Home
DevStudioAl

GDPR Compliance Statement

Effective Date: February 2026 | Last Updated: February 2026

DevStudioAl is fully committed to protecting your personal data and complying with the General Data Protection Regulation (GDPR). We understand the importance of data protection and privacy for our clients across Europe and worldwide.

This page explains how DevStudioAl implements GDPR principles and ensures that your data is handled transparently, securely, and in accordance with applicable data protection laws.

What is GDPR?

The General Data Protection Regulation (GDPR) is a comprehensive data protection law enacted by the European Union that became enforceable on May 25, 2018. It is designed to give individuals greater control over their personal data and harmonize data protection laws across Europe.

Key GDPR Principles:

  • Lawfulness, Fairness, and Transparency: Data must be processed lawfully and transparently
  • Purpose Limitation: Data collected for specific, legitimate purposes only
  • Data Minimization: Only collect data that is necessary
  • Accuracy: Personal data must be accurate and kept up to date
  • Storage Limitation: Data retained only as long as necessary
  • Integrity and Confidentiality: Data must be processed securely
  • Accountability: Organizations must demonstrate compliance

Who We Are

DevStudioAl is a professional web development agency specializing in custom software solutions, SaaS platforms, dashboards, AI integrations, and automation tools. We serve clients across Europe and globally.

Contact:
Email: info@devstudioal.com
Phone: +44 7537 131485

Data We Collect

DevStudioAl collects the following categories of personal data:

  • Contact Information: Name, email address, phone number, company name, and job title when you contact us, request a quote, or engage our services.

  • Project Data: Technical requirements, specifications, and business information necessary to deliver our services.

  • Billing Information: Invoice addresses, payment details (processed securely through third-party payment providers).

  • Website Usage Data: IP address, browser information, pages visited, and interaction data through cookies and analytics.

  • Communication Records: Emails, chat messages, and call records related to our business relationship.

Why We Collect Your Data (Legal Basis)

We process your personal data based on the following legal grounds:

  • Contract Performance: To deliver the services you have requested and fulfill our contractual obligations.

  • Consent: For marketing communications and newsletters (you can withdraw consent at any time).

  • Legitimate Interests: To improve our services, analyze website performance, and maintain security.

  • Legal Obligation: To comply with tax, accounting, and other regulatory requirements.

Data Retention

We retain your personal data only for as long as necessary:

  • Project data: Duration of project plus 7 years for legal and tax purposes
  • Client contact information: Duration of business relationship plus 3 years
  • Website analytics data: 26 months
  • Marketing preferences: Until you unsubscribe
  • Inquiry data (non-clients): 2 years from last contact

Third-Party Services We Use

We work with carefully selected third-party providers who are also GDPR compliant:

  • Analytics: Google Analytics (with IP anonymization enabled) for website traffic analysis.

  • Hosting: GDPR-compliant cloud hosting providers with EU data centers.

  • Payment Processing: Secure payment providers (PayPal, Stripe) with their own GDPR compliance measures.

  • Email Services: GDPR-compliant email service providers for communications.

Your Data Rights Under GDPR

As a data subject, you have the following rights:

  • Right of Access (Article 15): Request a copy of all personal data we hold about you.

  • Right to Rectification (Article 16): Request correction of inaccurate or incomplete data.

  • Right to Erasure (Article 17): Request deletion of your data ("right to be forgotten").

  • Right to Restriction (Article 18): Request limitation of processing in certain circumstances.

  • Right to Data Portability (Article 20): Receive your data in a structured, machine-readable format.

  • Right to Object (Article 21): Object to processing based on legitimate interests or direct marketing.

  • Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent.

How to Exercise Your Rights

To exercise any of your data rights, please contact us at:

Email: info@devstudioal.com

We will respond to your request within 30 days. For complex requests, we may extend this period by an additional 60 days, but we will inform you of any extension within the first 30 days.

Right to Lodge a Complaint: If you believe your data protection rights have been violated, you have the right to lodge a complaint with your local data protection authority (e.g., the ICO in the UK, BfDI in Germany).

Security Measures

DevStudioAl implements appropriate technical and organizational measures to protect your personal data:

  • SSL/TLS encryption for all data in transit
  • Encrypted storage for sensitive data at rest
  • Access controls and authentication mechanisms
  • Regular security audits and vulnerability assessments
  • Employee training on data protection
  • Data breach detection and response procedures

International Data Transfers

As DevStudioAl operates from multiple countries, your data may be transferred between our offices in the UK, Germany, and Albania. All transfers are conducted in compliance with GDPR requirements, including:

  • Standard Contractual Clauses (SCCs) where applicable
  • Adequacy decisions for transfers to approved countries
  • Additional safeguards for transfers outside the EEA

Updates to This Statement

We may update this GDPR Compliance Statement periodically. Any changes will be posted on this page with an updated "Last Updated" date. We encourage you to review this page regularly.

Contact Us

For any questions about GDPR compliance or your personal data, please contact us:

Email: info@devstudioal.com
Phone: +44 7537 131485