Privacy Policy

DEVMONKEY PRIVATE LIMITED

Last Updated: 10 July 2025

Version: 1.0

DEVMONKEY PRIVATE LIMITED and its affiliates (collectively, “DEVMONKEY”, “we”, “us”, or “our”) are committed to respecting your privacy and protecting your personal data. This Privacy Policy explains how we collect, use, store, share, and protect your information when you visit our website or engage our services.

By using our website or services, you acknowledge that you have read and understood this Privacy Policy.

1. User Privacy and Data Protection

We do not collect personal information without your knowledge or consent, except where required to provide our services or comply with legal obligations. Personal data is collected only when you voluntarily provide it (for example, via contact forms or service enquiries) or when it is required to deliver software consultancy services.

2. Applicable Legislation

Our privacy practices are designed to comply with applicable data protection and privacy laws, including:

  • UK General Data Protection Regulation (UK GDPR)

  • UK Data Protection Act 2018

  • EU General Data Protection Regulation (GDPR)

  • EU ePrivacy / Cookies Directive

  • California Consumer Privacy Act (CCPA/CPRA)

  • California Online Privacy Protection Act (CalOPPA)

  • Children’s Online Privacy Protection Act (COPPA)

  • Personal Information Protection and Electronic Documents Act (PIPEDA – Canada)

  • Information Technology Act & SPDI Rules, 2011 (India)

Compliance with these frameworks reflects our commitment to globally recognised privacy standards.

3. Personal Information We Collect

You may browse our website without providing personal data. However, we may collect limited technical information automatically, including:

  • IP address

  • Browser type and version

  • Operating system

  • Device type

  • Approximate geographic location

  • Pages visited and usage patterns

Information You Provide Voluntarily

When you contact us or engage our services, we may collect:

  • Name

  • Email address

  • Phone number

  • Company name

  • Project or service requirements

4. Purpose of Data Collection

We collect and process personal data for the following purposes:

  • Responding to enquiries and contact requests

  • Providing software consultancy and development services

  • Preparing proposals and quotations

  • Improving website performance and user experience

  • Security monitoring and fraud prevention

  • Compliance with legal and contractual obligations

5. Website Analytics

We use analytics tools such as Google Analytics to understand how visitors use our website. These tools collect aggregated and anonymised data such as:

  • Pages visited

  • Time spent on the site

  • Device and browser information

Google Analytics may process IP addresses, but we do not receive direct access to identifiable IP data.

You can disable cookies in your browser settings to prevent analytics tracking.

6. Contact Forms and Service Enquiries

When you submit a contact form or service enquiry:

  • The information is transmitted securely using TLS encryption

  • Data is received via secure email or stored in protected systems

  • Information is used only to respond to your request or provide services

We do not sell or rent contact data to third parties.

7. Storage and Security of Personal Data

We apply appropriate technical and organisational security measures, including:

  • Encryption of data in transit and at rest

  • Role-based access controls

  • Multi-factor authentication

  • Regular security patching and monitoring

  • Secure cloud infrastructure

  • Cyber Essentials–aligned security practices

Client data processed as part of consultancy services is handled strictly under contractual instructions and is not retained beyond necessity.

8. Disclosure and Third-Party Processing

We do not share personal data for marketing purposes without consent.

Personal data may be shared with trusted third parties only where necessary to deliver services, including:

  • AWS – Cloud hosting

  • Google Workspace / Microsoft 365 – Email and productivity

  • MongoDB Atlas – Database services

  • GitHub – Code repositories

  • Slack, Zoom, Notion – Collaboration and communication tools

All third-party processors are contractually bound by data protection obligations.

We may disclose information to regulatory or law-enforcement authorities where legally required.

9. Cookies

Our website uses cookies to enhance functionality and analyse usage.

Types of Cookies Used

  • Essential Cookies – Required for core site functionality

  • Analytics Cookies – Help us understand site usage

  • Preference Cookies – Store user settings

We do not store sensitive information such as passwords or payment details in cookies. You can manage or disable cookies through your browser settings.

10. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of those sites and encourage users to review their privacy policies before providing personal data.

11. International Data Transfers

As we operate from India and serve international clients, personal data may be transferred across borders. Where this occurs, we ensure appropriate safeguards, including:

  • Standard Contractual Clauses (SCCs)

  • UK International Data Transfer Agreement (IDTA)

  • Equivalent technical and organisational security measures

12. Data Breaches

We maintain documented incident response procedures. In the event of a personal data breach:

  • Incidents are assessed immediately

  • Clients are notified without undue delay

  • Regulatory authorities are notified within 72 hours where required

  • Remedial actions are taken to prevent recurrence

13. Your Rights

Under applicable data protection laws, you have the right to:

  • Access your personal data

  • Rectify inaccurate data

  • Request erasure

  • Restrict processing

  • Data portability

  • Object to processing

  • Withdraw consent (where applicable)

Requests can be made using the contact details below and will be handled within statutory timeframes.

14. Data Retention

We retain personal data only for as long as necessary:

  • Website enquiries: up to 3 years

  • Active client projects: project duration + 1 year

  • Completed projects: up to 5 years

  • Financial records: 7 years (legal requirement)

  • Marketing communications: until you unsubscribe

15. Data Controller

DEVMONKEY PRIVATE LIMITED

8/726, Vattappilly House

Malipuram PO, Vypin

Ernakulam, Kerala, India – 682511

Email: info@devmonkey.co.in

Phone: +91 8129504746

CIN: U72900KL2022PTC074507

16. Data Protection Officer

Data Protection Officer

DEVMONKEY PRIVATE LIMITED

Email: info@devmonkey.co.in

17. Complaints

If you have concerns about our data practices, you may contact us directly or complain with:

  • UK: Information Commissioner’s Office (ICO) – https://ico.org.uk

  • EU: Your local supervisory authority

  • India: Data Protection Authority (when established)

18. Policy Updates

We may update this Privacy Policy periodically. Any changes will be published on this page. Significant changes may be communicated directly where appropriate