Privacy Policy

1. Information We Collect

1.1 Personal Information You Provide

We may collect personally identifiable information that you voluntarily provide when you:

• Fill out a contact form or request a quote
• Create an account or sign in using Google OAuth
• Subscribe to our newsletter or marketing communications
• Engage us for services or enter into a contract
• Communicate with us via email, phone, or other channels

This information may include:

• Full name
• Email address
• Phone number
• Company name and job title
• Billing and payment information
• Project details and requirements you share with us
• Any other information you choose to provide

1.2 Information Collected via Google OAuth

When you sign in using Google OAuth, we may receive the following information from your Google account, depending on the permissions you grant:

• Your Google account email address
• Your name and profile picture
• Your Google account unique identifier

1.3 Automatically Collected Information

When you visit our Site, we may automatically collect certain information, including:

• IP address and approximate geographic location
• Browser type, version, and language preferences
• Operating system and device type
• Pages visited, time spent, and navigation paths
• Referring website or source
• Date and time of access
• Click-stream data and interaction patterns

1.4 Cookies and Tracking Technologies

We use cookies, web beacons, pixels, and similar tracking technologies to collect information about your browsing activities. For more details, see Section 11: Cookie Policy below.

2. How We Use Your Information

We use the information we collect for the following purposes:

• Service Delivery: To provide, operate, maintain, and improve our website and services
• Account Management: To create and manage your account, authenticate your identity, and provide account-related support
• Communication: To respond to inquiries, send project updates, and provide customer support
• Marketing: To send promotional materials, newsletters, and updates about our services (with your consent where required)
• Analytics: To analyze usage trends, monitor site performance, and improve user experience
• Security: To detect, prevent, and address fraud, unauthorized access, and other illegal activities
• Legal Compliance: To comply with applicable laws, regulations, and legal processes
• Business Operations: To manage our business relationships, process transactions, and fulfill contractual obligations

3. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom (UK), or Switzerland, we process your personal data based on the following legal grounds:

• Consent: You have given explicit consent for processing your personal data for specific purposes (e.g., marketing communications, Google OAuth sign-in)
• Contractual Necessity: Processing is necessary to perform a contract with you or take pre-contractual steps at your request
• Legitimate Interests: Processing is necessary for our legitimate business interests, such as improving our services, fraud prevention, and direct marketing, provided these interests do not override your rights
• Legal Obligation: Processing is necessary to comply with legal or regulatory requirements

4. Data Sharing and Disclosure

We do not sell, rent, or trade your personal information. We may share your information in the following circumstances:

• Service Providers: Trusted third-party vendors who assist us in operating our website, conducting business, or servicing you (e.g., hosting providers, payment processors, analytics services), bound by contractual obligations to protect your data
• Legal Requirements: When required by law, regulation, legal process, or enforceable governmental request
• Protection of Rights: To enforce our terms, protect our rights, privacy, safety, or property, and that of our users or the public
• Business Transfers: In connection with a merger, acquisition, reorganization, or sale of assets, your data may be transferred as a business asset
• With Your Consent: We may share your information with your explicit consent for purposes not covered by this policy

5. Google API Services — User Data Policy

Our use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

• We only request access to the data necessary for our application's functionality
• We will not use Google user data for serving advertisements, including retargeting, personalized, or interest-based advertising
• We will not allow humans to read Google user data unless we have your affirmative agreement, it is necessary for security purposes, to comply with applicable law, or for internal operations
• We will not transfer Google user data to third parties except as necessary to provide or improve our services, to comply with applicable law, or as part of a merger or acquisition

6. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements.

• Account Data: Retained for the duration of your account and up to 30 days after account deletion
• Project and Contract Data: Retained for the duration of the business relationship plus 5 years for legal and compliance purposes
• Marketing Data: Retained until you unsubscribe or withdraw consent
• Analytics Data: Retained in aggregated, anonymized form for up to 26 months
• Communication Records: Retained for up to 3 years for quality assurance and dispute resolution

When data is no longer required, it is securely deleted or anonymized in accordance with our data retention policies.

7. Your Rights

7.1 Rights Under GDPR (EEA/UK Residents)

If you are located in the EEA, UK, or Switzerland, you have the following rights:

• Right of Access: Request a copy of the personal data we hold about you
• Right to Rectification: Request correction of inaccurate or incomplete personal data
• Right to Erasure: Request deletion of your personal data ("right to be forgotten")
• Right to Restrict Processing: Request that we limit how we use your data
• Right to Data Portability: Receive your data in a structured, machine-readable format
• Right to Object: Object to processing based on legitimate interests or direct marketing
• Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent
• Right to Lodge a Complaint: File a complaint with your local data protection authority

7.2 Rights Under CCPA (California Residents)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

• Right to Know: Request disclosure of the categories and specific pieces of personal information we have collected about you
• Right to Delete: Request deletion of personal information we have collected
• Right to Correct: Request correction of inaccurate personal information
• Right to Opt-Out: Opt out of the sale or sharing of personal information (we do not sell personal information)
• Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights

To exercise any of these rights, please contact us at info@softxlogic.com. We will respond to your request within 30 days (or as required by applicable law).

8. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from the laws of your jurisdiction.

When we transfer personal data across borders, we implement appropriate safeguards to ensure your data is protected in compliance with applicable data protection laws, including:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Data Processing Agreements (DPAs) with our service providers
• Ensuring recipients maintain adequate security measures
• Compliance with applicable international transfer frameworks

9. Data Security

We implement industry-standard technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction, including:

• SSL/TLS encryption for data in transit
• Encryption of sensitive data at rest
• Regular security assessments and vulnerability testing
• Access controls and authentication mechanisms
• Employee training on data protection best practices
• Incident response and breach notification procedures

While we strive to protect your personal information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security but will notify affected users and relevant authorities in the event of a data breach as required by law.

10. Children's Privacy

Our services are not directed to individuals under the age of 16 (or the applicable age of consent in your jurisdiction). We do not knowingly collect personal information from children. If we become aware that we have inadvertently collected personal data from a child under 16, we will take steps to delete such information promptly.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us at info@softxlogic.com so we can take appropriate action.

11. Cookie Policy

Cookies are small text files placed on your device when you visit our website. We use the following types of cookies:

11.1 Essential Cookies

These cookies are necessary for the website to function properly. They enable core features such as security, session management, and accessibility. These cookies cannot be disabled.

11.2 Analytics Cookies

We use analytics cookies (such as Google Analytics) to understand how visitors interact with our website. These cookies collect information anonymously, including the number of visitors, pages visited, and traffic sources.

11.3 Functional Cookies

These cookies remember your preferences and settings to provide a more personalized experience, such as language preferences and display settings.

11.4 Marketing Cookies

These cookies may be set through our website by advertising partners to build a profile of your interests and show relevant advertisements on other sites. They work by uniquely identifying your browser and device.

11.5 Managing Cookies

You can control and manage cookies through your browser settings. Most browsers allow you to:

• View, delete, and block cookies
• Set preferences for certain websites
• Configure third-party cookie settings

Please note that disabling cookies may affect the functionality of our website and your user experience.

12. Third-Party Links

Our website may contain links to third-party websites, services, or applications that are not operated by us. We are not responsible for the privacy practices or content of these third-party sites. We encourage you to review the privacy policies of any external site before providing your personal information.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes:

• We will update the "Last Updated" date at the top of this page
• For significant changes, we will provide a prominent notice on our website or send you a direct notification
• Your continued use of our services after the changes take effect constitutes your acceptance of the revised policy

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: