Privacy Policy

Anubiz Labs ("we", "us", "our") is a DevOps and Cloud Implementation studio registered in Iceland. Our registered address is Kalkofnsvegur 2, 101 Reykjavik, Iceland. This Privacy Policy explains how we collect, use, and protect your personal data when you use our website and services.

We collect the following information to deliver our services:

• Contact Information: Name, email address, company name, and Telegram handle (if provided)
• Billing Details: Payment information processed through Stripe or PayPal. We do not store full credit card numbers on our servers.
• Project Briefs: Technical details, stack information, repository access, and infrastructure context you provide through our intake form or during engagements
• Infrastructure Credentials: Server access keys, API tokens, or deployment credentials shared with us for the purpose of implementation work
• Usage Data: Basic analytics data such as pages visited and session duration, collected through essential cookies

We use the information we collect for the following purposes:

• Service Delivery: To scope, implement, and deliver the DevOps and infrastructure work you have purchased
• Billing: To process payments, issue invoices, and manage your account
• Communication: To send project updates, delivery confirmations, and respond to your inquiries
• Improvement: To analyze anonymized usage patterns and improve our website and service offerings

We do not sell, rent, or trade your personal data to third parties. We do not use your data for advertising or profiling purposes.

When you share infrastructure credentials (SSH keys, API tokens, cloud provider access, etc.) with us for implementation work:

• Credentials are stored in encrypted vaults and accessed only by the engineer assigned to your project
• Access is used solely for the scope of work defined in your project brief
• Upon project completion, all credentials are permanently deleted from our systems within 7 days
• For retainer clients, credentials are retained securely for the duration of the active retainer and deleted upon termination

We strongly recommend rotating any credentials you share with us after project completion.

We share data with the following third parties, strictly as needed to deliver our services:

• Stripe: Payment processing. Stripe's privacy policy applies to payment data they handle.
• PayPal: Alternative payment processing. PayPal's privacy policy applies to payment data they handle.

We do not share your project briefs, infrastructure credentials, or personal information with any other third parties.

Our website uses:

• Essential Cookies: Required for site functionality, authentication, and session management. These cannot be disabled.
• Analytics Cookies: Used to understand how visitors interact with our website. These collect anonymized, aggregated data only.

We do not use advertising cookies or third-party tracking pixels.

• Project Data: Project briefs, deliverables, and related documentation are retained for 1 year after project completion, then permanently deleted.
• Account Data: Your name, email, and billing history are retained for as long as your account is active, plus any period required by applicable tax and accounting laws.
• Infrastructure Credentials: Deleted within 7 days of project completion (or retainer termination).

As we are based in Iceland (EEA jurisdiction), you have the following rights under the General Data Protection Regulation (GDPR):

• Right of Access: Request a copy of all personal data we hold about you
• Right to Rectification: Request correction of inaccurate or incomplete data
• Right to Erasure: Request deletion of your personal data, subject to legal retention obligations
• Right to Data Portability: Receive your data in a structured, machine-readable format
• Right to Restrict Processing: Request that we limit how we use your data
• Right to Object: Object to data processing in certain circumstances

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

We implement appropriate technical and organizational measures to protect your data, including:

• Encryption in transit (TLS) and at rest for all sensitive data
• Encrypted credential vaults with access controls
• Regular security reviews of our internal systems
• Principle of least privilege for all data access

We may update this Privacy Policy from time to time. Material changes will be communicated via email to active clients. The "Last updated" date at the top of this page indicates when the policy was last revised.

For privacy-related questions or to exercise your data rights:

• Email: [email protected]
• Telegram: @Bshsgjai
• Address: Anubiz Labs, Kalkofnsvegur 2, 101 Reykjavik, Iceland