Privacy Policy.
What we collect, why we collect it, how long we keep it, and what you can do about it. Written in plain English, not legalese.
1. Who we are.
Devmint Technologies (referred to as “Devmint”, “we” or “us”) is an AI-native software studio headquartered in Chandigarh, India. We operate the website at devminttech.com and deliver engineering services to clients in India and worldwide.
This policy explains how we handle personal data of website visitors, prospective clients, active clients, vendors and applicants. It does not cover personal data we process on behalf of clients — that's governed by the data-processing agreement in each engagement.
2. What we collect.
We deliberately collect as little as we need. The categories below cover everything.
- Inbound enquiries — name, work email, company, country, the brief you send through the contact form, and any attachment links you share.
- Communications — emails, calendar invites, transcripts of recorded discovery calls (only with explicit consent), and Slack or other workspace messages where you invite us.
- Engagement data — contracts, invoices, payment records, and the technical artefacts produced during a project. Source code we ship lives in your repositories, not ours.
- Site analytics — privacy-friendly aggregate analytics via Plausible (no cookies, no IP storage). We don't run Google Analytics, fingerprinting, or third-party ad pixels on this site.
- Operational logs — server access logs and error traces, retained 30 days for security and debugging.
We do not collect: personal data of EU residents under 16, biometrics, location beyond country level, or any sensitive special-category data.
3. Why we collect it.
Each category has a specific purpose and lawful basis.
- Contact-form data — to reply to your enquiry and scope a potential engagement. Lawful basis: legitimate interest in providing the service you requested.
- Engagement data — to deliver and account for contracted services. Lawful basis: performance of contract.
- Analytics — to understand which pages help prospective clients reach us. Aggregate only; no individual profiling.
- Operational logs — to keep the site secure and debug failures. Lawful basis: legitimate interest in operational security.
We do not sell, rent or share personal data with third parties for advertising or marketing purposes — ever.
4. Where we store it.
Primary operational data sits on infrastructure provided by AWS (Mumbai region for India-origin data, Frankfurt for EU-origin data) and Postmark. Contracts and financial records live in encrypted document storage with access limited to Devmint principals.
Standard retention periods:
- Contact-form data — up to 24 months from last contact, then deleted.
- Engagement records — 7 years from end of engagement, as required by Indian tax and contract law.
- Operational logs — 30 days.
- Analytics — aggregate counters with no personal data; retained indefinitely.
6. Your rights.
If you are an individual whose personal data we hold, you can ask us to:
- Confirm what we hold about you and provide a copy (right of access).
- Correct anything that's wrong (right of rectification).
- Delete data we no longer have a lawful reason to keep (right of erasure).
- Stop using your data for a specific purpose (right to object).
- Receive your data in a portable machine-readable format (right of portability).
Send any request to privacy@devminttech.com. We respond within 30 days. If we cannot fulfil a request (for example, because we still need the data to perform a contract), we will say so in writing with the reason.
8. Contact.
For any privacy-related question, including data-subject requests and complaints, reach the Devmint Data Protection lead at privacy@devminttech.com. We will engage in good faith. If you remain unsatisfied, you have the right to lodge a complaint with the relevant supervisory authority.
Devmint Technologies · Chandigarh, India · privacy@devminttech.com