dIQdevIQ TechBack to home
Legal

Privacy Policy

Last updated: February 24, 2026 · GDPR-compliant

1. Data Controller

devIQ Tech, a division operating under xFinit, is the data controller responsible for the personal data collected through deviqtech.com (the “Website”). We are headquartered in Romania, European Union, and serve clients globally.

Contact: contact@deviqtech.com

2. What Personal Data We Collect

We collect personal data only when you voluntarily provide it:

  • Contact form submissions — name, email address, company name, and message content.
  • Get Started form — project details, preferred services, contact information, and any technical requirements you share.
  • Email correspondence — when you contact us directly at our email address.

We do not collect sensitive personal data (racial or ethnic origin, political opinions, biometric data, etc.).

3. How We Use Your Data

Personal data is processed for the following purposes:

  • Service delivery — to respond to your inquiries, prepare proposals, and deliver the IT services you request (IT talent fulfillment, managed operations, consulting, or custom solutions).
  • Communication — to follow up on your requests and provide relevant information about our services.
  • Website improvement — anonymised analytics data helps us understand how visitors use the Website and improve the experience.
  • Legal compliance — to meet our obligations under applicable law, including GDPR.

4. Legal Basis for Processing (GDPR Art. 6)

  • Consent (Art. 6(1)(a)) — when you submit a contact or project form, you consent to us processing the data for the stated purpose.
  • Legitimate interest (Art. 6(1)(f)) — anonymised analytics and website security measures serve our legitimate business interests without overriding your rights.
  • Contract performance (Art. 6(1)(b)) — when you engage us for IT services, we process data necessary to fulfil the agreement.

5. Data Retention

  • Contact form data — retained for up to 24 months from the date of submission, or until the related business engagement concludes, whichever is later.
  • Analytics data — anonymised and aggregated; no individual records are retained.
  • Contractual data — retained for the duration of the business relationship plus any period required by applicable commercial and tax law.

6. Data Sharing & Third Parties

We do not sell your personal data. Data may be shared with:

  • Vercel Inc. — our hosting and analytics provider, which processes anonymised analytics data under their own privacy policy.
  • xFinit / LRZTECH Solutions — our parent organisation and operational partner, with whom we may share data to fulfil service agreements.
  • Legal authorities — if required by law, regulation, or valid legal process.

7. International Transfers

Your data is primarily processed within the European Economic Area (EEA). If data is transferred outside the EEA (for example, to cloud infrastructure providers), we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the European Commission.

8. Your Rights Under GDPR

As a data subject, you have the right to:

  • Access — request a copy of the personal data we hold about you.
  • Rectification — request correction of inaccurate or incomplete data.
  • Erasure — request deletion of your data (“right to be forgotten”), subject to legal retention obligations.
  • Restriction — request that we limit the processing of your data under certain conditions.
  • Data portability — receive your data in a structured, commonly used, machine-readable format.
  • Objection — object to processing based on legitimate interest.
  • Withdraw consent — where processing is based on consent, you may withdraw it at any time.

To exercise any of these rights, contact us at contact@deviqtech.com. We will respond within 30 days as required by GDPR.

9. Data Security

We implement appropriate technical and organisational measures to protect personal data, including encrypted data transmission (TLS/HTTPS), access controls, and regular security reviews. However, no method of electronic transmission is 100% secure, and we cannot guarantee absolute security.

10. Children's Privacy

Our Website and services are not directed at individuals under 16 years of age. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child under 16, we will take steps to delete it promptly.

11. Updates to This Policy

We may update this Privacy Policy periodically. Changes will be posted on this page with a revised “Last updated” date. For material changes, we may also notify you via email or a prominent notice on the Website.

12. Supervisory Authority

If you believe your data protection rights have been violated, you have the right to lodge a complaint with a supervisory authority. For Romania, the relevant authority is the Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal (ANSPDCP).

13. Contact

For any privacy-related questions or requests, please contact us at contact@deviqtech.com.

Other Legal Documents

Legal

Cookies & Cache Policy

How we use cookies and caching technologies

Legal

Terms & Conditions

Terms governing our services and website