Privacy Policy
Plain-language summary: We collect only what we need to respond to your enquiries and run our website. We never sell your data to anyone. You have the right to see, correct, or delete your information at any time by emailing us.
Introduction & Who We Are
This Privacy Policy explains how Onkar, operating as Web Developers Hub (“we”, “us”, “our”), collects, uses, stores, and protects personal data when you visit webdevelopershub.in or any associated pages (the “Website”), submit an enquiry, subscribe to our newsletter, or leave a comment on our blog.
We are based at Netaji Subhash Place (NSP), Delhi NCR, India. For the purposes of applicable data protection legislation — including India’s Digital Personal Data Protection Act, 2023 (DPDP Act), the European Union’s General Data Protection Regulation (GDPR), the United Kingdom’s UK GDPR, and other relevant laws worldwide — Onkar is the Data Controller for personal data collected through this Website.
By using this Website, you acknowledge that you have read and understood this Privacy Policy. If you do not agree, please discontinue use of the Website.
What Data We Collect
We collect personal data in the following ways:
A. Data you provide directly
- Contact form: Name, email address, phone number (optional), project type, budget range, timeline, project description, and how you found us.
- Newsletter subscription: Email address only.
- Blog comments: Name, email address, and the content of your comment.
- Direct email / WhatsApp: Any personal data contained in messages you send to us directly.
B. Data collected automatically
- Usage data: Pages visited, time spent, referring URL, browser type, device type, and operating system — collected via Google Analytics 4.
- IP address: Automatically recorded by our web server and analytics tools. We do not actively use IP addresses to identify individuals.
- Cookies and similar technologies: See our Cookie Policy for full details.
C. Data we do NOT collect
- Payment card details — all payments are processed by third-party payment providers.
- Sensitive personal data such as health information, biometric data, or government ID numbers.
- Data about children under 13 — see Section 9 below.
How We Use Your Data
| Purpose | Data Used | Legal Basis |
|---|---|---|
| Responding to project enquiries and contact form submissions | Name, email, phone, project details | Legitimate interest / Contract performance |
| Sending our newsletter and blog updates | Email address | Consent (can be withdrawn anytime) |
| Displaying and moderating blog comments | Name, email, comment content | Legitimate interest / Consent |
| Improving website performance and user experience | Usage data, device data | Legitimate interest |
| Complying with legal obligations | Any relevant data | Legal obligation |
| Preventing fraud and ensuring website security | IP address, usage data | Legitimate interest |
We will never sell, rent, or trade your personal data to third parties for their own marketing purposes.
Legal Basis for Processing
We process your personal data on the following legal bases depending on the nature of the processing and your location:
Third Parties & Data Sharing
We use a small number of trusted third-party services to operate this Website. These providers may process your personal data on our behalf as data processors:
| Provider | Purpose | Data Shared | Privacy Policy |
|---|---|---|---|
| Google Analytics 4 | Website analytics | Usage data, device data, anonymised IP | policies.google.com/privacy |
| Hosting Provider (e.g. Hostinger / SiteGround) | Website hosting & server logs | IP address, server access logs | Provider’s privacy policy |
| Email service provider (e.g. Mailchimp / ConvertKit) | Newsletter delivery | Email address, first name | Provider’s privacy policy |
| Cloudflare | CDN & security | IP address, usage data | cloudflare.com/privacypolicy |
| Payment processors (Razorpay / Stripe / PayPal) | Payment processing for projects | Transaction data (handled by them directly) | Provider’s privacy policy |
We do not share your personal data with any other third parties unless: (a) we are required to do so by law or court order; (b) we need to protect the rights, safety, or property of ourselves or others; or (c) you have explicitly consented to such sharing.
We do not transfer your data to data brokers, advertising networks, or marketing platforms for third-party advertising purposes.
International Data Transfers
As a business based in India serving clients globally, your personal data may be transferred to and processed in countries other than your own. When we transfer data internationally, we ensure appropriate safeguards are in place:
- For transfers from the EU/EEA: We rely on Standard Contractual Clauses (SCCs) approved by the European Commission, or other lawful transfer mechanisms under GDPR Chapter V.
- For transfers from the UK: We use International Data Transfer Agreements (IDTAs) or UK addendums to SCCs as appropriate.
- For transfers from other jurisdictions: We ensure equivalent protections as required by applicable local law.
- All third-party service providers we use (listed in Section 5) have agreed to standard data processing terms consistent with applicable data protection laws.
Data Retention
We retain personal data only for as long as necessary for the purposes it was collected, and in accordance with our legal obligations:
| Data Type | Retention Period | Reason |
|---|---|---|
| Contact form enquiries | 2 years from last contact | Legitimate business interest, potential dispute resolution |
| Newsletter subscriber data | Until unsubscribe, then 30 days | Consent-based; deleted promptly on withdrawal |
| Blog comments | Duration of blog post existence | Content integrity; deleted on request |
| Analytics data | 14 months (Google Analytics default) | Performance monitoring; anonymised after 90 days |
| Project client data | 7 years from project completion | Tax and legal compliance obligations (India Companies Act / international equivalents) |
| Invoice / payment records | 7 years | Statutory accounting and tax requirements |
Your Rights
Depending on your location and applicable law, you may have some or all of the following rights regarding your personal data:
- Right of Access: You can request a copy of the personal data we hold about you.
- Right to Rectification: You can ask us to correct inaccurate or incomplete data.
- Right to Erasure (“Right to be Forgotten”): You can request deletion of your personal data, subject to legal obligations requiring us to retain it.
- Right to Restrict Processing: You can ask us to pause processing your data in certain circumstances.
- Right to Data Portability: You can request your data in a structured, machine-readable format (EU/UK GDPR).
- Right to Object: You can object to processing based on legitimate interests or for direct marketing purposes.
- Right to Withdraw Consent: Where processing is based on consent, you can withdraw it at any time without affecting prior processing.
- Right Against Automated Decision-Making: We do not use automated profiling or decision-making that significantly affects you.
- CCPA Rights (California residents): Right to know, right to delete, right to opt-out of sale (we do not sell data), and right to non-discrimination.
- DPDP Rights (India): Right to access, correct, erase, and grievance redressal as provided under the DPDP Act 2023.
To exercise any of these rights, please contact us at the details in Section 11. We will respond within 30 days (or sooner as required by law). We may need to verify your identity before processing your request. There is no charge for most requests.
If you are in the EU/UK and are not satisfied with our response, you have the right to lodge a complaint with your local data protection authority (e.g. the ICO in the UK, or your national DPA in the EU).
Children’s Privacy
This Website is intended for use by adults and is not directed at children under the age of 13 (or 16 in EU/UK jurisdictions where a higher age threshold applies). We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us immediately and we will delete it without delay.
Changes to This Policy
We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will update the “Last Updated” date at the top of this page and, where appropriate, notify you by email (if you have subscribed to our newsletter) or by a prominent notice on the Website.
We encourage you to review this Policy periodically. Your continued use of the Website after any changes constitutes your acceptance of the updated Policy.
Contact & Data Requests
For any questions about this Privacy Policy, to exercise your data rights, or to raise a concern about how we handle your data, please contact:
Onkar — Data Controller
Web Developers Hub
NSP, Delhi NCR, India
📧 Email: hello@webdevelopershub.in
🌐 Website: webdevelopershub.in
📸 Instagram: @web_developers_hub
We aim to respond to all data-related requests within 30 days. For complex requests or where we need additional information to verify your identity, we may take up to an additional 60 days, but we will inform you of this within the initial 30-day period.
