Privacy Policy

1. Introduction

Deployd ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our website, services, and products.

We provide enterprise-grade testing and quality assurance services, including Testing as a Service (TaaS), MVP Development, ERP Testing, and Worksoft Partnership services to businesses worldwide.

2. Data Controller Information

United States Entity:

Deployd
12645 Olive Blvd, 2nd Floor
Creve Coeur, MO 63141
United States

India Entity:

Deployd
9th Floor, Brigade IRV
Nallurhalli Road, Nallurhalli
Whitefield, Bengaluru
Karnataka 560066
India

Privacy Inquiries: For all privacy-related questions, please contact us at [email protected]

3. Personal Data We Collect

3.1 Information You Provide Directly

Contact Forms: Name, email address, company name, message content, service interest
Newsletter Subscriptions: Email address, subscription preferences, source attribution
Service Requests: Business contact information, project requirements, technical specifications
Account Creation: Name, email address, password (securely hashed), company details, job title
Communications: Any information you provide when communicating with us via email, phone, or other channels

3.2 Automatically Collected Information

Log Data: IP addresses, browser type and version, device information, operating system
Cookies and Similar Technologies: Session cookies, analytics cookies, preference cookies (see Cookie Policy)
Analytics Data: Page views, session duration, referral sources, user journey through our website
Performance Data: Application usage metrics, error logs, feature usage statistics

3.3 Third-Party Sources

Professional networking platforms (e.g., LinkedIn) if you interact with our business profiles
Email validation and verification services
Marketing and analytics platforms that comply with applicable privacy laws

4. How We Use Your Personal Data

4.1 Legal Bases for Processing (GDPR)

We process your personal data based on the following legal grounds:

Contract Performance: Processing necessary to deliver our Testing as a Service, MVP Development, ERP Testing, and other services
Legitimate Interest: Business development, marketing to business contacts, service improvement through analytics, fraud prevention, and security
Consent: Newsletter subscriptions, optional cookies, marketing communications (with opt-out rights)
Legal Obligation: Tax compliance, regulatory requirements, response to legal requests

4.2 Specific Uses

Providing and delivering our testing, QA, and development services
Processing and responding to inquiries, support requests, and service communications
Sending newsletters, blog updates, and educational content (with your consent)
Analyzing and improving our services, website functionality, and user experience
Marketing our services to business contacts (B2B marketing with opt-out rights)
Preventing fraud, ensuring security, and protecting our legal rights
Complying with legal obligations and resolving disputes

5.1 We Share Data With:

Service Providers: Hosting providers (Vercel, AWS), email services, analytics platforms (Google Analytics), CRM systems, payment processors
Business Partners: Worksoft (for partnership services and joint client projects)
Legal Requirements: Law enforcement, regulatory authorities, courts when legally required or to protect our rights
Business Transfers: In the event of a merger, acquisition, bankruptcy, or sale of assets, your data may be transferred to the acquiring entity

5.2 We DO NOT:

Sell your personal data to third parties for monetary compensation
Share your data for third-party marketing purposes without your explicit consent
Use your data in ways incompatible with the purposes described in this policy

6. Data Retention

We retain personal data only as long as necessary for the purposes outlined in this policy or as required by law:

Active Customers: Duration of business relationship + 7 years (for tax, accounting, and legal compliance)
Contact Form Submissions: 3 years from submission date
Newsletter Subscribers: Until unsubscribe + 30 days (to process opt-out requests)
Analytics Data: 26 months (Google Analytics standard retention)
Session Cookies: Until browser session ends
Persistent Cookies: Up to 2 years, depending on cookie type
Legal/Compliance Records: As required by applicable law (typically 7 years)

After retention periods expire, we securely delete or anonymize personal data unless ongoing retention is legally required.

7. Your Privacy Rights

7.1 GDPR Rights (for EU/EEA Residents)

Right to Access: Request a copy of your personal data (response within 30 days)
Right to Rectification: Correct inaccurate or incomplete data
Right to Erasure: Request deletion of your data ("right to be forgotten"), subject to legal exceptions
Right to Restriction: Limit how we process your data in certain circumstances
Right to Data Portability: Receive your data in a machine-readable format
Right to Object: Object to processing based on legitimate interest or for direct marketing
Right to Withdraw Consent: Withdraw consent for processing that requires it
Right to Lodge a Complaint: File a complaint with your local supervisory authority

7.2 CCPA/CPRA Rights (for California Residents)

Right to Know: What personal information we collect, use, disclose, and sell
Right to Delete: Request deletion of your personal information
Right to Correct: Request correction of inaccurate personal information
Right to Opt-Out: Opt out of "sale" or "sharing" of personal information (Note: We do not sell personal information)
Right to Limit: Limit use and disclosure of sensitive personal information
Right to Non-Discrimination: Equal service and pricing regardless of exercising privacy rights

7.3 How to Exercise Your Rights

To exercise any of these rights, please contact us:

Email: [email protected]
Mail: Send written requests to either our US or India address listed above

We will respond to your request within 30 days (GDPR) or 45 days (CCPA), and may require verification of your identity to process your request securely.

8. Cookies and Tracking Technologies

8.1 Types of Cookies We Use

Strictly Necessary Cookies: Essential for website functionality, session management, and authentication (no consent required)
Performance/Analytics Cookies: Google Analytics for usage tracking and website optimization (consent required in EU)
Functional Cookies: Remember your preferences, language settings, and customizations (consent required)
Marketing Cookies: Track your interactions for remarketing and conversion measurement (consent required)

8.2 Managing Cookies

You can manage cookies through:

Your browser settings (most browsers allow you to refuse cookies)
Our cookie consent banner (for EU visitors)
Third-party opt-out tools: Google Analytics Opt-Out

Note: Disabling necessary cookies may affect website functionality.

9. International Data Transfers

Deployd operates in both the United States and India. Your personal data may be transferred to, stored, and processed in either country or by service providers in other countries.

For data transfers from the EU/EEA, we ensure adequate protection through:

Standard Contractual Clauses (SCCs) approved by the European Commission
Adequacy decisions where applicable
Other legal transfer mechanisms as permitted by GDPR

10. Data Security

We implement industry-standard security measures to protect your personal data:

Encryption in Transit: TLS/SSL encryption for all data transmitted over the internet
Encryption at Rest: Database encryption and secure storage systems
Access Controls: Role-based access, multi-factor authentication, and least-privilege principles
Regular Security Audits: Vulnerability assessments and penetration testing
Employee Training: Regular data protection and security awareness training
Incident Response: Documented procedures for detecting, reporting, and responding to security breaches

In the event of a data breach affecting your personal information, we will notify you and relevant authorities as required by law (within 72 hours for GDPR compliance).

11. Children's Privacy

Our services are designed for businesses and professionals. We do not knowingly collect personal information from individuals under 16 years of age (GDPR) or 13 years of age (COPPA).

If you are a parent or guardian and believe we have collected information from your child, please contact us at [email protected], and we will promptly delete such information.

12.1 Subscription Process

When you subscribe to our newsletter, we collect your email address and track the subscription source for attribution. We may send you:

Blog updates and new content announcements
Product and service announcements
Case studies and success stories
Educational content related to testing, QA, and software development

12.2 Unsubscribe Rights

You can unsubscribe at any time by:

Clicking the "Unsubscribe" link in any marketing email
Emailing us at [email protected]

We will process your opt-out request within 10 business days.

13. Third-Party Websites and Services

Our website may contain links to third-party websites, including Worksoft, client websites, technology partners, and social media platforms. This Privacy Policy does not apply to those third-party sites.

We are not responsible for the privacy practices of third parties. We encourage you to review the privacy policies of any third-party websites you visit.

14. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, legal requirements, or business operations. When we make significant changes, we will:

Update the "Last Updated" date at the top of this policy
Notify you via email (for material changes affecting subscribers)
Display a prominent notice on our website

Your continued use of our services after changes become effective constitutes acceptance of the updated policy.

15. Contact Information

For privacy-related questions, concerns, or to exercise your rights, please contact us:

Privacy Inquiries:

Email: [email protected]

United States Office: