Contact Us

Privacy Policy

At Hopeleaf Technologies, your privacy is important to us. This Privacy Policy explains what personal information we collect, how we use it, who we share it with, and what rights you have over your data. It applies to all visitors to our website and all clients who engage our services.

  • Last Updated: April 2026

Introduction & Scope

This Privacy Policy (‘Policy’) describes how Hopeleaf Technologies (‘we’, ‘us’, or ‘our’) collects, uses, stores, and shares personal information when you visit our website at hopeleaftechnologies.com, submit an enquiry, engage our services, or communicate with us in any form.

This Policy applies to all website visitors, prospective clients, current clients, newsletter subscribers, and job applicants. It covers personal information collected through our website, contact forms, email communications, and any other direct interactions.

By using our website or providing us with your personal information, you acknowledge that you have read and understood this Privacy Policy

Information We Collect

We collect personal information in the following ways:

  • Contact and enquiry forms — name, email address, phone number, company name, project details, and budget range
  • Email and WhatsApp communications — content of messages you send us and any attachments
  • Newsletter subscription — email address and subscription preferences
  • Project onboarding — business details, brand assets, login credentials shared securely for project purposes
  • Job applications — CV, portfolio links, work history, and contact information
  • Website usage data — IP address, browser type, device type, pages visited, time spent on pages, and referring URLs (via Google Analytics 4)
  • Cookies — session identifiers, preference data, and analytics identifiers (see Clause 8 for full cookie details)

How We Use Your Information

We use your personal information for the following purposes and on the following legal bases:

  • To respond to enquiries and provide quotations — Legal basis: Legitimate interest / Pre-contractual steps
  • To deliver agreed web design, development, and digital marketing services — Legal basis: Performance of a contract
  • To send project-related communications, updates, and invoices — Legal basis: Performance of a contract
  • To send newsletters and marketing updates (only if you have opted in) — Legal basis: Consent
  • To improve our website and services through analytics — Legal basis: Legitimate interest
  • To comply with legal obligations, tax requirements, and regulatory requests — Legal basis: Legal obligation
  • To process job applications — Legal basis: Legitimate interest / Pre-contractual steps

Legal Basis for Processing (GDPR — EU & EEA Users)

If you are located in the European Union, European Economic Area, or the United Kingdom, Hopeleaf Technologies processes your personal data under one of the following lawful bases under the General Data Protection Regulation (GDPR):

Consent — where you have given us clear, specific consent to use your data (e.g., newsletter subscription). You may withdraw consent at any time without affecting the lawfulness of processing before withdrawal.

Contract performance — where processing is necessary to fulfil a contract with you, or to take steps at your request before entering into a contract (e.g., preparing a project proposal).

Legitimate interests — where processing is necessary for our legitimate business interests (e.g., improving our services, responding to enquiries, maintaining client relationships), provided those interests are not overridden by your rights.

Legal obligation — where we are required to process data to comply with applicable law (e.g., maintaining financial records for tax purposes).

Information Sharing & Disclosure

We do not sell, rent, or trade your personal information to any third party. We share your information only in the following limited circumstances:

  • Service providers — trusted third parties who assist us in operating our business, including hosting providers (DigitalOcean, SiteGround, Cloudways), email platforms (Gmail), project management tools (Slack, Notion), and payment processors (Razorpay, Wise, PayPal). All service providers are contractually required to protect your data and may only use it to perform services on our behalf.
  • Google Analytics 4 — anonymised website usage data is shared with Google for analytics purposes. See Clause 8 for more details.
  • Google Ads / Meta Ads — if you have engaged our digital marketing services and we are running campaigns on your behalf, we may process data within Google Ads and Meta Ads Manager platforms as part of that service.
  • Legal and regulatory authorities — we may disclose your information if required by law, court order, or governmental authority. We will notify you of such disclosure where legally permitted.
  • Business transfers — in the event of a merger, acquisition, or sale of all or part of our business, your information may be transferred to the acquiring entity. We will notify you of any such transfer.

International Data Transfers

Hopeleaf Technologies is based in India. If you are located outside India — including in the European Union, United Kingdom, Australia, or the United States — your personal information will be transferred to and processed in India.

For EU and EEA users: We ensure that any transfer of personal data from the EEA to India is conducted in compliance with GDPR. Where no adequacy decision exists, we rely on Standard Contractual Clauses (SCCs) or other appropriate safeguards as recognised under GDPR Article 46.

For Australian users: We comply with the Australian Privacy Principles (APPs) under the Privacy Act 1988. Our service providers are required to handle data in a manner consistent with the APPs.

For Indian users: We comply with India’s Digital Personal Data Protection Act 2023 (DPDPA 2023), which governs how personal data of Indian residents is collected, stored, and processed.

By using our website or engaging our services, you consent to this international transfer, subject to the protections described above.

Data Retention

We retain your personal information for as long as is necessary to fulfil the purposes for which it was collected, including satisfying legal, accounting, and reporting requirements.

  • Client project records — retained for 7 years after project completion (required for tax and legal compliance under Indian law)
  • Enquiry and contact form submissions — retained for 2 years after last contact, then securely deleted
  • Newsletter subscriber data — retained until you unsubscribe, then deleted within 30 days
  • Job applicant data — retained for 12 months after the application is closed, then securely deleted
  • Website analytics data (Google Analytics 4) — data retention set to 14 months in our GA4 property settings
  • Invoice and payment records — retained for 7 years in accordance with Indian tax law

Cookies & Tracking Technologies

Our website uses cookies — small text files stored on your device — to enhance your browsing experience, analyse website traffic, and support our marketing activities. Below is a full description of the cookies we use:
Cookie Type Provider Purpose
Essential WordPress / Hopeleaf Required for the website to function. Cannot be disabled. Includes session cookies, login state, and security tokens.
Analytics Google Analytics 4 Tracks anonymised page views, session duration, traffic sources, and user behaviour to help us improve the website. Data is anonymised before being sent to Google.
Marketing Google Ads / Meta Pixel Tracks conversions from paid advertising campaigns. Only active if we are running paid campaigns. Stores anonymised ad click and conversion data.
Functional WP Rocket / Cloudflare Caching and performance cookies that store a static version of pages for faster delivery. No personal data collected.
Preferences WordPress Stores your cookie consent choice so we don’t ask again on subsequent visits.

You can control and disable cookies through your browser settings. Most browsers allow you to refuse cookies, delete existing cookies, or be notified when a new cookie is set. Please note that disabling certain cookies may affect the functionality of our website.

We use a cookie consent banner on our website. By continuing to use the site after dismissing the banner, you consent to our use of non-essential cookies as described above.

Your Rights as a Data Subject

Depending on where you are located, you may have the following rights regarding your personal information. To exercise any of these rights, contact us at su*****@******************es.com.

Your Right What It Means
Right to Access You can request a copy of the personal information we hold about you.
Right to Rectification You can ask us to correct inaccurate or incomplete personal information.
Right to Erasure You can ask us to delete your personal information, subject to legal retention obligations.
Right to Restriction You can ask us to restrict how we process your data in certain circumstances.
Right to Portability You can request your data in a structured, machine-readable format (applies to data processed by consent or contract).
Right to Object You can object to processing based on our legitimate interests, including direct marketing.
Withdraw Consent Where we rely on consent, you can withdraw it at any time without affecting prior processing.
Right to Complain You have the right to lodge a complaint with your local data protection authority (e.g., ICO in the UK, CNIL in France, OAIC in Australia).
DPDPA Rights (India) Under India’s DPDPA 2023, you have the right to access, correct, and erase your personal data, and to nominate a representative in case of incapacity.
We will respond to all data subject requests within 30 days of receipt. Where a request is complex or numerous, we may extend this period by a further 60 days — we will notify you if this is the case.

Newsletter & Marketing Communications

We send marketing newsletters and project updates only to individuals who have explicitly opted in by ticking a consent checkbox on our contact form or newsletter sign-up form.

Every marketing email we send includes an unsubscribe link at the bottom. Clicking it will remove you from our mailing list within 7 working days. Alternatively, you can email su*****@******************es.com with ‘Unsubscribe’ in the subject line.

We do not send unsolicited marketing emails (spam). If you receive a message from us that you did not sign up for, please email us immediately so we can investigate and correct the issue.

Third-Party Websites & Links

Our website may contain links to third-party websites — including client websites we have built, social media platforms (Facebook, Instagram, LinkedIn), and tools we recommend (such as Google, Cloudflare, Elementor).

We are not responsible for the privacy practices or content of any third-party website. When you click on an external link, you leave our website and your data is subject to that website’s own privacy policy. We encourage you to read the privacy notices of any external sites you visit.

Children's Privacy

Our website and services are directed at businesses and adult professionals. We do not knowingly collect personal information from children under the age of 18 (or the applicable age of digital consent in your jurisdiction).

If you believe a child has provided us with personal information without appropriate consent, please contact us at su*****@******************es.com and we will take steps to delete that information promptly.

Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority without undue delay and, where feasible, within 72 hours of becoming aware of the breach.

Where the breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly without undue delay, describing the nature of the breach, its likely consequences, and the measures we have taken or propose to take to address it.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our business practices, legal requirements, or data protection standards. When we make significant changes, we will post a notice on our website and update the ‘Last Updated’ date at the top of this Policy.

For material changes that significantly affect how we use your personal information, we will notify existing clients and subscribers by email before the changes take effect, giving you an opportunity to review them.

We encourage you to review this Policy periodically to stay informed about how we are protecting your information.

Governing Law

This Privacy Policy is governed by the laws of India, including the Information Technology Act 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules 2011, and India’s Digital Personal Data Protection Act 2023 (DPDPA 2023).

For individuals located in the European Union or United Kingdom, this Policy is also subject to the General Data Protection Regulation (GDPR) and the UK GDPR respectively, to the extent applicable.

For individuals located in Australia, this Policy is subject to the Australian Privacy Act 1988 and the Australian Privacy Principles (APPs).

Contact Us — Data & Privacy Enquiries

If you have any questions, concerns, or requests relating to this Privacy Policy or your personal data, please contact us:

  • Email: su*****@******************es.com (mark the subject line: ‘Privacy / Data Request’)
  • Address: Hopeleaf Technologies, 610 Silver Trade Center, VIP Circle, near Moon Garden, Uttran, Surat, Gujarat 394105, India
  • Office Hours: Monday – Saturday, 9:30 AM – 7:00 PM IST
  • Response time: We aim to respond to all privacy enquiries within 5 working days and all data subject requests within 30 days.