Privacy Policy
Last updated: 1 July 2026
1. Data Controller
The Controller of the processing of personal data is:
FORWARD SHPK
Rruga Ukraina e Lire, P14
1001 Tirana – Albania
E-mail: info@forward.al
For any information regarding the processing of personal data, or to exercise the rights recognized by applicable data protection legislation, you may contact the Controller at the e-mail address indicated above.
2. Types of Data Collected
This website collects exclusively the personal data voluntarily provided by the user through the contact form.
The data may include:
Full name;
E-mail address;
Phone number (if included in the form);
Content of the message;
Any other information voluntarily entered by the user.
The site also collects technical browsing data (such as IP address, access logs, browser and device information) necessary for the proper functioning of the site and for system security.
3. Purposes of Processing
Personal data are processed for the following purposes:
responding to requests sent through the contact form;
providing information about the requested services;
managing any pre-contractual communications;
ensuring the proper technical functioning of the site;
compiling aggregate statistics on the use of the site in order to improve its functioning and browsing experience.
The site does not carry out user profiling activities, nor does it send commercial communications or newsletters.
4. Legal Basis for Processing
The processing of personal data is carried out in compliance with applicable data protection legislation and is based, depending on the purpose pursued, on:
the adoption of pre-contractual measures requested by the data subject, when the user requests information, a quote, or other communications relating to the services offered;
the Controller’s legitimate interest in ensuring the security, proper functioning, and maintenance of the website;
the Controller’s legitimate interest in preventing fraudulent activities, abuse, or spam;
the Controller’s legitimate interest in collecting aggregate statistics on the use of the site, in order to improve its content, functionality, and the services offered.
5. Methods of Processing
Data are processed using IT and telematic tools, adopting adequate security measures aimed at preventing unauthorized access, disclosure, modification, or destruction.
Access to the data is granted exclusively to persons authorized by the Controller or to service providers strictly necessary for the management of the site.
Processing is carried out in compliance with the principles of lawfulness, fairness, transparency, data minimization, and storage limitation set out by applicable legislation.
6. Data Retention
Data submitted through the contact form are retained for a maximum period of 12 months from receipt of the request, unless further retention is necessary to comply with legal obligations or to protect the rights of the Controller.
7. Data Recipients
Personal data may be processed by parties that provide services necessary for the operation of the website, such as:
hosting and cloud service providers;
IT service and technical maintenance providers;
professionals and consultants appointed by the Controller, where necessary.
The site also uses Akismet, a spam-protection service provided by Automattic Inc., which may process certain technical data (such as IP address, user agent, referrer, and the content of submitted messages) in order to detect and prevent unwanted content.
The use of this service may involve the transfer of data to third countries, including the United States, in compliance with the safeguards provided for by applicable data protection legislation.
Such parties process data exclusively on behalf of the Controller or as independent data controllers, as provided for by applicable legislation.
8. Data Transfer
Personal data are processed primarily in Albania. However, in carrying out its activities, the Company may make use of service providers or technological infrastructure located in other countries, whether or not belonging to the European Union or the European Economic Area (EEA).
Where such providers involve a transfer of personal data to foreign countries, the transfer will take place in compliance with applicable data protection legislation and through the adoption of the security measures and safeguards provided for by law, including, where applicable, the Standard Contractual Clauses approved by the European Commission or other suitable legal instruments.
9. Cookies and Analytics Tools
The site uses technical cookies necessary for its operation.
Cookie preferences are managed through the consent system implemented with Complianz.
The site also uses Independent Analytics to compile aggregate statistics on the use of the site in order to improve its functioning.
The fonts used by the site are hosted locally; therefore, no requests are made to Google’s servers to load characters during browsing.
For more information on the use of cookies, please refer to the dedicated “Cookie Management” section.
10. Rights of the Data Subject
Data subjects may exercise, in the cases provided for by applicable data protection legislation, the rights recognized to them, including the right to:
obtain confirmation of the existence of their personal data;
request access to it;
obtain its rectification;
request its erasure;
obtain restriction of processing;
object to processing in the cases provided for by law;
request data portability, where applicable;
lodge a complaint with the competent supervisory authority for data protection, as provided for by applicable legislation.
11. How to Exercise Your Rights
To exercise your rights or to request information about the processing of personal data, you may contact the Controller at:
12. Changes to This Policy
The Controller reserves the right to modify this Privacy Policy at any time.
Any updates will be published on this page, indicating the date of the last revision.
Users are therefore invited to periodically review this policy.
