Privacy Policy

This Privacy Policy explains how Anssol (“Anssol”, “we”, “us”, or “our”) collects, uses, stores, and shares personal information when you visit anssol.com or interact with us via our contact channels.

We respect your privacy and aim to collect only the information we need to provide our services and operate the site responsibly. If you have questions, email us at hello@anssol.com.

1. Who we are

Anssol is a software studio headquartered in Islamabad, Pakistan, serving clients globally. The data controller for information collected through this website is Anssol. For privacy questions, contact hello@anssol.com.

2. Information we collect

We collect the following categories of personal information:

Information you provide directly

• Contact form data — your name, email address, optional company name, the service category you select, and the contents of your message. Submitted via our contact page.
• Email correspondence — any information you choose to share when emailing us at hello@anssol.com or other addresses.
• Career inquiries — if you reach out about career opportunities, we may receive your CV and the information it contains.

Information collected automatically

• Technical data — when you submit the contact form, we record your IP address (via the x-forwarded-for header) and user agent string to help identify abuse or automated submissions.
• Page view analytics — we record which pages on anssol.com are viewed and the referring URL, in aggregate, to understand how the site is used. We do not use third-party advertising trackers or assign persistent identifiers to individual visitors.
• Cookies — we set a small number of strictly necessary cookies. See our Cookie Policy for details.

3. How we use your information

We use the information we collect to:

• Respond to inquiries you send us through the contact form or by email.
• Discuss potential client engagements, prepare proposals, and deliver services.
• Send transactional emails — for example, a confirmation that we received your message.
• Detect and prevent fraud, spam, and abuse of our website and services.
• Understand how the site is used, in aggregate, so we can improve it.
• Comply with legal obligations and enforce our terms.

4. Legal basis for processing (EEA / UK)

If you are in the European Economic Area or the United Kingdom, we rely on the following legal bases under the GDPR:

• Consent — when you voluntarily submit information via the contact form, you consent to us processing it to respond to your inquiry.
• Legitimate interests — for security, fraud prevention, and understanding aggregate site usage. You can object to processing on this basis at any time.
• Contractual necessity — when you become a client, we process information necessary to deliver the services you've engaged us for.
• Legal obligation — when retention or disclosure is required by applicable law.

5. Third-party services we use

We use a small number of vendors to operate the site. Each receives only the information necessary for its specific function:

• Resend — transactional email delivery for contact form notifications and confirmations. Privacy.
• Google reCAPTCHA v3 — invisible bot protection on the contact form. Google may collect device and behavioural signals subject to the Google Privacy Policy and Terms of Service.
• Google Firebase (Firestore) — secure storage for contact form submissions and aggregate page view counts. Hosted by Google in the project region we configure. Firebase Privacy.
• Google Fonts — typography is served from Google Fonts when self-hosting isn't available; this may result in your browser making a request to Google's font servers.
• Hosting provider — the site is hosted on a serverless platform that processes incoming HTTP requests on our behalf. Standard server logs may be retained briefly for security and reliability.

6. Cookies

We use only strictly necessary cookies for site functionality, plus third-party cookies set by reCAPTCHA when you interact with the contact form. We do not use advertising or cross-site tracking cookies. See our Cookie Policy for a complete list and instructions on managing cookies.

7. Data retention

• Contact submissions are kept indefinitely unless you ask us to delete them, so we can keep the conversation context for ongoing client relationships. You can request deletion at any time.
• Aggregate analytics (page view counts) are retained indefinitely. These do not identify individuals.
• Server logs (IPs, request metadata) are retained for a short period (typically 30 days) for security and debugging, then automatically purged by our hosting provider.

8. How we share information

We do not sell personal information. We do not share personal information with third parties for their own marketing purposes. We share information only with:

• Vendors listed in section 5, strictly to provide their service to us.
• Legal authorities, when required by law or to protect our rights.
• A successor entity in the event of a merger, acquisition, or sale of substantially all of our assets.

9. Your rights

Rights under the GDPR (EEA / UK residents)

You have the right to:

• Access the personal information we hold about you.
• Request that we correct inaccurate or incomplete information.
• Request that we delete your personal information.
• Object to or restrict our processing of your information.
• Receive a copy of your information in a portable format.
• Withdraw consent at any time where consent is the legal basis for processing.
• Lodge a complaint with your local data protection authority.

Rights under the CCPA / CPRA (California residents)

If you are a California resident, you have the right to:

• Know what categories of personal information we collect and how it is used.
• Request access to specific pieces of personal information we hold about you.
• Request deletion of personal information we hold about you, subject to legal exceptions.
• Request correction of inaccurate personal information.
• Opt out of the “sale” or “sharing” of personal information. We do not sell or share personal information as defined by the CCPA/CPRA.
• Not be discriminated against for exercising your privacy rights.

How to exercise your rights

Email hello@anssol.com with your request. We may need to verify your identity before fulfilling it. We will respond within the timeframe required by applicable law (typically 30–45 days).

10. International data transfers

Anssol is based in Pakistan, and several of our service providers (Google, Resend) operate globally. When you submit information through our site, it may be transferred to and processed in countries outside your country of residence, including Pakistan, the United States, and the European Union. Where required, we rely on appropriate safeguards such as standard contractual clauses to protect international transfers.

11. Security

We use industry-standard measures to protect personal information against unauthorised access, alteration, disclosure, or destruction. This includes HTTPS encryption in transit, access controls on our admin panel, and scoped service-account credentials for our database. No internet transmission is 100% secure, however, and we cannot guarantee absolute security.

12. Children's privacy

Anssol's site and services are not directed to children under 16, and we do not knowingly collect personal information from children. If you believe a child has provided us personal information, please contact us and we will delete it.

13. Changes to this policy

We may update this policy from time to time. When we make material changes, we will update the “Last updated” date at the top of this page and, where appropriate, notify you by email or a notice on the site.

14. Contact us

For privacy questions or to exercise any of the rights described above, contact:

Anssol
Email: hello@anssol.com
Address: Islamabad, Pakistan