ACE Code Lab
Legal

Privacy Policy

Last updated: January 15, 2025

At Ace Code Lab ("Company", "we", "us", "our"), your privacy is a first-class concern. This Privacy Policy explains how we collect, use, disclose, and protect information when you visit our website (acecodelab.com), use our services, or communicate with us. Please read this policy carefully. By using our website or services, you agree to the practices described here.

1. Information We Collect

1.1 Information You Provide Directly

We collect information you voluntarily provide when you:

  • Contact us — name, email address, phone number, company name, message content
  • Request a quote — project details, budget range, timeline, technical requirements
  • Apply for a job — name, email, phone, resume, cover letter, work history
  • Subscribe to our newsletter — email address
  • Engage our services — billing information, project requirements, communications

We do not collect payment card details directly. Payment processing is handled by Stripe, a PCI DSS-compliant third-party processor.

1.2 Information Collected Automatically

When you visit our website, we automatically collect certain technical information:

  • Log data: IP address, browser type and version, pages visited, time and date of visit, time spent on each page, referring URL
  • Device data: Operating system, device type (desktop/mobile/tablet), screen resolution
  • Usage data: Links clicked, features used, navigation paths through the site
  • Cookies and similar technologies: Session cookies, persistent cookies, and local storage (see Section 4)

1.3 Information from Third Parties

We may receive information about you from:

  • Social media platforms (LinkedIn, Twitter) when you interact with our company pages
  • Analytics providers (Google Analytics, Plausible) that provide aggregated usage insights
  • Partners or referral sources who introduce potential clients to us

2. How We Use Your Information

We use the information we collect for the following purposes:

2.1 Providing Our Services

  • Responding to inquiries and quote requests within 24 hours
  • Delivering software development and consulting services to clients
  • Processing job applications and communicating with candidates
  • Managing client accounts and project communications
  • Sending transactional emails (project updates, invoices, contracts)

2.2 Improving Our Products

  • Analyzing website usage to improve user experience and content
  • Understanding which services and content are most valuable to visitors
  • Detecting and fixing technical issues
  • Conducting internal research and analytics to improve our service quality

2.3 Marketing and Communications

  • Sending our newsletter (only to subscribers who explicitly opted in)
  • Sharing case studies, blog posts, and product updates
  • Retargeting website visitors through advertising platforms (you can opt out — see Section 7)

We will never sell your email address or personal data to third parties for marketing purposes.

2.4 Legal Compliance

  • Complying with applicable laws and regulations
  • Responding to lawful requests from public authorities
  • Enforcing our Terms of Service and other agreements
  • Protecting the rights, property, or safety of our company, clients, or the public

3. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA) or United Kingdom, we process your personal data under the following legal bases:

  • Contract performance: Processing necessary to fulfill our service agreement with you
  • Legitimate interests: Analytics, security monitoring, fraud prevention, and service improvement — where our interests don't override your rights
  • Consent: Newsletter subscriptions and optional marketing communications — you can withdraw consent at any time
  • Legal obligation: Where we must comply with applicable law

4. Cookies and Tracking Technologies

We use the following types of cookies:

  • Essential cookies: Required for the website to function (session management, security). These cannot be disabled.
  • Analytics cookies: Google Analytics and Plausible Analytics to understand how visitors use the site. These are anonymized and aggregated where possible.
  • Preference cookies: Remember your settings (e.g., dark mode, cookie consent status).
  • Marketing cookies: LinkedIn Insight Tag and Google Ads for measuring campaign effectiveness and enabling retargeting.

You can control cookies through your browser settings or our cookie consent banner. Disabling cookies may affect website functionality.

5. Data Sharing and Disclosure

We do not sell your personal data. We share information only in these circumstances:

5.1 Service Providers

We share data with trusted third-party service providers who help us operate our business:

  • Infrastructure: Amazon Web Services (hosting and storage)
  • Email: SendGrid (transactional emails), Mailchimp (newsletter)
  • Analytics: Google Analytics, Plausible Analytics
  • CRM: HubSpot (contact and project management)
  • Payments: Stripe (payment processing)
  • Video: Zoom, Google Meet (client calls)

All service providers are contractually required to protect your data and may only use it for the specific purpose we've engaged them for.

5.2 Business Transfers

If Ace Code Lab is acquired, merges with another company, or undergoes a restructuring, your data may be transferred as part of that transaction. We will notify you and you will have the right to request deletion of your data.

5.3 Legal Requirements

We may disclose your information if required by law, court order, or governmental authority, or if we believe disclosure is necessary to protect our rights or the safety of others.

6. Data Retention

We retain your data for as long as necessary to fulfill the purposes described in this policy:

  • Client project data: 7 years after project completion (required for tax and legal compliance)
  • Contact form submissions: 2 years
  • Job applications: 12 months after the position is filled, unless you ask us to delete sooner
  • Newsletter subscribers: Until you unsubscribe
  • Website analytics: 26 months (Google Analytics default)
  • Cookie data: Varies by cookie type (session cookies expire when you close your browser; persistent cookies expire as specified)

When data is no longer needed, we securely delete or anonymize it.

7. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you
  • Rectification: Request correction of inaccurate or incomplete data
  • Erasure ("Right to be Forgotten"): Request deletion of your personal data (subject to our legal retention obligations)
  • Data portability: Receive your data in a structured, machine-readable format
  • Restriction: Request that we limit processing of your data in certain circumstances
  • Objection: Object to processing based on legitimate interests or for direct marketing
  • Withdraw consent: Withdraw consent at any time where processing is consent-based (e.g., newsletter)
  • Lodge a complaint: File a complaint with your local data protection authority (EU residents: your national DPA; UK residents: the ICO)

To exercise any of these rights, email us at privacy@acecodelab.com. We will respond within 30 days.

8. Data Security

We implement industry-standard security measures to protect your data:

  • All data transmission is encrypted via TLS 1.3
  • Data at rest is encrypted using AES-256
  • Access to personal data is restricted to employees with a need-to-know basis
  • We conduct regular security audits and vulnerability assessments
  • Our infrastructure is hosted on SOC 2-certified AWS data centers
  • All employees undergo annual privacy and security training

Despite our best efforts, no security system is 100% impenetrable. In the event of a data breach affecting your rights, we will notify you as required by applicable law (within 72 hours for GDPR-regulated breaches).

9. International Data Transfers

Ace Code Lab is based in the United States. If you are located outside the US (including in the EEA or UK), your data may be transferred to and processed in the US.

For transfers from the EEA/UK to the US, we rely on:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Adequacy decisions where applicable
  • The EU-US Data Privacy Framework for participating service providers

10. Children's Privacy

Our services are not directed to children under the age of 16. We do not knowingly collect personal data from children under 16. If we become aware that we have collected data from a child under 16 without parental consent, we will take immediate steps to delete that information.

11. Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices or applicable law. When we make material changes, we will:

  • Update the "Last Updated" date at the top of this page
  • Post a prominent notice on our website
  • Send an email notification to newsletter subscribers for significant changes

We encourage you to review this policy periodically. Continued use of our services after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have any questions about this Privacy Policy or how we handle your data, please contact us:

Ace Code Lab — Privacy Team

Email: privacy@acecodelab.com

Address: 1846-G Block 10 Complex, Phase 10, Mohali, Punjab, India

Response time: Within 30 days

Last updated: January 15, 2025

Terms of ServiceContact Us