Privacy Policy

At My CTO Friend, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our services. Please read this policy carefully to understand our practices regarding your personal data and how we will treat it.

1. Information We Collect

Personal Information

• Name and contact details (email address, phone number)
• Company name and position
• Billing and payment information
• Communication preferences

Project Information

• Project descriptions and requirements
• Technical specifications and documentation
• Business goals and objectives

Technical Information

• IP address and browser information
• Device and operating system details
• Website usage data and analytics

2. How We Use Your Information

• To provide and maintain our CTO as a Service offerings
• To communicate with you about your projects and our services
• To process payments and manage billing
• To improve our services and develop new features
• To send you marketing communications (with your consent)
• To comply with legal obligations and protect our rights

3. Legal Basis for Processing

We process your personal data on the following legal grounds:

• Consent: When you have given clear consent for us to process your personal data for specific purposes
• Contract: Processing is necessary for the performance of a contract with you
• Legitimate Interests: Processing is necessary for our legitimate interests or those of a third party
• Legal Obligation: Processing is necessary to comply with the law

4. Data Sharing and Disclosure

We may share your information with:

• Service providers and business partners who assist in delivering our services
• Professional advisors (lawyers, accountants, auditors)
• Government authorities when required by law
• Potential buyers in case of business sale or merger

5. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including:

• Encryption of data in transit and at rest
• Regular security assessments and updates
• Access controls and authentication measures
• Employee training on data protection

6. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy, including:

• Active client data: Duration of the business relationship plus 7 years
• Marketing data: Until consent is withdrawn or 3 years of inactivity
• Technical logs: 90 days unless required for security investigations

7. Your Rights (GDPR)

Under the General Data Protection Regulation (GDPR), you have the following rights:

• Right to Access: Request copies of your personal data
• Right to Rectification: Request correction of inaccurate personal data
• Right to Erasure: Request deletion of your personal data
• Right to Restriction: Request restriction of processing your personal data
• Right to Data Portability: Request transfer of your data to another organization
• Right to Object: Object to processing of your personal data
• Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent

To exercise any of these rights, please contact us through our contact form

8. Cookies and Tracking

We use cookies and similar tracking technologies to:

• Essential Cookies: Enable basic website functionality
• Analytics Cookies: Understand how visitors interact with our website
• Functional Cookies: Remember your preferences and personalize your experience

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place for such transfers, including Standard Contractual Clauses approved by the European Commission.

10. Children's Privacy

Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected personal data from a child, we will take steps to delete such information.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the 'Last Updated' date. Your continued use of our services after changes constitutes acceptance of the updated policy.