# PRIVACY POLICY

**Effective Date: [September 23, 2024]  
**Last Updated: [July 30, 2025]  
**Website: [https://diwebconsultix.com/]  
**Data Controller: [DIWConsultix]  

## 1. Scope & Consent  
This policy applies to all data collected through [https://diwebconsultix.com/] and associated IT services (software development , Website design, development, SEO, digital marketing, and many more... ). By using our services, you consent to the practices described below.  

## 2. Data We Collect  

*** A. Directly Provided Data:  

__________________________________________________________________________________
| Data Type          | Collection Method          | Examples                     |
|--------------------|----------------------------|------------------------------|
| Contact Info       | Contact forms              | Name, email, phone           |
| Business Contact   | Contact forms/agreements   | Name, company, email, phone  |
| Payment Information| Stripe integration         | Billing address, card details|
| Service Data       | Project tools              | Technical requirements, logs |
----------------------------------------------------------------------------------

*** B. Automatically Collected Data:  

__________________________________________________________________________________
| Data Type          | Technology Used            | Purpose                      |
|--------------------|----------------------------|------------------------------|
| Device/Usage       | Cookies, server logs       | IP address, browser type     |
| Analytics          | Google Analytics           | Traffic analysis             |
| Marketing          | HubSpot cookies            | Campaign tracking            |
----------------------------------------------------------------------------------

## 3. How We Use Your Data 

 __________________________________________________________________________
| Purpose               | Data Used             | Legal Basis (GDPR)       |
|-----------------------|-----------------------|--------------------------|
| Service Delivery      | Contact + Service     | Contract Performance     |
| Payment Processing    | Payment Data          | Legal Obligation         |
| Client Communications | Contact Data          | Legitimate Interest      |
| Marketing             | Email/Company         | Consent                  |
| Security Improvement  | IP/Usage Data         | Legitimate Interest      |
----------------------------------------------------------------------------

## 4. Third-Party Data Sharing 
 _________________________________________________________________________________________________
| Recipient         | Data Shared            | Purpose                | Safeguards               |
|-------------------|------------------------|------------------------|--------------------------|
| Stripe            | Payment details        | Transaction processing | PCI-DSS compliance       |
| HubSpot           | Contact data           | CRM management         | GDPR DPA                 |
| Google Analytics  | Anonymized usage       | Traffic analysis       | IP anonymization         |
| AWS               | All data               | Cloud hosting          | AES-256 encryption       |
--------------------------------------------------------------------------------------------------


## 5. Data Security  

- **Encryption: SSL/TLS 1.2+ for data transfers  
- **Access Controls: Role-based permissions with MFA  
- **Audits: Quarterly vulnerability scans  
- **Breach Response: 72-hour notification (GDPR)  

## 6. Your Rights  
________________________________________________________________________________________________
| Right               | Description                             | Request Method               |
|---------------------|-----------------------------------------|------------------------------|
| Access              | Obtain copy of your data                | Email privacy@yourdomain.com |
| Deletion            | Request data erasure                    | 30-day response              |
| Opt-out             | Unsubscribe from marketing              | Link in emails               |
| Portability         | Receive data in machine-readable format | Verified request             |
------------------------------------------------------------------------------------------------

## 7. Cookies & Tracking  

______________________________________________________________________________
| Cookie Type       | Purpose                    | Management Option         |
|-------------------|----------------------------|---------------------------|
| Essential         | Site functionality         | No opt-out                |
| Analytics         | Traffic measurement        | Opt-in via cookie banner  |
| Marketing         | Ad personalization         | Opt-in via cookie banner  |
------------------------------------------------------------------------------

## 8. Children’s Privacy  

Services are **strictly for users 13+**. We do not knowingly collect data from minors.  

## 9. Data Retention 
 
____________________________________________________________________________
| Data Type         | Retention Period        | Reason                     |
|-------------------|-------------------------|----------------------------|
| Contact Data      | 5 years post-interaction| Business relationships     |
| Payment Records   | 7 years                 | Legal compliance           |
| Analytics         | 26 months               | Google Analytics default   |
----------------------------------------------------------------------------

## 10. Policy Updates 
 
Material changes notified via email 30 days in advance.  

**Contact: info@diwebconsultix.com |