Privacy Policy
This Privacy Policy explains how [COMPANY NAME] ("we," "us," or "our") collects, uses, discloses, and safeguards information when you visit our website, engage our software development services, or otherwise interact with us.
1. Introduction
Effective date: [DATE]
[COMPANY NAME] is a software development company headquartered in [COUNTRY]. We are committed to protecting the privacy of our website visitors, prospective clients, and active customers. This policy applies to information collected through our website, sales and onboarding processes, project collaboration tools, and support channels.
By using our services or submitting information to us, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our practices, please do not use our services or provide personal information.
2. Information We Collect
Personal Data
We may collect personal information that you voluntarily provide, including:
- Name, job title, company name, and business contact details
- Email address, phone number, and mailing address
- Billing and invoicing information (processed through secure payment providers)
- Communications you send us via contact forms, email, chat, or project management tools
- Resume and employment-related data when you apply for a position with us
Usage Data
When you visit our website or use our digital properties, we may automatically collect:
- IP address, browser type, device identifiers, and operating system
- Pages viewed, referring URLs, session duration, and clickstream data
- Approximate geographic location derived from IP address
- Error logs and performance diagnostics to maintain service reliability
Client Project Data
In the course of delivering custom software, mobile applications, and related services, we may process data on behalf of our clients. This may include source code, design assets, API credentials (stored in secure vaults), staging and production environment data, user analytics, and business documentation shared for project execution. The ownership and permitted use of client project data is governed by our service agreements and applicable confidentiality terms.
3. How We Use Information
We use collected information for legitimate business purposes, including to:
- Respond to inquiries, provide proposals, and deliver contracted software development services
- Manage client accounts, project workflows, invoicing, and support requests
- Improve our website, services, and internal development processes
- Send service-related notices, security alerts, and administrative communications
- Comply with legal obligations, enforce agreements, and protect our rights
- Send marketing communications where permitted by law and subject to your opt-out preferences
We process personal data based on contractual necessity, legitimate interests, consent (where required), and legal compliance, depending on the context of collection.
4. Data Sharing & Third Parties
We do not sell personal information. We may share information with trusted third parties when necessary:
- Cloud providers — such as AWS, Google Cloud, Microsoft Azure, or Vercel for hosting, storage, and deployment infrastructure
- Analytics tools — such as Google Analytics, Plausible, or similar services to understand website usage and improve user experience
- Subcontractors and specialists — freelance developers, designers, QA engineers, or agencies engaged under confidentiality agreements to support project delivery
- Business tools — CRM, email, accounting, project management, and communication platforms (e.g., Slack, Jira, Notion, HubSpot)
- Legal and compliance — when required by law, court order, or to protect the safety and rights of [COMPANY NAME], our clients, and the public
All third-party processors are selected based on security practices and contractual data protection obligations. International transfers, where applicable, are conducted with appropriate safeguards such as Standard Contractual Clauses.
5. Data Storage & Security
We implement technical and organizational measures designed to protect information against unauthorized access, alteration, disclosure, or destruction. These measures include:
- Encryption in transit (TLS/HTTPS) and encryption at rest for sensitive data where supported
- Role-based access control, least-privilege principles, and multi-factor authentication
- Secure credential management using password managers and secrets vaults
- Regular backups, monitoring, and incident response procedures
- Employee confidentiality training and background checks where appropriate
No method of transmission or storage is completely secure. While we strive to protect your information, we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of any credentials shared with you for project collaboration.
7. Your Rights
Depending on your location, you may have rights regarding your personal data under laws such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), as amended by CPRA.
These rights may include the ability to:
- Access the personal information we hold about you
- Request correction of inaccurate or incomplete data
- Request deletion of personal information, subject to legal exceptions
- Object to or restrict certain processing activities
- Request data portability in a structured, machine-readable format
- Withdraw consent where processing is based on consent
- Opt out of the sale or sharing of personal information (we do not sell personal data)
- Lodge a complaint with a supervisory authority in your jurisdiction
To exercise your rights, contact us at [EMAIL]. We will respond within the timeframe required by applicable law, typically within 30 days.
8. Data Retention Policy
We retain personal information only for as long as necessary to fulfill the purposes described in this policy, unless a longer retention period is required or permitted by law.
- Marketing and inquiry data — retained for up to 24 months after last interaction, unless you request earlier deletion
- Client project records — retained for the duration of the engagement and typically 3–7 years thereafter for legal, tax, and dispute resolution purposes
- Website analytics — aggregated or anonymized data may be retained indefinitely
When data is no longer needed, we securely delete or anonymize it in accordance with our data disposal procedures.
9. Children's Privacy
Our services are directed at businesses and professionals. We do not knowingly collect personal information from children under the age of 16 (or the applicable age of digital consent in your jurisdiction). If you believe we have inadvertently collected information from a child, please contact us at [EMAIL] and we will take steps to delete it promptly.
10. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact:
[COMPANY NAME]
Email: [EMAIL]
Country: [COUNTRY]
For GDPR-related inquiries, you may also contact our Data Protection Officer (if appointed) at the same email address with the subject line "Data Protection Request."
