Privacy Policy

We collect information ensuring we can deliver high-performance consulting and engineering services. This includes:

• Voluntary Information: Name, professional email, company name, and project requirements provided via our contact forms or during discovery sessions.
• Technical Usage Data: IP addresses, browser types, and device characteristics when you interact with our digital assets, used primarily for security monitoring and performance optimization.
• Client Data: In the course of delivering services (e.g., SDV Auto-labeling, AI Platform Engineering), we may process datasets provided by you. This data is strictly governed by broader Master Services Agreements (MSAs) and Non-Disclosure Agreements (NDAs).

Your data is the fuel for our collaboration, not our product. We use information strictly to:

• Deliver requested engineering and consulting services.
• Process invoices and manage client accounts.
• Send critical technical updates, security alerts, and support messages.
• Improve our website performance and defend against cyber threats.

We never sell your personal information. We do not engage in third-party ad targeting using your proprietary business data.

We operate with a lean, vetted stack of sub-processors. We may share data with:

• Infrastructure Providers: Cloud hosting (AWS/GCP/Azure) and edge networks (Vercel/Cloudflare) to serve our applications.
• Business Operations: Trusted tools for CRM, invoicing (Stripe), and internal communication.
• Legal Obligations: If compelled by valid legal process (e.g., court order) or to prevent imminent harm.

All third-party vendors undergo security reviews and are bound by Data Processing Addendums (DPAs) where applicable.

We apply enterprise-grade defense depth. Our security posture includes:

• Encryption in transit (TLS 1.3) and at rest (AES-256).
• Strict Role-Based Access Control (RBAC) and Multi-Factor Authentication (MFA) for all internal systems.
• Regular vulnerability scanning and static code analysis of our own infrastructure.

While no system is impenetrable, we maintain an incident response plan to rapidly detect and mitigate threats.

We retain personal data only for as long as necessary to fulfill the purposes outlined in this policy or to comply with legal/audit obligations (typically 7 years for financial records). Once the retention period expires, data is securely deleted or anonymized.

Depending on your jurisdiction (GDPR, CCPA), you have rights regarding your personal data:

• Access & Portability: Request a copy of the data we hold about you.
• Correction: Fix inaccurate or incomplete information.
• Deletion: Request erasure of your personal data ("Right to be Forgotten"), subject to legal retention requirements.

To exercise these rights, please email our Privacy Team at privacy@lynkrypt.com.

Lynkrypt Code Labs operates globally with a Center of Excellence in India. Data may be transferred to, stored, and processed in countries other than your own. We utilize generally accepted mechanisms (such as Standard Contractual Clauses) to ensure your data remains protected to EU/US standards regardless of location.

We may update this policy as regulations evolve or our services expand. Material changes will be communicated via our website or direct email notification to active clients. Continued use of our services implies acceptance of the updated terms.