Privacy policy

Regit (“Regit”, “we”, “us”) operates this website at www.regit.io.
26 Boulevard Royal, L-2449 Luxembourg.
Telephone +352 691 354 412. Email info@regit.io.

This policy covers the data processed through the Regit marketing site. It does not cover the Regit OS product itself or any data held under a signed service agreement; those relationships are governed by the contracts concluded with each client.

The Regit marketing site uses three analytics tools, each configured to run in cookieless mode by default.

• Vercel Analytics: first-party, cookieless. Records anonymous pageview counts, referrer source, rough country, and Web Vitals performance metrics. No personal identifiers.
• Google Analytics 4: operated in Consent Mode v2 with analytics and advertising storage defaulted to denied. No _ga or persistent user cookies are set. Google receives aggregated, cookieless pings used for conversion modelling.
• Microsoft Clarity: operated with the consentv2 denied defaults and Strict content masking. Captures session replay and heatmap data without cookies, without cross-session user identification, and with all text and input fields masked. Data is used internally to improve site usability.

The contact form is protected by Cloudflare Turnstile, an invisible bot-detection service that replaces a traditional CAPTCHA. Turnstile evaluates browser signals (user agent, timing, interaction patterns) and your IP address at the moment of submission to distinguish human visitors from automated traffic. No cookies are set on your device. The resulting verification token is discarded once the form is processed.
When you submit the contact form, we collect the information you provide (typically name, email, and message) to respond to your enquiry.

We process the analytics data described above on the basis of our legitimate interest in understanding how visitors use the site and improving its effectiveness (Art. 6(1)(f) GDPR). Contact form data is processed to take steps at your request prior to entering into a contract, or on the basis of our legitimate interest in responding to enquiries (Art. 6(1)(b) and (f) GDPR).

Because no cookies or persistent identifiers are written to your device, the ePrivacy Directive’s consent requirement for terminal-device storage does not apply. Accordingly, no cookie banner is shown. You may object to processing based on legitimate interest at any time by writing to privacy@regit.io.

We share the categories of data above with the processors named in section 3 for the purpose of operating those services. These processors are based in the United States; however, the data they receive is anonymised or aggregated and contains no persistent personal identifiers. We do not sell personal data. We do not run advertising or retargeting on this site.

Under the GDPR you have the right to access, rectify, erase, restrict processing of, and port your personal data, and to object to processing based on legitimate interest. Write to privacy@regit.io and we will respond within one month. You may also lodge a complaint with the Luxembourg data protection authority (CNPD) or your local supervisory authority.

We may update this policy to reflect changes to our practices, the tools we use, or applicable law. The “last updated” date above reflects the most recent substantive change.

For questions about this policy or requests relating to your personal data, write to privacy@regit.io. For general enquiries, write to info@regit.io. To report a suspected vulnerability or security issue, contact security@regit.io or see /.well-known/security.txt.