Privacy Policy

1. Information We Collect

We collect various types of information in connection with your use of our Services, including information you provide directly, information collected automatically, and information from third-party sources.

1.1 Information You Provide Directly

• Contact Information: Name, email address, phone number, job title, and company/organization name when you fill out contact forms, request a consultation, or subscribe to our newsletter.
• Account Information: Username, password, and profile details if you create an account or client portal access.
• Project and Business Information: Details about your project requirements, business needs, industry, and budget range when you engage our services.
• Payment Information: Billing name, billing address, and payment card details. Note: Full payment card numbers are processed directly by our PCI-DSS compliant payment processors and are not stored on our servers.
• Communications: Messages, emails, and other correspondence you send to us, including support requests and feedback.
• Employment Information: Resume, cover letter, work history, and other information provided when applying for a position with us.

1.2 Information Collected Automatically

• Device and Browser Information: IP address, browser type and version, operating system, device identifiers, and screen resolution.
• Usage Data: Pages visited, time spent on pages, links clicked, referring and exit URLs, search queries on our site, and navigation paths.
• Log Data: Server logs that record your requests to our servers, including date and time of access, HTTP method, and response codes.
• Location Data: General geographic location inferred from your IP address (country, state, or city level). We do not collect precise GPS location without explicit consent.
• Cookies and Similar Technologies: Data collected through cookies, web beacons, pixels, local storage, and similar tracking technologies (see Section 7 for details).

1.3 Information from Third Parties

• Analytics Providers: Aggregated and de-identified data from services like Google Analytics to help us understand site usage.
• Social Media Platforms: If you interact with us via social media or use social login features, we may receive information consistent with your privacy settings on those platforms.
• Referral Partners: Information from business partners who refer you to our services.

2. How We Collect Information

We collect information through the following means:

• Directly from you when you complete forms, make inquiries, or engage our services
• Automatically through your use of our website via cookies and tracking technologies
• From third-party analytics and marketing partners
• Through business communications, including email and phone
• From publicly available sources in connection with due diligence or business development

3. How We Use Your Information

We use the information we collect for the following purposes:

3.1 Service Delivery

• To provide, operate, and deliver the services you request
• To process transactions and send related information, including purchase confirmations and invoices
• To manage your account and provide client portal access
• To communicate with you about your projects, deliverables, and timelines

3.2 Communication and Marketing

• To respond to your inquiries, comments, and requests
• To send administrative information, such as changes to our terms and policies
• To send promotional communications, case studies, and service updates — but only where you have given consent or where we have a legitimate business interest, and you retain the right to opt out at any time

3.3 Improvement and Analytics

• To analyze usage patterns and improve our website and services
• To perform research and development to enhance our offerings
• To monitor and improve the performance and security of our systems

3.4 Legal and Compliance

• To comply with applicable laws, regulations, legal processes, or governmental requests
• To enforce our Terms of Service and other agreements
• To detect, prevent, and address fraud, security breaches, and other harmful or illegal activity
• To protect the rights, property, and safety of FancyTech Industries, our clients, and the public

4. Legal Bases for Processing (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, we process your personal data only when we have a valid legal basis to do so, as follows:

• Contract Performance: Processing is necessary to perform a contract with you or to take steps at your request before entering into a contract.
• Legitimate Interests: Processing is necessary for our legitimate business interests, such as improving our services, preventing fraud, and direct marketing to existing clients, provided those interests are not overridden by your rights.
• Legal Obligation: Processing is necessary to comply with a legal obligation to which we are subject.
• Consent: Where you have given us explicit consent to process your personal data for a specific purpose, such as receiving marketing emails. You may withdraw consent at any time without affecting the lawfulness of prior processing.
• Vital Interests: In rare circumstances, processing may be necessary to protect someone's life.

5. Information Sharing and Disclosure

We do not sell, rent, or trade your personal information to third parties for their independent marketing purposes. We may share your information in the following limited circumstances:

5.1 Service Providers

We engage trusted third-party service providers who process data on our behalf, subject to confidentiality obligations and data processing agreements. These include:

• Cloud hosting and infrastructure providers
• Payment processing companies (PCI-DSS compliant)
• Email and communication service providers
• Analytics and performance monitoring tools
• Customer relationship management (CRM) platforms
• Accounting and invoicing software

5.2 Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our assets, your personal information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our website prior to your data being subject to a different privacy policy.

5.3 Legal Requirements

• When required by applicable law, regulation, legal process, or enforceable governmental request
• To enforce our Terms of Service or other agreements, including investigation of potential violations
• To detect, prevent, or address fraud, security breaches, technical issues, or illegal activity
• To protect the rights, property, or safety of FancyTech Industries, our users, or the public

5.4 With Your Consent

We may share your information with third parties when you have given us your explicit consent to do so.

6. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Our general retention practices are:

• Account Data: Retained for the duration of your relationship with us, plus up to 7 years thereafter for legal and accounting purposes, unless you request deletion sooner.
• Project and Contract Data: Retained for a minimum of 7 years from project completion to comply with legal, tax, and contractual obligations.
• Marketing Preferences: Retained until you withdraw consent or opt out, plus a reasonable period to process your request.
• Website Analytics: Aggregated analytics data may be retained indefinitely; identifiable data is typically retained for no more than 26 months.
• Job Applications: Retained for up to 2 years after the position is filled, in case a future suitable role arises, unless you request earlier deletion.
• Legal Hold: Data subject to ongoing litigation or regulatory investigation will be retained until the matter is fully resolved.

7. Cookies and Tracking Technologies

We use cookies and similar tracking technologies on our Site. By using our Site, you consent to the use of cookies as described in this section.

7.1 Types of Cookies We Use

• Strictly Necessary Cookies: Essential for the operation of our website, such as security cookies and session management. These cannot be disabled without impairing site functionality.
• Performance and Analytics Cookies: Collect anonymous information about how visitors use our site (e.g., Google Analytics), helping us improve user experience.
• Functionality Cookies: Remember your preferences and choices, such as language selection and form auto-fill.
• Marketing and Targeting Cookies: Used to deliver relevant advertisements and track the effectiveness of marketing campaigns. These are only placed with your prior consent.

7.2 Managing Cookies

You can control and manage cookies in several ways:

• Browser Settings: Most browsers allow you to refuse, delete, or selectively accept cookies. Please refer to your browser's help documentation for instructions.
• Google Analytics Opt-Out: You can opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on.
• Do Not Track: We honor "Do Not Track" signals from web browsers. When a DNT signal is detected, we will not set non-essential tracking cookies.

Please note that disabling certain cookies may affect the functionality of our website and prevent you from accessing some features.

8. Data Security

We implement and maintain appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. Our security practices include:

• Encryption of data in transit using TLS/SSL protocols
• Encryption of sensitive data at rest
• Regular security assessments and vulnerability testing
• Access controls and role-based permissions limiting staff access to personal data
• Multi-factor authentication for system access
• Regular data backups with secure offsite storage
• Employee training on data protection and security best practices
• Incident response procedures for identifying and addressing data breaches

Data Breach Notification: In the event of a data breach that is likely to result in a high risk to your rights and freedoms, we will notify you without undue delay and, where required, notify the relevant supervisory authority within 72 hours of becoming aware of the breach, as required by the GDPR and applicable laws.

Despite our best efforts, no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security. You share information with us at your own risk.

9. International Data Transfers

FancyTech Industries is headquartered in the United States. If you are accessing our Services from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States, where our servers are located and our central database is operated.

If you are located in the EEA, UK, or Switzerland, we ensure that any transfer of your personal data to a third country is subject to appropriate safeguards, including:

• Transfers to countries recognized by the European Commission as providing an adequate level of data protection
• Standard Contractual Clauses (SCCs) approved by the European Commission
• Binding Corporate Rules where applicable
• Your explicit consent, where no other appropriate safeguard is available

By using our Services, you consent to the transfer of your information to the United States and other countries, which may have different data protection rules than those in your country.

10. Your Privacy Rights

Depending on your jurisdiction, you may have the following rights with respect to your personal information. To exercise any of these rights, please contact us using the details in Section 15.

• Right of Access (Art. 15 GDPR): You have the right to request a copy of the personal data we hold about you and information about how we process it.
• Right to Rectification (Art. 16 GDPR): You have the right to request correction of inaccurate or incomplete personal data we hold about you.
• Right to Erasure / "Right to be Forgotten" (Art. 17 GDPR): You have the right to request deletion of your personal data, subject to certain exceptions (e.g., where we are required by law to retain it).
• Right to Restrict Processing (Art. 18 GDPR): You have the right to request that we limit how we use your personal data in certain circumstances.
• Right to Data Portability (Art. 20 GDPR): You have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit it to another controller.
• Right to Object (Art. 21 GDPR): You have the right to object to the processing of your personal data for direct marketing purposes or where we rely on legitimate interests as our legal basis.
• Right to Withdraw Consent: Where processing is based on your consent, you have the right to withdraw that consent at any time without affecting the lawfulness of processing before withdrawal.
• Right Not to be Subject to Automated Decisions: You have the right not to be subject to decisions based solely on automated processing that produce legal or similarly significant effects.
• Right to Lodge a Complaint: If you are in the EEA, you have the right to lodge a complaint with a supervisory authority, in particular in the EU Member State of your habitual residence, place of work, or place of the alleged infringement.

We will respond to all legitimate requests within 30 days. In complex cases or where we receive a high volume of requests, we may extend this period by up to two additional months and will notify you accordingly.

11. California Privacy Rights (CCPA/CPRA)

If you are a California resident, the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), grants you specific rights regarding your personal information:

• Right to Know: You may request that we disclose the categories and specific pieces of personal information we have collected about you, the categories of sources from which it was collected, the business or commercial purpose for collection, and the categories of third parties with whom we share it.
• Right to Delete: You may request that we delete personal information we have collected about you, subject to certain exceptions.
• Right to Correct: You may request that we correct inaccurate personal information we maintain about you.
• Right to Opt-Out of Sale or Sharing: We do not sell your personal information. We do not share your personal information with third parties for cross-context behavioral advertising.
• Right to Limit Use of Sensitive Personal Information: You may direct us to limit our use of sensitive personal information to what is necessary to provide the services.
• Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights.

To exercise your California privacy rights, you or your authorized agent may submit a verifiable consumer request to us by email at info.ftechindustries@gmail.com with the subject line "CCPA Privacy Request." We may require additional information to verify your identity before processing your request.

Categories of Personal Information Collected in the Past 12 Months: Identifiers (name, email, IP address), commercial information (service inquiries and transaction history), internet or electronic network activity (browsing data), and professional or employment-related information (for job applicants).

12. Children's Privacy

Our Services are not directed to, and we do not knowingly collect personal information from, individuals under the age of 18. If you are under 18, please do not use our Services or provide any personal information to us.

If you are a parent or guardian and you believe your child under the age of 18 has provided us with personal information, please contact us immediately at info.ftechindustries@gmail.com. Upon verification, we will take steps to promptly delete such information from our records.

We comply with the Children's Online Privacy Protection Act (COPPA) and will not knowingly collect personal information from children under 13 years of age without verifiable parental consent.

13. Third-Party Links and Services

Our website may contain links to third-party websites, applications, or services that are not operated by us. If you click on a third-party link, you will be directed to that third party's site. We strongly advise you to review the Privacy Policy and terms of service of every site you visit.

We have no control over, and assume no responsibility for, the content, privacy policies, or practices of any third-party websites or services. Our inclusion of a link to any third-party site does not imply our endorsement of that site or its privacy practices.

Our website may use third-party services including Google Analytics, social media plugins, and embedded content from other websites. These services may collect information about you in accordance with their own privacy policies. We encourage you to review the privacy policies of these third-party services.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

• Update the "Last updated" date at the top of this page
• Post the revised policy on this page with a prominent notice of the changes
• Where required by law, notify you by email or through our Services
• Obtain your consent where required by applicable law

Your continued use of our Services after the effective date of any changes constitutes your acceptance of the updated Privacy Policy. If you do not agree to the updated terms, please discontinue use of our Services.

15. Contact Us / Data Protection Officer

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

If you are located in the EEA and are not satisfied with our response to your privacy concern, you have the right to lodge a complaint with your local data protection supervisory authority.