Privacy Policy

Effective Date: 25 September 2025

1) Introduction

This Privacy Policy explains how CodeWebster (Codewebster LLP) (“Company,” “We,” “Us,” “Our”) collects, uses, discloses, and safeguards personal and non-personal data of individuals and organizations (“User,” “Client,” “You”). By accessing or using our Website, purchasing Services, or entering into a contract with us, you consent to the practices outlined in this Privacy Policy.

2) Purpose of This Policy

• Transparency: Provide clarity on our data collection and usage practices.
• Your rights & choices: Explain how you can exercise control over your personal data.
• Compliance: Outline adherence to global data protection regulations, including:
  • General Data Protection Regulation (GDPR, EU)
  • California Consumer Privacy Act (CCPA, USA)
  • Health Insurance Portability and Accountability Act (HIPAA, USA) where applicable
  • Information Technology Act & SPDI Rules (India)
  • Other applicable data protection laws in countries where we operate

3) Scope

This Policy applies to:

• Visitors to our Website
• Clients purchasing Services, SaaS subscriptions, templates, or digital products
• Business partners, contractors, and affiliates sharing data with us

Exclusion: This Policy does not apply to third-party websites or platforms we do not control.

4) Definitions

• Personal Data: Information that identifies an individual (e.g., name, email, IP address).
• Non-Personal Data: Aggregated, anonymized, or statistical data.
• Processing: Any operation performed on data (collection, storage, usage, deletion).
• Controller: CodeWebster, when deciding why and how data is processed.
• Processor: Third-party vendors processing data on our behalf.

5) Information We Collect

5.1 Information You Provide

• Name, email, phone number, company details
• Billing and payment details
• Project files, documents, and instructions

5.2 Information Collected Automatically

• Website usage (pages viewed, time spent, navigation paths)
• IP address, browser type, device type, approximate geolocation
• Cookies, pixels, and log data

5.3 Information from Third Parties

• Referrals, marketing partners, or publicly available sources
• Third-party analytics and hosting platforms (e.g., Google Analytics, AWS, SEMrush)

6) Legal Basis for Processing

• Consent – when you accept cookies or voluntarily provide information
• Contractual necessity – to deliver Services
• Legitimate interest – improving security, analytics, communications
• Legal obligation – complying with tax, regulatory, or court orders

7) Use of Collected Information

• Deliver Services, projects, and subscriptions
• Communicate with you regarding proposals, projects, and support
• Improve Website performance and user experience
• Process payments and invoices
• Comply with global laws and regulations
• Protect against fraud, misuse, or unauthorized access

8) Cookies & Tracking Technologies

We use cookies, pixels, and local storage to analyze behavior and improve services.

• Essential cookies – required for basic functionality
• Analytics cookies – e.g., Google Analytics, SEMrush
• Marketing cookies – retargeting and campaign tracking

You may disable cookies in your browser; however, some features may not function.

9) Data Retention

• We retain data only as long as necessary for business, contractual, or legal purposes.
• Project data may be deleted or anonymized upon request after project completion.
• Legal and financial data may be retained for statutory periods (e.g., 7 years for invoices).

10) Data Security

• Encryption, secure servers, access controls, and firewalls to safeguard data
• Access limited to authorized personnel
• Important: Despite precautions, no system can be guaranteed 100% secure.

11) Data Sharing & Disclosure

We do not sell or rent personal data. We may share information with:

• Vendors & service providers – hosting, analytics, payment gateways
• Legal authorities – when required by law
• Business transfers – mergers, acquisitions, or restructuring

12) International Data Transfers

Data may be stored and processed across multiple countries. We ensure appropriate safeguards (e.g., Standard Contractual Clauses for GDPR).

13) Children’s Privacy

Our Website and Services are not directed at individuals under 18. We do not knowingly collect children’s data.

14) Third-Party Services

We integrate with third-party providers (AWS, Google APIs, SEMrush, Firebase, Stripe). Their use of data is governed by their own privacy policies.

15) User Rights

Depending on jurisdiction, Users may exercise rights including:

• Accessing and obtaining a copy of your data
• Rectifying inaccurate information
• Requesting deletion (“Right to be Forgotten”)
• Restricting or objecting to processing
• Data portability
• Withdrawing consent

Requests can be sent to info@codewebster.com.

16) CCPA Rights (California Residents)

• Know categories of data collected
• Request deletion of personal data
• Opt-out of “sale” of personal data (we do not sell data)

17) GDPR Rights (EU/EEA Clients)

• Transparency in data usage
• Lodge complaints with supervisory authorities
• Require that processing be restricted in certain cases

18) HIPAA Compliance (Healthcare Clients)

• When processing PHI, we follow HIPAA security and privacy guidelines
• Business Associate Agreements (BAAs) may be signed where applicable

19) Data Breach Protocol

• We investigate and mitigate any data breach immediately
• Affected individuals and regulators will be notified where required

20) Confidentiality Obligations

Both CodeWebster and Clients agree to maintain confidentiality of sensitive project information, unless disclosure is mandated by law.

21) Marketing & Communications

We may send newsletters, promotional emails, or updates. Users can opt-out anytime by clicking “unsubscribe” or emailing us.

22) Do Not Track (DNT) Signals

Our Website does not currently respond to “Do Not Track” signals from browsers.

23) Non-Solicitation of Employees

Clients may not solicit CodeWebster employees for 12 months after engagement.

24) Dispute Resolution

Disputes relating to this Policy are subject to laws of Mohali, Punjab, India. Exclusive jurisdiction lies with the courts of Mohali.

25) Force Majeure

We are not liable for data issues caused by events beyond our control (natural disasters, cyberattacks, government restrictions).

26) Liability Disclaimer

CodeWebster’s liability is limited to the amount paid by the Client for Services. We are not responsible for indirect, incidental, or consequential damages.

27) Changes to This Privacy Policy

We may update this Policy periodically. Updated versions will be posted on the Website with revised Effective Dates.

28) Severability

If any provision of this Privacy Policy is held invalid, the remaining provisions remain enforceable.

29) Entire Agreement

This Privacy Policy, together with our Terms & Conditions, forms the entire legal framework governing use of our Website and Services.

30) Contact Information