Privacy Policy

Effective: March 28, 2024

Last Updated: March 1, 2025

1. Introduction

Marhaba Codes ("we," "us," or "our") respects your privacy and is committed to protecting your personal information through compliance with global data protection regulations including GDPR and CCPA. This Privacy Policy governs our software development services including:

Custom software development
AI/ML solutions
Mobile & web applications
Business automation systems
Technical consultation
Support and Maintainence

By engaging with our services, you agree to the collection and use of information in accordance with this policy. We regularly review and update our practices to ensure compliance with evolving regulations.

2. Information Collection

A. Information You Provide

Identity Data: Full name, company title, professional credentials
Contact Data: Email, phone number, business address
Project Data: Technical specifications, API keys, architecture diagrams
Financial Data: Billing addresses, VAT numbers, payment records

3. Legal Basis & Purpose

Purpose	Legal Basis	Data Category
Service Delivery	Contractual Necessity	Identity, Contact, Project
Security Monitoring	Legitimate Interest	Technical, Usage
Compliance	Legal Obligation	Financial, Identity

4. Data Security Measures

Technical Safeguards

AES-256 encryption at rest and in transit
Regular penetration testing
Multi-factor authentication enforcement

Organizational Measures

Employee privacy training (bi-annual)
Data minimization protocols
Incident response team

5. Data Security & Retention

Protection Measures

Enterprise-grade firewall protection
Quarterly vulnerability assessments
Role-based access control (RBAC)
SSL/TLS 1.2+ for data transmission

Retention Framework

Project data: 5 years post-completion
Financial records: 10 years for tax compliance
Communication logs: 2 years
Backups: Encrypted for 2 years

6. Data Subject Rights

Access

Request copy of processed data within 30 days

Rectification

Update inaccurate personal information

Erasure

Right to be forgotten under GDPR Article 17

Portability

Receive data in machine-readable format

Objection

Challenge legitimate interest processing

Restriction

Temporarily limit data processing

7. External Services

Third-Party Services Disclaimer

While developing solutions, we may integrate with or reference:

Payment processors (Stripe, PayPal)
Cloud providers (AWS, Google Cloud)
Analytics tools (Google Analytics, Mixpanel)
CRM platforms (HubSpot, Salesforce)
AI Agents(Openai, Gemini)

We vet third-party services for GDPR compliance but recommend reviewing their privacy policies independently. We don't control data collected directly by third parties.

8. Policy Changes

Update Protocol

30-day notice for material changes
Version control with changelog
Archive of previous policies available

Version	Date	Changes
1.1	2025-03-01	Added AI development disclosures
1.0	2024-03-28	Initial policy release

9. Contact Information

Data Protection Officer:

Marhaba Codes

1476, I-14, Islamabad, Pakistan

Email: marhabacodes@gmail.com

Phone: +92 333 1143330