Legal
Privacy Notice
This Privacy Notice explains how Stratos Holdings Group Inc. (“Stratos Holdings,” “we,” “us,” “our”) collects, uses, and protects personal information when you visit stratos.holdings or correspond with us by email. We process personal information lawfully, transparently, and in accordance with applicable US state privacy laws and, where relevant, the EU/UK General Data Protection Regulation (GDPR).
1. Who we are
- Stratos Holdings Group Inc.
- 8 The Green, STE B, Dover, DE 19901, United States
- Incorporated in the State of Delaware
- Privacy contact: office@stratos.holdings
2. What we collect and why
2.1 Contact form submissions
When you submit our enquiry form we collect the name, email address, and message you provide, together with the time of submission and the IP address from which the request originated. We use this information solely to evaluate and respond to your enquiry, and to defend against form abuse.
Lawful basis (where GDPR applies): Article 6(1)(f) UK/EU GDPR — legitimate interests in responding to business enquiries. Where the enquiry concerns a prospective engagement, Article 6(1)(b) (pre-contractual measures) may also apply.
2.2 Server logs
Our web server records standard request metadata: IP address, request URL, HTTP status code, user-agent, referrer, and timestamp. These logs are used to operate the service, investigate faults, and detect abuse.
2.3 Cookies and storage technologies
We do not set first-party tracking, analytics, or marketing cookies. With your consent, we load the Google Maps embed on our Contact page, which sets cookies from Google. Full detail is in our Cookie Policy.
3. Who we share information with
| Processor | Function | Location |
|---|---|---|
| Migadu Email Services | Hosts our mailbox and processes mail sent to office@stratos.holdings. | Switzerland |
| IONOS SE | Hosts the website and contact-form backend (data at rest). | Germany / United States |
| Google LLC | Serves the optional interactive map on our Contact page (only after your consent). | United States |
We do not sell or rent personal information. We do not share information with advertising networks or data brokers. We may disclose information where required by US federal or state law, a competent regulator, or a court of competent jurisdiction.
4. International transfers
If you are located in the European Economic Area, the United Kingdom, or Switzerland, your personal information may be transferred to and processed in the United States and other jurisdictions where our processors operate. Such transfers rely on appropriate safeguards under the EU/UK GDPR, including the EU–US Data Privacy Framework (and its UK Extension) where applicable, and Standard Contractual Clauses as a backstop.
5. How long we keep information
| Category | Retention |
|---|---|
| Enquiry form submissions | 12 months from the last related correspondence, then deleted. |
| Active client correspondence | For the duration of the relationship and 7 years thereafter (US tax and corporate record-keeping obligations). |
| Web server access logs | 30 days, then automatically rotated and deleted. |
| Cookie consent record (browser localStorage) | 12 months from the date of consent, then re-prompted. |
6. Your rights
6.1 If you are in the United States
Depending on your state of residence, you may have rights under state privacy laws such as the California Consumer Privacy Act (CCPA), Virginia CDPA, Colorado CPA, Connecticut CTDPA, Utah UCPA, or similar statutes. These typically include the right to know what information we hold about you, to delete it, to correct it, and not to be discriminated against for exercising your rights. We do not sell personal information, and we do not engage in “sharing” or “targeted advertising” as defined under those statutes.
6.2 If you are in the EEA, UK, or Switzerland
Under the EU/UK GDPR you have the rights of access, rectification, erasure, restriction, data portability, and objection. Where processing relies on your consent (for example, loading the Google Maps embed), you may withdraw it at any time via the Cookie Settings link in the footer of our website. Withdrawing consent does not affect the lawfulness of any processing carried out before withdrawal.
To exercise any of these rights, write to office@stratos.holdings. We will respond within the timeframe required by applicable law (typically 30–45 days). We may ask for proof of identity before disclosing personal information.
7. Complaints
If you believe we have handled your personal information improperly, please write to us first — we would like the opportunity to address your concerns directly. You also have the right to lodge a complaint with a supervisory authority, including:
- The relevant State Attorney General (United States residents)
- The UK Information Commissioner’s Office — ico.org.uk/make-a-complaint (UK residents)
- Your national Data Protection Authority (EEA residents)
8. Automated decision-making
We do not carry out automated decision-making or profiling that produces legal or similarly significant effects.
9. Security
The website is served exclusively over TLS. Mailbox contents are encrypted at rest by our email host. Access to our infrastructure is restricted by SSH key authentication, rate-limiting, and intrusion-prevention monitoring. We back up critical data regularly to encrypted storage in a separate location.
10. Children
This website is not directed to children under the age of 13 (or under 16 in the EEA/UK). We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, contact us and we will delete it.
11. Changes to this notice
We may amend this Notice from time to time. Material changes will be flagged on this page and the “Effective” date above will change accordingly.