Privacy Notice

Introduction

DEVTOWER LTD (“DEVTOWER”, “we”, or “us”) is committed to protecting your privacy and personal data. This Privacy Notice explains how we collect, use, share, and safeguard your personal information when you use our global consulting services for technical implementation and business idea development or improvement. It also outlines your rights regarding your personal data and how you can exercise them, in compliance with the UK General Data Protection Regulation (UK GDPR) and applicable data protection laws.

Who We Are (Data Controller)

DEVTOWER LTD is a company based in the United Kingdom that provides consulting services worldwide. For the purposes of data protection law, DEVTOWER LTD is the “data controller” of your personal data. This means we determine how and why your personal data is processed. If you have any questions about this notice or our data practices, you can find our contact information in the “Contact Us” section below.

Personal Data We Collect

We only collect personal data that is relevant for the purposes described in this notice. This typically includes:

We may also collect any other information you voluntarily provide to us. For example, this could include details you share when contacting us (such as your company name, job title, or the content of your inquiries) or information related to your project needs.

Purposes and Legal Bases for Using Personal Data

We use your personal data only for specified, explicit, and legitimate purposes. For each purpose, we rely on a lawful basis under the UK GDPR. These purposes and their legal bases include:

We will not use your personal data for any purpose that is incompatible with the purposes outlined above without first obtaining your consent or unless required/permitted by law.

Data Sharing with Third Parties

We do not sell or trade your personal information. However, we may share your personal data with selected third parties in order to run our business and provide our services, as described below. In all cases, we only share the minimum information necessary and ensure appropriate confidentiality and contractual safeguards are in place:

Any third parties with whom we share your data are required to use it only for the purposes we’ve specified and to protect it in accordance with data protection law. We do not allow our third-party processors to use your personal data for their own marketing or other purposes.

Data Storage and International Transfers

Storage Locations: Your personal data is stored on secure systems. We primarily use cloud-based services and IT systems to run our business, which means your data may be stored in data centers within the UK or in other countries, depending on where our service providers’ servers are located. We strive to choose reputable providers with robust security standards.

International Data Transfers: Because we serve customers globally and use cloud services, your personal data may be transferred to or accessed in countries outside of the United Kingdom. In particular, some of our third-party service providers (for example, CRM or analytics platforms) might be located outside the UK or the European Economic Area (EEA) – for instance, in the United States or other jurisdictions.

Whenever we transfer your personal data internationally, we take steps to ensure an adequate level of protection for your information in line with UK GDPR requirements. These safeguards may include:

You can contact us if you have questions about our international data transfer safeguards. We will ensure that your personal data, no matter where it is processed, remains protected and handled in accordance with this Privacy Notice.

Data Security

We take the security of your personal data seriously. DEVTOWER LTD has implemented appropriate technical and organizational measures to protect your information from unauthorized access, loss, misuse, or alteration. These measures include, for example, using secure servers and encryption technologies, maintaining up-to-date security software, restricting access to personal data to authorized personnel, and providing training to our staff on data protection. While we strive to protect your information, please note that no method of transmission over the internet or electronic storage is 100% secure; however, we continuously review and enhance our security practices to mitigate any risks.

Data Retention

We will retain your personal data only for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

In practice, this means: if you become a client, we will keep your personal data for the duration of our consulting engagement and for an appropriate period afterwards. This post-engagement retention period allows us to effectively manage our business records, handle any follow-up issues or legal obligations, and maintain records for tax and financial compliance. If you contact us for an inquiry but do not become a client, we will retain your information for only as long as needed to address your inquiry and a short period thereafter in case you have additional questions or to follow up on potential services.

The exact length of time we keep data may vary depending on the context and our legal obligations. For example, financial records (which may include personal data such as your name on an invoice) might be kept for [e.g., six years] to comply with UK tax law and accounting requirements. After our retention periods end, we will either securely delete your personal data or anonymize it (so that it can no longer be associated with you).

If you would like more information about our data retention practices (for example, the specific retention period for a certain type of record), you can contact us using the details below.

Your Rights Under Data Protection Law

Under the UK GDPR (and similar data protection laws), you have several rights regarding your personal data. We respect your rights and have processes in place to help you exercise them. Your rights include:

Exercising Your Rights: You can exercise any of your rights at any time by contacting us (see the “Contact Us” section below). We will respond to your requests as soon as possible, and in any event within the timeframes required by law (generally within one month). We may need to ask you for certain information to verify your identity before we can fulfill your request, to ensure we don’t disclose data to the wrong person. Exercising your rights is free of charge in most cases. If your request is unusually complex or repetitive, we will let you know if extra time is needed or if a fee might apply (but we will always explain the reason and your options in such cases).

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Notice or how DEVTOWER LTD handles your personal data, please contact us. The best way to reach us is via email:

Email: ivan@devtower.io

This email is monitored by our team (you can address it to Ivan, who handles privacy inquiries). We take privacy questions seriously and will do our best to provide prompt and helpful responses. Whether you want to access or correct your data, withdraw consent, or simply ask a question about our privacy practices, please feel free to contact us at any time.

Complaints and Further Guidance

We hope to resolve any privacy-related issues directly and promptly. However, if you are unhappy with how we have handled your personal data or addressed your concerns, you have the right to lodge a complaint with the relevant supervisory authority.

As DEVTOWER LTD is based in the United Kingdom, our lead supervisory authority is the UK Information Commissioner’s Office (ICO). You can contact the ICO or find more information on their website. The ICO can be reached as follows:

Filing a complaint with the ICO will not affect any other legal rights or remedies you have. If you reside outside the UK, you may also have the right to lodge a complaint with the data protection authority in your country of residence.

We encourage you to contact us first to see if we can address your concerns directly, but you are free to approach the ICO at any time.

Updates to this Privacy Notice

We may update this Privacy Notice from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. If we make significant changes, we will notify you either by email or by placing a prominent notice on our website. The “last updated” date below indicates when this notice was most recently revised. We encourage you to review this Privacy Notice periodically to stay informed about how we are protecting your information.

Last updated: May 15, 2025.