Privacy Policy

Last updated: 15 January 2026

Introduction

skywardpath SARL ("we", "our", or "us") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website skywardpath.top and use our food safety audit preparation services.

Data Controller Information

The data controller responsible for your personal data is skywardpath SARL, a company registered in Luxembourg with registration number RCSB739154, VAT number LU73648297, located at Boulevard de la Pétrusse 57, 9712 Ettelbruck, Diekirch, Luxembourg.

Data Collection

The data we collect may include the following categories of personal information:

  • Contact Information: Name, email address, phone number, postal address, and company details when you contact us or use our services
  • Communication Data: Records of correspondence and communications with us, including emails, phone calls, and messages
  • Website Usage Data: Information about how you use our website, including IP address, browser type, pages visited, and time spent on our site
  • Service Data: Information related to the food safety audit preparation services we provide to your business
  • Technical Data: Device information, operating system, and other technical identifiers

How We Use Your Information

How we use your information depends on the services you use and your relationship with us. We may use the personal data we collect for the following purposes:

  • • To provide and deliver our food safety audit preparation services
  • • To respond to your inquiries and provide customer support
  • • To communicate with you about our services, updates, and relevant information
  • • To improve our website functionality and user experience
  • • To comply with legal obligations and regulatory requirements
  • • To protect our rights, privacy, safety, or property, and that of our users

Legal Basis for Processing

Under the General Data Protection Regulation (GDPR), we process your personal data based on the following legal grounds:

  • Contract Performance: To fulfil our contractual obligations when providing services to you
  • Legitimate Interests: For our legitimate business interests, such as improving our services and website functionality
  • Consent: Where you have given explicit consent for specific processing activities
  • Legal Compliance: To comply with applicable laws and regulations

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner. For detailed information about the cookies we use, please see our Cookie Policy.

Data Sharing and Disclosure

We may share your personal information in the following circumstances:

  • • With service providers who assist us in operating our website and providing our services
  • • With professional advisers such as lawyers, accountants, and auditors
  • • To comply with legal obligations or respond to lawful requests from public authorities
  • • In connection with a business transaction such as a merger or acquisition
  • • With your explicit consent for specific purposes

International Data Transfers

As we operate within the European Union, your personal data is primarily processed within the EU. If we transfer your data outside the EU, we ensure appropriate safeguards are in place, such as adequacy decisions or standard contractual clauses approved by the European Commission.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements. Typically, we retain client data for seven years after the end of our business relationship, in accordance with Luxembourg business record-keeping requirements.

Your Rights

Under the GDPR, you have the following rights regarding your personal data:

  • Right of Access: Request copies of your personal data
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data in certain circumstances
  • Right to Restrict Processing: Request limitation of processing in certain situations
  • Right to Data Portability: Request transfer of your data to another organisation
  • Right to Object: Object to processing based on legitimate interests or for direct marketing
  • Right to Withdraw Consent: Withdraw consent for processing based on consent

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include encryption, access controls, regular security assessments, and staff training on data protection principles.

Contact Information

If you have any questions about this Privacy Policy, wish to exercise your rights, or need to contact us regarding data protection matters, please reach out to us:

Email: privacy@skywardpath.top

Phone: +352 24260088

Address:
skywardpath SARL
Boulevard de la Pétrusse 57
9712 Ettelbruck
Diekirch, Luxembourg

Supervisory Authority

You have the right to lodge a complaint with the Luxembourg National Commission for Data Protection (CNPD) if you believe we have not handled your personal data in accordance with data protection law. Contact details: Commission nationale pour la protection des données, 15, boulevard du Jazz, L-4370 Belvaux, Luxembourg.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically.

Children's Privacy

Our services are not directed to individuals under the age of 16, and we do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16 without parental consent, we will take steps to delete such information.