeguards are in place, including adequacy decisions or standard contractual clauses.

9. Contact & Complaints

To exercise your rights or for privacy-related questions, contact us:

You also have the right to lodge a complaint with your local data protection authority if you believe your rights have been violated.

10. Policy Updates

We may update this policy periodically. Changes will be posted on this page with an updated revision date. Continued use of our services constitutes acceptance of any changes.