Back to Home

Privacy Policy

Effective Date: January 22, 2026
Last Updated: January 22, 2026

SubSecond Labs ("Company", "We", "Us", or "Our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or engage our web engineering services.

1. Information We Collect

We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device ("Personal Information").

  • Personal Identifiers: Real name, email address, postal address, and phone number (collected via inquiry forms, contracts, or billing details).
  • Business Data: Company URL, server logs, tech stack configurations, and project assets required for service delivery.
  • Technical Data: Internet Protocol (IP) address, browser type, operating system, and interaction data (collected automatically via server logs and cookies).

2. Legal Basis for Processing (GDPR)

We process your personal data under the following legal bases:

  • Contractual Necessity: Processing is required to fulfill our service agreement with you (e.g., building your website, sending invoices).
  • Legitimate Interests: Processing is necessary for our business interests (e.g., fraud prevention, network security, and improving our services).
  • Legal Obligation: Processing is required to comply with tax and accounting laws in India.

3. How We Use Your Information

  • To provide, maintain, and improve our web engineering services.
  • To process transactions, generate invoices, and manage client accounts.
  • To communicate with you regarding project milestones, security updates, or administrative notices.
  • To enforce our Terms of Service and comply with legal obligations.

4. Third-Party Infrastructure

Our services rely on enterprise-grade third-party infrastructure. We do not sell data, but data may be processed by these sub-processors to deliver the Service:

  • Vercel Inc. (USA): Hosting, Edge Network delivery, and Serverless function execution.
  • Sanity.io (Norway/USA): Content Management System (CMS) data storage.
  • Stripe / Wise: Payment processing and fraud detection.
  • Google Analytics / PostHog: Privacy-focused performance analytics.

5. Cookie Policy & Do Not Track

We use cookies to enhance your experience.

  • Essential Cookies: Required for the website to function (e.g., session security).
  • Analytics Cookies: Help us understand how visitors interact with our site. You can disable these in your browser settings.
  • Do Not Track (DNT): Our systems do not currently respond to browser "Do Not Track" signals, as no uniform standard for this signal has been adopted.

6. International Data Transfers

SubSecond Labs is located in India. Information we collect may be transferred to, stored, and processed in India or any other country where our third-party processors maintain facilities. By using our Services, you consent to any such transfer of information outside of your country of residence.

7. Security & Breach Protocol

We use administrative, technical, and physical security measures (HTTPS, 2FA, Role-Based Access) to protect your personal information. In the event of a data breach that affects your personal data, we will notify you via email within 72 hours of becoming aware of the breach, in accordance with GDPR and local laws.

8. Data Retention

We retain client project files, code repositories, and communication records for a period of 12 months post-completion for backup, maintenance, and legal liability purposes. You may request permanent deletion of your data at any time by contacting us.

9. Your Data Protection Rights (Universal)

We are committed to data privacy for all users, regardless of location.

  • Right to Access & Rectification: Request copies or corrections of your personal data.
  • Right to Deletion: Request erasure of your personal data ("Right to be Forgotten").
  • Right to Opt-Out: We do not sell personal data. To demonstrate our commitment to privacy, we voluntarily extend the right to opt-out of data sales to all users globally, which also satisfies the specific requirements for California residents under the CCPA.

10. Children's Privacy

Our Services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal data from a child without parental consent, we will delete that information.

11. Grievance Redressal (India)

In accordance with the Information Technology Act, 2000 and the Digital Personal Data Protection Act, 2023, the contact details of the Grievance Officer are provided below:

Designation: Grievance Officer
Email: legal@subsecondlabs.com
Address: Uttarakhand, India

12. Contact Information

For general privacy concerns or to exercise your rights, you may contact us at:

SubSecond Labs
Uttarakhand, India
Email: legal@subsecondlabs.com