Skip to main system content
TecSynth

Legal & Compliance

Privacy Policy

Last updated: 1 July 2025

1. Who We Are

TecSynth ("we", "us", "our") operates the website at https://tecsynth.net. We provide software development, AI systems engineering, and technical consulting services. We are the data controller for personal data collected through this website.

For data protection enquiries, contact us at: contact@tecsynth.net

2. What Data We Collect

We collect the minimum personal data necessary to respond to enquiries and deliver our services.

Contact Form

Name, email address, company name (optional), subject, and message. Collected when you submit the contact form.

Project Discovery Form

Name, email address, company, role, project type, timeline, budget range, and project description. Collected when you submit the project initiation form.

Technical Data

Standard server logs including IP address, browser type, referring URL, and page requested. Retained for up to 30 days for security and diagnostic purposes. We do not use third-party analytics trackers.

3. Legal Basis for Processing (GDPR Article 6)

We process personal data under the following lawful bases:

  • Legitimate interests (Article 6(1)(f)): Responding to enquiries you initiate and assessing project compatibility.
  • Performance of a contract (Article 6(1)(b)): Processing data necessary to provide services where a contract exists.
  • Legal obligation (Article 6(1)(c)): Retaining records where required by applicable law.

4. How We Use Your Data

  • To respond to your enquiry or project submission
  • To assess whether we can assist with your technical requirements
  • To send project-related communications where a working relationship is established
  • To maintain records required for legal and contractual obligations

We do not sell, rent, or share your personal data with third parties for marketing purposes. We do not use your data for automated decision-making or profiling.

5. Data Retention

Enquiry data is retained for 24 months from the date of submission or the end of any resulting engagement, whichever is later. After this period, personal data is securely deleted. Server logs are retained for 30 days. You may request earlier deletion at any time (see Section 7).

6. Third-Party Processors

We use a limited number of third-party processors to operate this website:

Resend (email delivery)

Form submissions are transmitted via Resend to our inbox. Resend processes data under a Data Processing Agreement in compliance with GDPR.

Vercel (hosting)

This website is hosted on Vercel infrastructure. Vercel processes technical data (IP addresses, request logs) as part of CDN and hosting operations.

All processors are bound by Data Processing Agreements and are prohibited from using your data for their own purposes.

7. Your Rights Under GDPR

As a data subject under EU/UK GDPR, you have the following rights:

  • Right of access: Request a copy of the personal data we hold about you
  • Right to rectification: Request correction of inaccurate or incomplete data
  • Right to erasure: Request deletion of your personal data ('right to be forgotten')
  • Right to restrict processing: Request that we limit how we process your data
  • Right to data portability: Receive your data in a structured, machine-readable format
  • Right to object: Object to processing based on legitimate interests

To exercise any of these rights, email contact@tecsynth.net. We will respond within 30 days. You also have the right to lodge a complaint with your national data protection supervisory authority.

8. Cookies

This website uses strictly necessary cookies only — a cookie preference record stored locally on your device. We do not use tracking cookies, advertising cookies, or third-party analytics services that set cookies. No cookie consent is required for strictly necessary cookies under the EU ePrivacy Directive.

9. International Transfers

Where data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards are in place — including Standard Contractual Clauses (SCCs) as approved by the European Commission, or transfers to countries with an adequacy decision.

10. Security Measures

We implement appropriate technical and organisational measures to protect personal data, including TLS encryption in transit, access controls limiting data to authorised personnel, and regular security reviews. No transmission over the internet is 100% secure; in the event of a data breach affecting your rights and freedoms, we will notify you and the relevant supervisory authority within 72 hours as required by GDPR Article 33.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be reflected in the "Last updated" date above. We recommend reviewing this page periodically.

12. Contact

For any data protection questions or to exercise your rights:

Email: contact@tecsynth.net