Privacy Policy

Last updated: April 2, 2026  ·  Pharis, Stjepana Ljubise 7, 11000 Belgrade, Serbia

This Privacy Policy explains how Pharis ("we", "us", or "our") collects, uses, and protects information when you use the PMS Permit Management System and visit our website at site.pms.pharis.io.

1. Information We Collect

We collect the following types of information:

• Contact form data — name, email address, company name, phone number, and message content when you submit a demo request or enquiry.
• Usage data — anonymous analytics data including pages visited, browser type, and referral source, collected via Google Analytics.
• Application data — if you use the PMS application, we store user account information, permit records, approval decisions, and audit trail data necessary for the operation of the system.

2. How We Use Your Information

• To respond to demo requests and sales enquiries.
• To operate and maintain the PMS application for your organisation.
• To send email notifications related to permit approvals and system activity (application users only).
• To improve the website and understand how visitors use it.

3. Legal Basis for Processing (GDPR)

For visitors in the European Economic Area, we process personal data on the following legal bases:

• Legitimate interest — responding to enquiries and operating the service.
• Contract performance — processing data necessary to deliver the PMS application to your organisation.
• Consent — analytics cookies, where required by applicable law.

4. Data Sharing

We do not sell or rent your personal data. We share data only with:

• Mailgun — for sending transactional emails. Mailgun processes data in accordance with its own privacy policy.
• Google Analytics — for anonymous website analytics.
• DigitalOcean — for hosting the application and website infrastructure.

All third-party processors are bound by data processing agreements and handle data in compliance with GDPR.

5. Data Retention

Contact form submissions are retained for up to 12 months. Application data (permits, approvals, audit trails) is retained for the duration of the customer contract and deleted within 90 days of contract termination upon request.

6. Your Rights

Under GDPR you have the right to access, correct, or delete your personal data, object to processing, and request data portability. To exercise any of these rights, contact us at info@pharis.io.

7. Cookies

This website uses Google Analytics cookies to understand visitor behaviour. These cookies collect anonymous data and do not identify you personally. You can opt out via your browser settings or the Google Analytics opt-out browser add-on.

8. Security

We use HTTPS encryption for all data in transit. The PMS application uses JWT-based authentication, role-based access control, and stores all data on secured infrastructure. We apply reasonable technical and organisational measures to protect your data.

9. Changes to This Policy

We may update this policy from time to time. The date at the top of this page reflects the most recent revision. Continued use of the website or application after changes constitutes acceptance of the updated policy.

10. Contact

For any privacy-related questions or requests, contact us at:
info@pharis.io
Stjepana Ljubise 7, 11000 Belgrade, Serbia