Privacy Policy

DSYIGN SOLUTIONS LLC ("Company", "we", "us", or "our"), a limited liability company registered in Wyoming, United States, is committed to protecting the privacy of our customers and users worldwide. This Privacy Policy explains how we collect, use, share, and safeguard your personal information when you visit our website or use our Services.

This policy applies to all visitors and users globally — including those in the European Union, United Kingdom, Canada, Australia, and all other regions. We comply with applicable privacy laws including the EU General Data Protection Regulation (GDPR), UK GDPR, Canada's PIPEDA, Australia's Privacy Act, Brazil's LGPD, and the California Consumer Privacy Act (CCPA) where applicable.

1. Information We Collect

1.1 Information You Provide Directly

• Contact information: name, email address, phone number, when you fill out our contact form or register an account.
• Account credentials: email address and password (stored in encrypted form).
• Payment information: billing name, billing address, and card details. Card data is processed and stored by our payment processor (Stripe); we do not store full card numbers on our servers.
• Communications: messages you send us via the contact form, email, or support channels.
• Business information: company name, industry, and project details provided during consultancy engagements.

1.2 Information Collected Automatically

• Usage data: pages visited, features used, session duration, and click paths.
• Device and browser data: IP address, browser type, operating system, and screen resolution.
• Cookies and similar technologies: see Section 7 below.
• Log data: server logs recording requests to our Services, including timestamps and error information.

1.3 Information from Third Parties

We may receive information from third-party services you connect to our platforms (e.g., OAuth sign-in providers) or from payment processors regarding transaction status.

2. How We Use Your Information

We use collected information to:

• Provide, operate, and improve our Services and SaaS platforms.
• Process payments and manage subscriptions.
• Send transactional emails (order confirmations, invoices, subscription updates).
• Respond to inquiries and provide customer support.
• Send service-related communications (maintenance notices, security alerts).
• Send promotional communications, where you have consented or where permitted by applicable law.
• Analyze usage patterns to improve user experience.
• Detect and prevent fraud, abuse, and security incidents.
• Comply with legal obligations.

3. Legal Bases for Processing

3.1 EU / EEA / UK Users (GDPR & UK GDPR)

If you are located in the European Economic Area (EEA) or United Kingdom, we process your personal data under the following legal bases:

• Performance of a contract: processing necessary to provide the Services you have subscribed to or purchased.
• Legitimate interests: improving our Services, fraud prevention, and direct marketing to existing customers, where such interests are not overridden by your rights.
• Consent: where you have explicitly consented, such as for marketing emails or non-essential cookies.
• Legal obligation: where processing is required to comply with applicable EU, EEA, or UK law.

3.2 All Other Users

For users outside the EEA and UK, we process personal data on equivalent bases under applicable local law — including contractual necessity, legitimate business interests, your consent, and legal compliance. Regardless of your location, we only collect and use personal data for the specific purposes described in this policy.

4. Sharing Your Information

We do not sell your personal information. We may share your data with:

• Payment processors (Stripe): to process payments securely. Stripe's privacy policy applies to data they handle.
• Cloud infrastructure providers (Google Firebase/Google Cloud): to host our databases and backend services.
• Email service providers (Resend): to deliver transactional and marketing emails.
• Analytics providers (Google Analytics): to analyze website traffic in aggregated, anonymized form.
• Legal and regulatory authorities: when required by law, court order, or to protect our rights.
• Business transfers: in the event of a merger, acquisition, or sale of assets, personal data may be transferred as part of the transaction.

All third-party service providers are contractually required to process data only on our instructions and to maintain appropriate security measures.

5. International Data Transfers

DSYIGN SOLUTIONS LLC is headquartered in Wyoming, USA, and we operate Services used by customers worldwide. Your personal information may be transferred to, stored in, and processed in the United States or other countries where our service providers operate. These countries may have different data protection laws than your country.

Where we transfer personal data internationally, we implement appropriate safeguards:

• EU / EEA: We rely on EU Standard Contractual Clauses (SCCs) approved by the European Commission for transfers of personal data from the EEA to third countries.
• United Kingdom: We use the UK International Data Transfer Agreement (IDTA) or UK Addendum to EU SCCs for transfers from the UK.
• Switzerland: We rely on the Swiss SCCs or equivalent mechanisms approved by the Swiss Federal Data Protection and Information Commissioner (FDPIC).
• Other jurisdictions: We implement contractual protections or rely on adequacy decisions, binding corporate rules, or other lawful mechanisms available under applicable local law.

You may request a copy of the applicable transfer safeguards by contacting us at info@dsyign.com.

6. Data Retention

We retain your personal information for as long as necessary to provide the Services, fulfill the purposes described in this policy, and comply with legal obligations:

• Account data: retained for the duration of your account, plus up to 3 years after closure for legal compliance purposes.
• Transaction records: retained for at least 7 years for accounting and tax compliance.
• Contact form submissions: retained for up to 2 years.
• Usage logs: typically retained for 90 days.

7. Cookies and Tracking Technologies

We use cookies and similar technologies for the following purposes:

• Essential cookies: required for the operation of the site (authentication sessions, security tokens). These cannot be disabled.
• Analytics cookies (Google Analytics): help us understand how visitors interact with the site. These are anonymized and aggregated. You may opt out via your browser settings or the Google Analytics opt-out tool.
• Preference cookies: store your settings such as language and theme preference.

You can manage cookie preferences through your browser settings. Note that disabling certain cookies may affect the functionality of our Services.

8. Your Rights

We respect data rights for all users worldwide. Depending on where you are located, you may have the following rights:

• Access: request a copy of the personal data we hold about you.
• Rectification / Correction: request correction of inaccurate or incomplete data.
• Erasure / Deletion: request deletion of your personal data, subject to legal retention requirements.
• Portability: receive your data in a structured, machine-readable format.
• Objection: object to processing based on legitimate interests or direct marketing.
• Restriction: request that we restrict processing in certain circumstances.
• Withdraw consent: where processing is based on consent, withdraw it at any time without affecting prior lawful processing.

Region-Specific Rights

• EU / EEA (GDPR): all rights listed above apply. You may lodge a complaint with your national data protection authority (e.g., CNIL in France, BfDI in Germany).
• United Kingdom (UK GDPR): all rights listed above apply. You may lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.
• California, USA (CCPA / CPRA): you have the right to know, correct, delete, and opt out of the sale or sharing of personal information. We do not sell personal information.
• Canada (PIPEDA): you have the right to access and correct your personal information and to withdraw consent for certain uses.
• Australia (Privacy Act 1988): you have the right to access and correct your personal information and to make a complaint to the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.
• Brazil (LGPD): you have rights of access, correction, deletion, portability, and information about sharing, and may contact the Autoridade Nacional de Proteção de Dados (ANPD).
• Other jurisdictions: we will honor equivalent rights under your applicable local data protection law on request.

To exercise any of these rights, contact us at info@dsyign.com. We will respond within 30 days (or within the period required by your applicable local law). We may need to verify your identity before processing your request.

9. Security

We implement industry-standard technical and organizational measures to protect your personal data, including:

• HTTPS encryption for all data in transit.
• Encryption of sensitive data at rest.
• Access controls limiting who can access personal data internally.
• Regular security reviews and monitoring.

Despite these measures, no system is completely secure. In the event of a data breach that poses a significant risk to your rights, we will notify affected users and relevant authorities as required by applicable law.

10. Children's Privacy

Our Services are not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected such data, please contact us and we will delete it promptly.

11. Links to Third-Party Sites

Our website may contain links to third-party websites. We are not responsible for the privacy practices of those sites and encourage you to review their privacy policies independently.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website with a revised effective date. For significant changes, we may also send an email notification to registered users.

13. Contact and Complaints

If you have questions, concerns, or wish to exercise any of your privacy rights, contact us:

We aim to respond to all privacy requests within 30 days. If you are not satisfied with our response, or if we fail to respond within the required period, you have the right to escalate your complaint to the relevant supervisory authority in your country or region:

• EU / EEA: your national data protection authority (full list at edpb.europa.eu).
• United Kingdom: the Information Commissioner's Office (ICO) at ico.org.uk.
• Australia: the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.
• Canada: the Office of the Privacy Commissioner of Canada at priv.gc.ca.
• Brazil: the Autoridade Nacional de Proteção de Dados (ANPD) at gov.br/anpd.