Home
DevStudioAl

Privacy Policy

DevStudioAl is a professional web development agency specializing in custom web applications, SaaS platforms, dashboards, AI integrations, and automation solutions. We are committed to protecting your privacy and handling your personal information with transparency and care.

Effective Date: February 2026
Last Updated: March 2026

Data Controller: DevStudioAl, registered and operating under Albanian law (governing jurisdiction: Albania). For all data protection enquiries, contact us at [email protected].

1. Introduction

This Privacy Policy describes how DevStudioAl ("we," "us," or "our") collects, uses, shares, and protects your personal information when you visit our website, use our services, or communicate with us. By using our services, you agree to the collection and use of information in accordance with this policy.

This policy applies to visitors and clients of devstudioal.com and users of our free developer tools hosted at paste.devstudioal.com, json.devstudioal.com, and regex.devstudioal.com.

2. Information We Collect

We collect information in several ways:

2.1 Information You Provide Directly
  • Contact Information: Name, email address, company name when you contact us or request a quote
  • Project Information: Details about your project requirements, specifications, and business needs
  • Account Information: Login credentials if you access client portals or project management systems
  • Payment Information: Billing details and invoicing information (payment processing is handled by secure third-party providers; we do not store card details)
  • Communication Records: Emails, chat logs, and other correspondence related to our services
2.2 Information Collected Automatically
  • Device Information: IP address, browser type, operating system, device identifiers
  • Usage Data: Pages visited, time spent on pages, referral sources, click patterns
  • Cookies: Session cookies, preference cookies, and analytics cookies (see Section 11)
  • Log Data: Server logs including access times, error logs, and request details

3. Data Processed by Our Free Developer Tools

DevStudioAl provides three free developer tools. Each tool has a distinct approach to data, described below:

3.1 DevPaste (paste.devstudioal.com)

DevPaste allows users to share text and code via encrypted links. All content is encrypted in your browser using AES-256-GCM before transmission. The encryption key is embedded in the URL fragment (#) and is never sent to our server — meaning we cannot read the content of any paste. Pastes may be subject to automatic expiry and deletion. You should not use DevPaste to store sensitive personal data or rely on it as a permanent storage solution.

3.2 DevJSON (json.devstudioal.com)

DevJSON is a JSON formatting and validation tool. All processing occurs entirely within your browser. No data you enter into DevJSON is transmitted to or stored on our servers.

3.3 DevRegex (regex.devstudioal.com)

DevRegex is a regular expression testing tool. All pattern matching and processing occurs entirely within your browser. No data you enter into DevRegex is transmitted to or stored on our servers.

Standard server logs (IP address, browser type, access time) may be recorded when you access these tools for security and operational purposes, in line with Section 2.2.

4. How We Use Your Information

We use the collected information for the following purposes:

  • Service Delivery: To provide, maintain, and improve our web development services
  • Communication: To respond to inquiries, send project updates, and provide customer support
  • Billing: To process payments, generate invoices, and manage accounts
  • Legal Compliance: To comply with legal obligations, resolve disputes, and enforce agreements
  • Marketing: To send newsletters or promotional materials (only with your consent, and you can opt-out anytime)
  • Analytics: To analyze website usage and improve user experience
  • Security: To detect, prevent, and address technical issues and security threats

5. Legal Basis for Processing

We process personal data in compliance with the EU General Data Protection Regulation (GDPR), UK GDPR (as retained in UK law under the Data Protection Act 2018), and the Albanian Law on Personal Data Protection (Law No. 9887/2008, as amended). Our legal bases for processing are:

  • Contract: Processing necessary for the performance of a contract with you or to take steps at your request before entering into a contract
  • Consent: Where you have given explicit, freely given consent for specific purposes (e.g. marketing communications)
  • Legitimate Interests: Processing necessary for our legitimate business interests, provided these are not overridden by your rights and freedoms
  • Legal Obligation: Processing necessary to comply with applicable legal or regulatory requirements

6. DevStudioAl as a Data Processor

In the course of building websites and applications for clients, DevStudioAl may handle personal data belonging to our clients' own customers or users. In such cases, DevStudioAl acts as a data processor on behalf of the client, who is the data controller.

Where this applies, we process such data only on documented instructions from the client, in accordance with a Data Processing Agreement (DPA). We do not use client user data for any purpose beyond delivering the agreed services, and we implement appropriate technical and organisational measures to ensure its security.

If you are a user of a website or application built by DevStudioAl for one of our clients, please refer to that client's own Privacy Policy for information about how your data is handled.

7. Data Sharing and Third Parties

We may share your information with:

  • Service Providers: Trusted third-party services for hosting, analytics, payment processing, and communication tools, bound by appropriate data processing agreements
  • Legal Requirements: When required by law, court order, or government request
  • Business Transfers: In connection with any merger, acquisition, or sale of company assets, where data protection obligations transfer to the acquiring entity
  • With Your Consent: When you have given explicit permission for a specific disclosure

We do NOT sell, rent, or trade your personal information to third parties for marketing purposes.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • SSL/TLS encryption for all data in transit
  • AES-256-GCM client-side encryption for DevPaste content
  • Encrypted storage for sensitive data at rest
  • Regular security reviews and vulnerability assessments
  • Access controls and authentication protocols

No method of electronic transmission or storage is 100% secure. While we strive to use commercially acceptable means to protect your data, we cannot guarantee absolute security.

9. Your Rights

Under GDPR, UK GDPR, and Albanian data protection law, you have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you
  • Rectification: Request correction of inaccurate or incomplete data
  • Erasure: Request deletion of your data where it is no longer necessary for the purpose it was collected ("right to be forgotten")
  • Restriction: Request that we limit processing of your data in certain circumstances
  • Data Portability: Receive your data in a structured, commonly used, machine-readable format
  • Object: Object to processing carried out on the basis of legitimate interests or for direct marketing
  • Withdraw Consent: Withdraw consent at any time where processing is based on consent, without affecting the lawfulness of prior processing
  • Lodge a Complaint: You have the right to lodge a complaint with your relevant supervisory authority:
    • UK: Information Commissioner's Office (ICO) — ico.org.uk
    • EU: Your national Data Protection Authority
    • Albania: Commissioner for the Right to Information and Personal Data Protection — idp.al

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

10. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, or reporting requirements. Typical retention periods:

  • Project data: Duration of project plus 7 years for legal and tax purposes
  • Communication records: 3 years after last contact
  • Analytics data: 26 months
  • Marketing preferences: Until you unsubscribe or withdraw consent
  • DevPaste content: Until the paste expires or is deleted, after which it is permanently removed
  • Server access logs (all tools): Up to 90 days for security purposes

11. International Data Transfers

DevStudioAl operates across the UK, Germany, and Albania. Your data may be transferred and processed in these locations. We ensure all international transfers comply with applicable law:

  • EU/EEA transfers: Covered by GDPR and adequacy decisions or Standard Contractual Clauses (SCCs) where required
  • UK transfers: Covered by UK GDPR and the UK International Data Transfer Agreement (IDTA) where applicable
  • Albania: Transfers to Albania are conducted under appropriate safeguards in line with Albanian Law No. 9887/2008 and applicable EU SCC frameworks

12. Cookies

We use cookies and similar technologies to operate our website and improve your experience. Cookies are small text files stored on your device.

Types of cookies we use:
  • Essential Cookies: Required for the website to function (e.g. session management, security). These cannot be disabled.
  • Preference Cookies: Remember your settings and preferences (e.g. dark/light mode, language). These are set with your consent.
  • Analytics Cookies: Help us understand how visitors interact with our website (e.g. pages visited, time on site). Set only with your consent.
Managing your cookies:

You can control and disable non-essential cookies through your browser settings at any time. Please note that disabling certain cookies may affect the functionality of the website. For more information on managing cookies, visit allaboutcookies.org.

13. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have inadvertently collected data from a child under 18, we will delete it promptly. If you believe a child has provided us with personal data, please contact us at [email protected].

14. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or applicable law. We will notify you of significant changes by posting the updated policy on this page with a revised "Last Updated" date. For material changes, we may also notify you directly by email where we hold your contact details. We encourage you to review this policy periodically.

15. Contact Us

If you have questions about this Privacy Policy, wish to exercise your data rights, or have any concerns about our data practices, please contact us:

Email: [email protected]

We aim to respond to all data-related requests within 30 days of receipt.

Get started

Ready to start earning with DevStudioAl?

If you have any questions, feel free to reach out to our team.

  • Free consultation

  • No commitment required