Your privacy matters to us. This page explains exactly what personal data Softileo collects, why we collect it, how long we keep it, and the rights you have over it — in plain English.
Softileo is a custom software development company specialising in Shopify development, WordPress solutions, AI automation, and bespoke web applications. We have delivered 445+ projects globally over 6+ years of operation.
For the purposes of data protection law, Softileo is the data controller — meaning we determine how and why your personal data is processed.
We only collect data that is necessary for the purpose for which it is collected. Below are the six categories of personal data we may process:
When you fill in a contact form, request a quote, or book a consultation.
Automatically via cookies and analytics tools when you browse our site.
Collected automatically to improve performance and diagnose issues.
When you contact us via email, live chat, or our contact form.
When you engage Softileo for a paid service or sign a project agreement.
When you subscribe to our newsletter or opt in to marketing communications.
We use your personal data only for specific, defined purposes. We never use your data in ways you would not reasonably expect.
Reply to quote requests, consultation bookings, and support messages.
Manage your project, share deliverables, and communicate progress.
Issue invoices and maintain accurate financial and billing records.
Analyse traffic patterns to fix issues and improve the user experience.
Email newsletters and product updates — only with your explicit consent.
Meet our legal obligations and enforce our contractual rights where needed.
Under GDPR and applicable data protection law, we must have a lawful basis for processing your personal data. We rely on the following four bases:
Processing is necessary to deliver services you have requested or to take pre-contractual steps at your request — for example, responding to a quote enquiry.
Where you have given clear, specific consent — such as subscribing to our newsletter. You may withdraw consent at any time by emailing us.
Processing required to comply with a legal duty — for example, retaining financial records for tax and accounting purposes.
Processing necessary for our legitimate business interests — such as improving our website and preventing fraud — where not overridden by your rights.
We do not sell, rent, or trade your personal data. We share data only in the following limited circumstances:
We use trusted third-party tools (Google Analytics, HubSpot, payment processors) bound by contracts to process data only on our instructions.
We may disclose data where required by law, a court order, or a regulatory authority in response to a valid legal request.
In a merger, acquisition, or asset sale, data may transfer to the successor entity. You will be notified in advance.
We may share data to investigate, prevent, or act against fraud, security threats, or violations of our Terms of Service.
We retain personal data only for as long as necessary to fulfil the purposes it was collected for, including legal, accounting, or reporting requirements.
| Data Type | Retention Period | Reason |
|---|---|---|
| Contact / enquiry data | 2 years | To follow up and maintain relationship history |
| Client project data | 5 years | Contractual obligations and dispute resolution |
| Financial / invoice records | 7 years | Legal tax and accounting requirements |
| Analytics data | 26 months | Performance benchmarking (Google Analytics default) |
| Newsletter subscribers | Until unsubscribed | Consent-based — removed immediately on request |
| Support / chat logs | 1 year | Quality assurance and issue tracking |
When data is no longer needed, it is securely deleted or anonymised so it can no longer be linked to you personally.
Under GDPR, CCPA, and applicable data protection laws, you have the following rights over your personal data. To exercise any of these, contact us at hello@softileo.com.
Request a copy of all personal data we hold about you.
Ask us to correct any inaccurate or incomplete personal data.
Request deletion of your personal data (the "right to be forgotten").
Ask us to pause processing your data in certain circumstances.
Receive your data in a structured, machine-readable format.
Object to processing based on legitimate interests or direct marketing.
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction.
All data in transit is encrypted using TLS 1.2+.
Data at rest is encrypted using AES-256 standard.
Only authorised personnel can access personal data.
Automated daily backups with secure off-site storage.
Routine security audits and penetration testing performed.
Notified within 72 hours if a breach affects your rights.
No method of transmission over the internet is 100% secure. While we strive to use commercially acceptable means to protect your data, we cannot guarantee absolute security.
Our website may contain links to third-party websites, plugins, and applications. Clicking on those links may allow third parties to collect or share data about you.
We do not control these third-party websites and are not responsible for their privacy practices. We encourage you to read the privacy policy of every website you visit.
Our services are not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us immediately at hello@softileo.com and we will delete it promptly.
We review and update this Privacy Policy periodically. When we make material changes we will:
If you have questions about this Privacy Policy or want to exercise your data rights, contact our Privacy Team:
Our privacy team replies within 72 hours. A real person will respond — not a bot.
Email Privacy TeamWe never sell your data. Ever.
