Privacy Policy
Last updated: 12 June 2026
This Privacy Policy explains how SuperrDev collects, uses, shares, and protects personal data when you visit our website or contact us through our enquiry channels. We are a business-to-business firm and do not sell personal data.
1. Who We Are
SuperrDev — operated by [SuperrDev legal entity name], with registered office at [registered office address] — is a premium IT services and product-engineering firm based in India that builds enterprise software for business clients worldwide. We are the controller of the personal data described in this Policy.
For any privacy matter, contact us at privacy@superrdev.com.
Because our clients are predominantly businesses, the personal data we handle through our website is mostly limited to business-contact details of the individuals who enquire with us, plus the content of the materials they choose to send us.
2. Scope of This Policy
This Policy covers personal data we process when you visit our website, submit an enquiry, book a call, email us, or engage with us through partner platforms such as freelance marketplaces. Where we process personal data on behalf of a client as part of delivering a project (for example, data inside a system we build), we act as a processor under that client's instructions, and our Master Services Agreement / Data Processing Agreement governs that processing rather than this Policy.
3. Personal Data We Collect
Depending on how you interact with us, we may collect:
| Category | Examples |
|---|---|
| Identity & contact | Name, job title, employer/organisation, business email, phone number. |
| Corporate / commercial | Company name, country, role, project context, and budget indications you choose to share. |
| Enquiry content | The content of RFPs, NDAs, technical briefs, architectural diagrams, and any documents or messages you send us. |
| Scheduling data | Meeting times, time zone, and information you enter when booking a call. |
| Technical & usage | IP address, device/browser type, pages viewed, referring URLs, and similar analytics data collected via cookies and similar technologies. |
| Marketplace data | Profile, messages, and engagement details shared with us through freelance platforms (e.g. Upwork) where you contact us there. |
We do not intentionally collect special-category data (such as health, race, or religion). Please do not include such data in materials you send us unless strictly necessary and agreed.
4. How We Collect It
4.1 Direct website enquiries and email
When you submit an enquiry on our website or email us, we receive your contact details and the content of your message. RFPs, NDAs, and technical briefs sent to our inbox are received and stored within our business email and document-management systems.
4.2 Calendar and meeting tools
We use Cal.com to let you book calls. When you book, Cal.com processes your name, email, chosen time, and any details you enter, and shares them with us. Meetings may be hosted on Zoom or a similar platform, which processes your information to run the call. These providers act as our service providers and operate under their own privacy notices.
4.3 Cookies and analytics
We use privacy-conscious analytics, such as Google Analytics and/or Vercel Analytics, to understand site usage. These set cookies or collect usage signals as described in Section 12. Where required by law (for example, in the EU and UK), non-essential analytics run only after you consent via our cookie banner.
4.4 Freelance marketplaces
If you contact us through a platform such as Upwork, we receive the information that platform shares with us, subject to the platform's own terms and privacy notice.
5. Legal Bases for Processing (EU/UK GDPR)
Where the EU GDPR or UK GDPR applies, we rely on the following legal bases:
| Legal basis | When we rely on it |
|---|---|
| Legitimate interests | Responding to your business enquiry, qualifying opportunities, running our B2B sales process, securing our site, and improving our services — balanced against your rights. |
| Contract | Taking steps at your request before entering a contract, and performing a contract with you or your organisation. |
| Consent | Non-essential analytics/marketing cookies and any marketing emails — you may withdraw consent at any time. |
| Legal obligation | Keeping records required by law (for example, tax and accounting) and responding to lawful requests. |
6. How We Use Your Data
- To respond to enquiries, scope opportunities, and prepare proposals;
- To schedule and hold meetings and calls;
- To negotiate, enter into, and perform contracts and Statements of Work;
- To operate, secure, and improve our website and services;
- To send service communications and, with consent where required, occasional updates;
- To comply with legal, tax, and regulatory obligations, and to establish or defend legal claims.
7. Confidentiality of Materials You Submit
We recognise that the technical briefs, RFPs, architectural diagrams, and other materials you submit through our website or by email are commercially sensitive. Even before a formal mutual non-disclosure agreement is signed, we treat such materials as confidential: we use them only to evaluate and respond to your enquiry, limit internal access to those who need it, and do not disclose them to third parties except to service providers bound by confidentiality obligations or where required by law.
This commitment bridges the gap until a mutual NDA or Master Services Agreement is in place. Once a separate NDA is signed, its terms govern. To keep the most sensitive details protected, we encourage you to share only what is needed at the enquiry stage and to flag anything especially sensitive.
8. Who We Share Data With
We do not sell personal data. We share it only with:
- Service providers who help us operate — for example, email and document hosting, scheduling (Cal.com), video calls (Zoom), and analytics (Google/Vercel) — under contracts that restrict their use of the data;
- Professional advisers (lawyers, accountants, auditors) under confidentiality obligations;
- Authorities or third parties where required by law, to enforce our terms, or to protect our rights, property, or safety;
- A successor entity in connection with a merger, acquisition, or sale of assets, subject to this Policy.
A current list of material service providers (sub-processors) is available on request at privacy@superrdev.com.
9. International Data Transfers
We are based in India and use service providers that may store or process data in India, the EU, the UK, the USA, and elsewhere. Where we transfer personal data of individuals in the EU or UK to a country not recognised as providing adequate protection, we put in place an appropriate safeguard, such as the European Commission's Standard Contractual Clauses (SCCs), the UK International Data Transfer Addendum (IDTA), and, where relevant, supplementary measures.
10. Data Retention
We keep personal data only as long as needed for the purpose for which it was collected, then delete or anonymise it. As a guide: enquiry and contact data is kept for up to twenty-four months after last contact if no engagement follows; contract-related records are kept for the longer of the engagement plus seven years or as required by tax and legal rules. Specific periods are set in our internal retention schedule.
11. Your Rights
11.1 EU / UK GDPR rights
Subject to conditions, you may request access to your data, correction, erasure, restriction of processing, and portability; and you may object to processing based on legitimate interests or direct marketing, and withdraw consent at any time.
To exercise these rights, contact privacy@superrdev.com. You also have the right to complain to your supervisory authority (for example, your national EU Data Protection Authority, or the UK Information Commissioner's Office).
11.2 US state privacy rights
If you are a California resident, the CCPA (as amended by the CPRA) gives you rights to know, access, correct, and delete personal information, and to opt out of "sale" or "sharing" and certain targeted advertising. We do not sell or share personal information in that sense, and we do not discriminate against you for exercising your rights. Similar rights may apply under other US state laws, including those of Virginia, Colorado, Connecticut, Utah, and Texas.
12. Cookies & Similar Technologies
We use strictly necessary cookies to run the site, and (where consented) analytics cookies and similar technologies to measure usage. You can manage non-essential cookies through our cookie banner and your browser settings. Where the law requires consent, non-essential cookies are not set until you opt in.
13. How We Protect Your Data
We use appropriate technical and organisational measures — including access controls, encryption in transit, least-privilege access, and confidentiality obligations on staff and service providers — to protect personal data. No system is perfectly secure, but we work to protect your information and to notify affected parties and authorities of qualifying breaches as required by law.
14. Children's Privacy
Our website and services are intended for businesses and are not directed to children. We do not knowingly collect personal data from children.
15. Changes to This Policy
We may update this Policy from time to time. We will post the updated version here with a revised date and, where changes are material, take reasonable steps to notify you.
16. Contact Us
Questions or requests relating to your personal data can be sent to privacy@superrdev.com.