Donado Labs

Privacy Policy

We respect your privacy. This page explains how we handle your data in accordance with GDPR and applicable laws.

Last updated: 11.2025

Data Controller

Donado Labs is the controller of your personal data. You can contact us at [email protected] for any privacy-related inquiry.

Data We Collect

When you submit our contact form, we collect:

  • Identification and contact data (name and email address).
  • Project information (problem description, timeline, tech stack, success criteria).
  • Technical metadata (timestamps, form submission data).

We also collect minimal anonymous analytics data (error logs and aggregate usage metrics) necessary for the proper functioning of our website. We do not use cookies for tracking or advertising purposes.

Purposes of Processing

  • Responding to your business inquiries and evaluating potential collaboration opportunities.
  • Preparing proposals and performing pre-contractual steps at your request.
  • Maintaining records for auditing and legal compliance purposes.
  • Ensuring the reliability and security of our services (legitimate interests).

Legal Bases

  • Your consent (GDPR Art. 6(1)(a)) when submitting the contact form.
  • Pre-contractual necessity (GDPR Art. 6(1)(b)) when you request us to take steps prior to entering into a contract.
  • Legitimate interests (GDPR Art. 6(1)(f)) to maintain service reliability, prevent abuse, and comply with business record-keeping requirements.

Retention

We retain your personal data for a minimum of one (1) year for auditing and legal compliance purposes. After this period, we will delete or anonymize your data unless we have a legitimate reason to retain it (such as ongoing business relationships, legal obligations, or to establish, exercise, or defend legal claims).

Sharing and Transfers

We do not sell, rent, or trade your personal data. We only use your information for direct communication regarding potential business collaboration. We may share your data with trusted service providers (e.g., form processing, email hosting) strictly for the purposes stated here and under appropriate data processing agreements. Where data is transferred outside the EEA, we rely on appropriate safeguards such as the EU Standard Contractual Clauses.

Your Rights

Under GDPR and applicable data protection laws, you have the right to:

  • Access, rectification, and erasure of your data.
  • Restriction of processing and data portability.
  • Object to processing based on legitimate interests.
  • Withdraw consent at any time without affecting the lawfulness of processing before withdrawal.
  • Lodge a complaint with a supervisory authority in the EU/EEA.

To exercise any of these rights, contact us at [email protected].

Contact

For requests or questions regarding this Privacy Policy or your rights, email us at [email protected].