How we handle your data.
We collect only what we need to deliver our services and run a small business: contact details you give us, basic analytics, and project artifacts you share. We don't sell your data, train external AI on it, or hold onto it longer than necessary.
Who we are
Nevynt Technologies ("Nevynt", "we", "us") is a product engineering and innovation studio. This policy explains how we handle personal information when you visit nevynt.com, contact us, or work with us as a client, candidate, or vendor.
For questions, write to privacy@nevynt.com.
What we collect
- Contact details — name, work email, company, role — when you fill in a form or email us.
- Project information — briefs, documents, code, and credentials you share with us during an engagement.
- Usage data — pages viewed, referrer, approximate location, device type. Aggregated, no fingerprinting.
- Cookies — a small set, all listed in our Cookie Policy.
- Recruiting data — CV, work history, and interview notes if you apply for a role.
Why we collect it
| Purpose | Lawful basis |
|---|---|
| Respond to enquiries | Legitimate interest |
| Deliver contracted work | Contract |
| Improve the website | Legitimate interest / consent |
| Hire fairly | Legitimate interest |
| Meet legal & tax obligations | Legal obligation |
Who we share data with
We use a short list of vetted vendors to run the studio: Google Workspace (mail, docs), Linear (project tracking), GitHub (code), AWS (hosting), and Plausible (privacy-friendly analytics). We share only what each vendor strictly needs.
We do not sell personal data, and we do not use client data to train external AI models.
How long we keep it
- Contact form submissions — 24 months, then deleted.
- Active client project data — for the duration of the engagement plus 12 months.
- Invoices and tax records — 7 years, as required by law.
- Recruiting data for unsuccessful candidates — 12 months with consent, otherwise deleted within 30 days.
Your rights
You can request access to, correction of, deletion of, or a portable copy of your personal data. You can also object to processing or withdraw consent. Email privacy@nevynt.com and we'll respond within 30 days.
Security
We use SSO and MFA across our tooling, encrypt data in transit (TLS 1.2+) and at rest, follow the principle of least privilege for vendor and team access, and run quarterly security reviews. If a breach affects you, we'll notify you within 72 hours.
International transfers
Some of our vendors are based in the United States. Where applicable we rely on Standard Contractual Clauses and equivalent safeguards.
Changes
We'll update this policy when our practices change. Material changes will be flagged on the homepage and dated in the version log above.
Questions about how we handle your data?
privacy@nevynt.com →