Privacy Policy

1 Information We Collect

We only collect information that is necessary to respond to your enquiry or to provide our services. We do not buy, sell, or broker personal data.

Information you provide directly:

• Name and email address submitted via the contact form
• Company name and message content you voluntarily include
• Service category you select when reaching out

Information collected automatically:

• IP address and approximate geographic region (country/city level)
• Browser type, operating system, and screen resolution
• Referring URL and pages visited on this site
• Date and time of your visit

We do not collect payment information, government-issued ID numbers, or any sensitive personal data as defined under applicable law.

2 How We Use Your Information

We use the information we collect solely for the following purposes:

• Responding to enquiries - to answer your questions and follow up on project requests
• Service delivery - to fulfil contractual obligations when you engage us as a client
• Website improvement - to understand how visitors use our site and to fix technical issues
• Legal compliance - to meet applicable legal, regulatory, or tax obligations

We do not use your data for automated decision-making, profiling, or targeted advertising.

3 Legal Basis for Processing

Depending on where you are located, our processing of your personal data is based on one or more of the following legal grounds:

• Consent - when you voluntarily submit the contact form
• Legitimate interests - for website analytics and security, where our interest does not override your rights
• Contract performance - when processing is necessary to deliver agreed services
• Legal obligation - when required by law to retain or disclose data

Residents of California may have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA). See Section 8 for details.

4 Data Sharing & Third Parties

We do not sell, rent, or trade your personal data. We may share information only in the following limited circumstances:

• Service providers - hosting and infrastructure providers who process data on our behalf under strict data processing agreements
• Legal requirements - when required by law, court order, or governmental authority
• Business transfers - in the event of a merger or acquisition, data may transfer to the successor entity under the same privacy commitments

Any third party that processes data on our behalf is contractually prohibited from using it for their own purposes.

5 Data Retention

We retain personal data only as long as necessary for the purpose it was collected:

• Contact form submissions - up to 24 months, or until the business relationship concludes, whichever comes first
• Client project data - for the duration of the engagement plus 6 years to comply with commercial record-keeping requirements
• Server logs - automatically deleted after 90 days

When data is no longer required, it is securely deleted or anonymised.

6 Cookies & Tracking

This website does not use advertising cookies, social media trackers, or third-party analytics services such as Google Analytics.

We may set a small number of technically necessary cookies for:

• Session management and security (e.g. CSRF protection)
• Remembering your cookie consent preference

These cookies do not track you across other websites and expire at the end of your browser session or within 12 months at most.

7 Data Security

We apply the same security standards to our own infrastructure that we recommend to our clients:

• TLS encryption for all data in transit
• Encrypted storage for data at rest
• Access controls and the principle of least privilege
• Regular security audits and patch management

No method of transmission over the internet is 100% secure. In the event of a data breach that poses a risk to your rights, we will notify you and, where required by law, the relevant supervisory authority without undue delay.

8 Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

• Access - request a copy of the personal data we hold about you
• Correction - ask us to correct inaccurate or incomplete data
• Deletion - request erasure of your data ("right to be forgotten")
• Portability - receive your data in a structured, machine-readable format
• Objection - object to processing based on legitimate interests
• Restriction - ask us to limit how we use your data while a dispute is resolved

California residents (CCPA/CPRA) additionally have the right to:

• Know what personal information is collected and how it is used
• Opt out of the sale or sharing of personal information (we do not sell or share data)
• Non-discrimination for exercising privacy rights
• Correct inaccurate personal information
• Limit use of sensitive personal information (we do not collect sensitive data)

To exercise any of these rights, please contact us using the details in Section 11. We will respond within 30 days (or 45 days for complex requests).

9 Children's Privacy

Our website and services are directed exclusively at businesses and professionals. We do not knowingly collect personal data from anyone under the age of 16.

If you believe we have inadvertently collected information from a minor, please contact us immediately and we will delete it promptly.

10 Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. When we do, we will revise the "Last updated" date at the top of this page.

For material changes that affect how we use your personal data, we will make reasonable efforts to notify you - for example, by sending an email if you are an existing client.

We encourage you to review this page periodically.

11 Contact Us

If you have any questions about this Privacy Policy, want to exercise your rights, or wish to report a privacy concern, please reach out: