Privacy Policy
Last updated: June 2026
1. Who We Are
This website is operated by Individual Entrepreneur Andrei Ermolov (erm.ge), providing Ivanti Voice, ITSM and ITAM consulting services.
- Website and its aliases: https://erm.ge, http://ermolov.pro
- Contact email: inbox@erm.ge
For the purposes of the General Data Protection Regulation (EU) 2016/679 (“GDPR”), ERM is the data controller in respect of personal data collected through this website.
2. What Data We Collect and Why
2.1 Contact Form Submissions
When you submit a contact form on this website, we collect:
- Your name
- Your email address
- The content of your message
Purpose: To respond to your enquiry and communicate with you about our services.
Legal basis: Article 6(1)(b) GDPR — processing is necessary to take steps at your request prior to entering a contract, or Article 6(1)(f) GDPR — our legitimate interest in responding to business enquiries.
2.2 Website Analytics (Google Analytics)
We use Google Analytics to understand how visitors use our website. This service collects:
- Pages visited and time spent on each page
- Browser type, device type, and operating system
- Approximate geographic location (country/city level)
- Referring website or search query
Data is collected via cookies and sent to Google LLC servers. Google Analytics is configured with IP anonymisation enabled, meaning your full IP address is never stored.
Purpose: To improve the website and understand which content is most useful to visitors.
Legal basis: Article 6(1)(a) GDPR — your consent, given via the cookie banner when you first visit the site. You may withdraw consent at any time by adjusting your cookie preferences.
2.3 Cookie Consent Records
We use WPConsent to manage cookie preferences. When you interact with the cookie consent banner, we store a record of your choice (accepted or declined). This record contains:
- Your consent decision (accepted / declined / preferences)
- The date and time of your decision
- A technical identifier (cookie) to remember your choice on return visits
Purpose: To comply with our legal obligation to obtain and record valid consent before setting non-essential cookies.
Legal basis: Article 6(1)(c) GDPR — compliance with a legal obligation.
3. Cookies
We use the following categories of cookies:
| Category | Description | Consent required |
|---|---|---|
| Strictly necessary | Session and security cookies required for the site to function | No |
| Analytics | Google Analytics cookies (_ga, _gid, _gat) that measure site usage | Yes |
| Consent record | WPConsent cookie storing your cookie preferences | No (functional) |
You can manage your cookie preferences at any time by clicking the cookie settings button on our website.
For more detail on the specific cookies set, please refer to the cookie declaration presented in the cookie banner.
4. How Long We Keep Your Data
| Data type | Retention period |
|---|---|
| Contact form submissions | 2 years from the date of submission, or until the enquiry is resolved, whichever is later |
| Google Analytics data | 26 months (Google’s default retention period) |
| Consent records | 1 year from the date of consent |
After the applicable retention period, data is deleted or anonymised.
5. Who We Share Your Data With
We do not sell your personal data. We may share it with the following third parties solely for the purposes described above:
- Google LLC — for website analytics (Google Analytics). Google may transfer data to servers outside the EU/EEA. This transfer is covered by Google’s EU Standard Contractual Clauses. See Google’s Privacy Policy.
- Hosting provider — our website host processes server logs that may contain IP addresses, solely for security and operational purposes.
We do not share personal data with any other third parties unless required to do so by law.
6. International Transfers
Our website is hosted in the European Union. Google Analytics data is processed by Google LLC in the United States. Such transfers are governed by Standard Contractual Clauses approved by the European Commission, ensuring an adequate level of protection.
7. Your Rights Under GDPR
If you are located in the European Economic Area (EEA) or the United Kingdom, you have the following rights regarding your personal data:
- Right of access — you may request a copy of the personal data we hold about you.
- Right to rectification — you may ask us to correct inaccurate or incomplete data.
- Right to erasure — you may ask us to delete your personal data where there is no compelling reason for us to continue processing it.
- Right to restrict processing — you may ask us to pause processing of your data in certain circumstances.
- Right to data portability — you may request your data in a structured, machine-readable format.
- Right to object — you may object to processing based on legitimate interests.
- Right to withdraw consent — where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
To exercise any of these rights, please contact us at inbox@erm.ge. We will respond within 30 days.
You also have the right to lodge a complaint with a supervisory authority. If you are in the EU, you may contact your national data protection authority. A list of EU supervisory authorities is available at edpb.europa.eu.
8. Security
We take appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or disclosure. Our website uses HTTPS encryption for all data in transit.
9. Third-Party Links
Our website may contain links to third-party websites. We are not responsible for the privacy practices of those sites and encourage you to review their privacy policies.
10. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will update the “Last updated” date at the top of this page. We encourage you to review this page periodically.
11. Contact Us
If you have any questions about this Privacy Policy or how we handle your data, please contact:
erm.ge
Email: inbox@erm.ge
Website: https://erm.ge
