GDPR

1. Personal Data We Collect

We collect personal data necessary to provide and improve our software engineering, consulting, and outsourcing services. This includes:

• Contact Information: Name, email address, phone number, company name, job title

• Account and Service Data: Login credentials, project details, service preferences, communication history

• Financial Data: Payment information, invoices, billing details (processed securely via third-party payment providers)

• Technical and Usage Data: IP address, device type, browser type, operating system, pages visited, time spent on our website, cookies, analytics data

• Communication Data: Emails, chat messages, phone conversations, support requests, or inquiries

We collect this information directly from you (forms, emails, calls) or automatically via website analytics and cookies.

2. How We Use Your Data

Your personal data is processed for legitimate business purposes, including but not limited to:

• Service Delivery: To provide software development, testing, embedded systems, AI/ML, cloud, and other solutions you requested

• Customer Support: To respond to inquiries, provide technical support, and resolve issues efficiently

• Marketing & Communication: Sending newsletters, service updates, and announcements only if you opt-in

• Website & Service Improvement: Analyzing usage patterns to enhance our website functionality, user experience, and service offerings

• Compliance & Legal Obligations: Maintaining records, fulfilling contracts, and meeting tax, legal, or regulatory requirements

We do not sell your personal data to third parties, and we only share it with authorized partners under strict agreements.

3. Legal Basis for Processing

Under GDPR, all personal data processing must have a lawful basis. We rely on:

1. Contractual Necessity: Processing personal data is necessary to provide the services you requested or to execute agreements.

2. Consent: We process personal data based on your explicit consent, such as subscribing to newsletters or promotional emails. You can withdraw consent at any time.

3. Legitimate Interests: We may process your data to operate our business efficiently, improve services, and ensure security, provided it does not override your privacy rights.

4. Legal Obligations: Compliance with laws, accounting rules, or court orders may require processing certain personal data.

4. Data Sharing & Third Party

Your personal data may be shared under strict conditions:

• Service Providers: Cloud hosting, email providers, analytics tools, IT maintenance partners

• Legal & Regulatory Authorities: If required by law, regulation, or judicial proceedings

• Corporate Transactions: In the event of a merger, acquisition, or business transfer, with safeguards to protect your data

All third parties are required to maintain GDPR compliance and confidentiality.

5. Data Retention

We retain personal data only as long as necessary for:

• Fulfilling contractual obligations and project delivery

• Legal compliance and tax reporting requirements

• Supporting business operations, audits, or internal analytics

After this period, personal data is securely deleted, anonymized, or aggregated to ensure privacy.

6. Your GDPR Rights

Under GDPR, you have the following rights regarding your personal data:

• Right of Access: You can request a copy of the data we hold about you

• Right to Rectification: Correct any inaccurate or incomplete information

• Right to Erasure (“Right to be Forgotten”): Request deletion of your data when no longer necessary

• Right to Restrict Processing: Limit how we process your data

• Right to Object: Object to processing for marketing or legitimate interests

• Right to Data Portability: Receive your data in a structured, machine-readable format

• Right to Withdraw Consent: Stop any processing based on your prior consent at any time

To exercise your rights, contact our Data Protection Officer at:
Email: [email protected]

We will respond promptly, typically within one month, as required by GDPR.

7. Security Measures

We implement technical and organizational safeguards to protect your personal data, including:

• Encrypted storage and secure communication protocols (HTTPS/SSL)

• Access controls, authentication, and limited permissions

• Regular monitoring, vulnerability assessments, and data backups

• Staff training on privacy and data protection best practices

Despite these measures, no system is completely secure. We encourage you to follow safe practices when sharing data online.

8. Cookies & Tracking

Our website uses cookies and tracking tools to enhance your experience:

• Essential Cookies: Required for website functionality

• Analytics Cookies: Help analyze usage and improve content and navigation

• Marketing Cookies: For optional promotional communications and campaigns

You can manage cookie preferences in your browser settings or via the cookie banner.

9. Children’s Privacy

Our services are intended for professional clients and adults. We do not knowingly collect personal data from children under 16. If we become aware that we have inadvertently collected data from a child, we will promptly delete it.

10. Changes to This Policy

We may update this policy to reflect legal, technological, or operational changes.

• Effective date is updated each time the policy changes

• Users are encouraged to review the policy periodically for updates

11. Contact Us

For questions, concerns, or requests related to your personal data:

WideXP
Email: contact@widexp.com
Website: https://widexp.com