We take privacy seriously, because we would want any agency we hired to take ours seriously too. This policy explains what personal data we collect, why, and what you can do about it.
Who we are
ShubhTech Ltd ("ShubhTech", "we", "us") is a UK-registered company. Our registered office address will be published here shortly.
For the purposes of the UK GDPR and the Data Protection Act 2018, ShubhTech Ltd is the data controller for personal data collected via this website and during our commercial engagements.
What we collect
When you fill in our contact form we collect your name, email address, company (optional), the service you are interested in, the project type and the free-text message you send us.
When you browse the site we collect anonymous, aggregated traffic data via privacy-respecting analytics (page views, referrer, approximate location, device type). We do not use behavioural advertising cookies.
During client engagements we collect the information necessary to deliver services, for example billing details, project files, and correspondence.
Why we collect it
To respond to enquiries, provide the services you have engaged us for, comply with our legal and accounting obligations, and improve the ShubhTech website.
Our lawful bases are: legitimate interests (responding to a genuine business enquiry), contract (delivering paid services), and legal obligation (accounting, tax, anti-money-laundering).
Who we share it with
We use a small number of carefully vetted processors, a UK-based accounting provider, cloud infrastructure (AWS eu-west-2 by default), a communications tool (Slack), and a CRM. We do not sell personal data to any third party, ever.
Where a processor is outside the UK, transfers are covered by the ICO’s International Data Transfer Agreement or equivalent safeguards.
How long we keep it
Enquiry data is retained for 24 months from the last contact, after which it is deleted or fully anonymised.
Client engagement records are retained for 6 years from the end of the engagement, to comply with HMRC accounting obligations.
Your rights
Under UK GDPR you have the right to access, rectify, erase, restrict, port, or object to processing of your personal data. You can exercise any of these rights by emailing hello@shubhpvt.co.uk. We will respond within one calendar month.
You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO), www.ico.org.uk.
Cookies
We use a minimal set of first-party cookies for session state and analytics. We do not use third-party marketing cookies, retargeting pixels or fingerprinting techniques.
You can disable cookies in your browser at any time; the site will continue to work.
Security
We use TLS 1.3 across the site, encryption at rest for stored data, least-privilege access, and centralised secret management. Employees complete annual data-protection training.
Changes to this policy
We will update this page whenever our processing changes materially and note the date at the top. For substantive changes affecting existing clients, we will also email you directly.