Section 1
About this policy
This policy explains when and why we collect personal information, how we use and protect it, and your rights in relation to it.
We may update this notice from time to time. Material changes will be reflected by an updated effective date at the top of this page. We encourage you to review this notice periodically.
For GDPR purposes, Spectrum Future Tech acts as the controller of personal data described in this notice, except where we process data solely on behalf of a client under a data processing agreement.
Section 2
Who we are
Spectrum Future Tech (Spectrum Future Technology LLC and affiliated entities) provides custom software development, AI, cloud, and digital transformation services globally.
Corporate offices include locations in the United States, India (headquarters), Australia, Canada, and Saudi Arabia. We can be contacted at [email protected] or via the contact details in Section 14.
Section 3
What information we collect
In short
We collect information you provide voluntarily and certain data automatically when you use our Services.
Personal information you disclose to us may include names, email addresses, phone numbers, company names, job titles, messages, and files you attach when contacting us about projects or careers.
Information collected automatically may include IP address, browser type, device identifiers, operating system, referring URLs, pages viewed, time spent, and similar diagnostic data — primarily for security, operations, and analytics.
We use cookies and similar technologies as described in Section 5. We do not knowingly collect personal information from children under 18.
- Contact and appointment form submissions
- Email, phone, and chat correspondence
- Newsletter and marketing preferences
- Website usage logs and analytics events
- Cookie and device identifiers
Section 4
How we process your information
In short
We process data to provide services, communicate with you, improve our site, and meet legal obligations.
We process personal information for purposes including:
- Delivering and facilitating software development, AI, and consulting services
- Responding to inquiries, support requests, and appointment scheduling
- Sending service-related communications necessary to administer engagements
- Sending marketing communications where permitted — you may opt out anytime
- Understanding website usage to improve content, performance, and security
- Detecting fraud, abuse, and unauthorized access
- Complying with legal, tax, and regulatory obligations
Section 5
Legal bases for processing (EEA & UK)
In short
We process personal data only when we have a valid legal reason under applicable law.
If you are in the European Economic Area or United Kingdom, we rely on:
- Consent — where you have given clear permission (e.g. marketing emails)
- Contract — to perform or enter into a contract with you
- Legitimate interests — to operate and improve our business, where not overridden by your rights
- Legal obligation — to comply with applicable laws and lawful requests
- Vital interests — in rare cases to protect someone's safety
Canada
We may process information with express or implied consent, or without consent where permitted by Canadian privacy law — for example fraud prevention, legal compliance, or emergencies.
Section 8
International data transfers
In short
Your data may be processed in countries where we and our providers operate.
Our operations and service providers may process data in the United States, India, Australia, Canada, Saudi Arabia, the United Arab Emirates, and other countries.
Where transfers from the EEA or UK occur, we implement appropriate safeguards such as Standard Contractual Clauses or equivalent mechanisms. Details are available on request at [email protected].
Section 9
How long we keep information
In short
We retain data only as long as needed for the purposes in this notice, unless law requires longer.
Retention depends on the type of data and our relationship with you. Inquiry and marketing data is typically retained for up to two years after last contact unless a longer period is required for contracts, disputes, or compliance.
When retention is no longer necessary, we delete or anonymize data. Backup copies may persist for a limited period before automatic purging.
Section 10
Security of your information
In short
We apply technical and organizational measures aligned with ISO 27001 practices.
We implement measures including encrypted communication (TLS), access controls and role-based permissions, secure development practices, monitoring, and staff training.
No method of transmission or storage is completely secure. You use our Services at your own risk and should access them in a secure environment.
- TLS encryption for data in transit
- Access controls and least-privilege principles
- Security monitoring and incident response procedures
- Physical and logical access protections for systems holding personal data
- Alignment with ISO 27001:2022 information security management
Data breach notification
If a breach is likely to result in high risk to your rights, we will notify affected individuals and relevant authorities without undue delay, as required by applicable law — including the nature of the breach, likely consequences, and measures taken.
Section 11
Information from minors
In short
Our Services are not directed to children under 18.
We do not knowingly collect personal information from children under 18. If you believe we have collected such data, contact [email protected] and we will take steps to delete it.
Section 12
Your privacy rights
In short
You may have rights to access, correct, delete, restrict, or object to processing.
Depending on your location, rights may include access to your data, correction of inaccuracies, deletion, restriction of processing, data portability, and objection to certain processing — including direct marketing.
EEA and UK residents may lodge a complaint with their local supervisory authority. We will respond to verified requests within applicable legal timeframes.
- Withdraw consent where processing is consent-based
- Opt out of marketing emails via unsubscribe links or by contacting us
- Request access to personal information we hold about you
- Request correction or deletion subject to legal exceptions
Section 13
California residents (CCPA / CPRA)
In short
California residents have additional rights regarding personal information.
Under the California Consumer Privacy Act as amended, residents may request to know categories of personal information collected, sources, purposes, and third parties with whom information is shared; request deletion; and opt out of "sale" or "sharing" — though Spectrum does not sell personal information.
We will not discriminate against you for exercising privacy rights. Authorized agents may submit requests with valid proof of authorization.
To exercise rights, email [email protected] with "California Privacy Request" in the subject line.
Section 14
Third-party websites
Our website may link to third-party sites. We are not responsible for their privacy practices. Review their policies before providing personal information.
Section 15
Contact us
For questions, rights requests, or complaints about this notice, contact:
- Email: [email protected]
- Subject line: "Privacy Request" for data subject requests
- India (HQ): LALS Enclave, Mehdipatnam, Hyderabad - 500028, India · +91 707 505 4555
- USA: Spectrum Future Technology LLC, 4747 W Pendleton, Peoria, IL 61615 · +1 312 219 3929
Review, update, or delete your data
Email [email protected] describing your request. We may verify your identity before fulfilling access, correction, or deletion requests to protect your information from unauthorized disclosure.
Questions about your data?
Email us to exercise privacy rights, ask about this notice, or report a concern. We respond within timelines required by applicable law.
[email protected]