Legal

Privacy Policy

Last updated: 10 March 2026

1. Who We Are

OpusDevs ("we", "us", "our") is a web development studio based in the United Kingdom. We operate at opusdevs.com and provide white-label and direct web development services.

For the purposes of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, we are the data controller for personal data collected through this website and in the course of our business.

Contact us regarding data matters at: opusdevs@proton.me

2. What Data We Collect

We may collect the following categories of personal data:

  • Contact information — name, email address, and any other details you include when sending us a brief or enquiry.
  • Project details — content, design references, brand guidelines, and other materials you share as part of a project brief.
  • Communication records — emails, messages, and meeting notes exchanged during a project or sales conversation.
  • Technical data — IP address, browser type, device type, referring URL, and pages visited, collected automatically when you browse this website.
  • Payment information — we do not store payment card details. Invoices are issued via secure third-party providers and all payment processing is handled externally.

3. How We Use Your Data

We use personal data for the following purposes:

Contract performance

To communicate with you, scope your project, deliver work, and manage our business relationship.

Legitimate interests

To improve our website, prevent fraud, protect our services, and conduct internal analytics.

Legal obligation

To comply with applicable UK laws, tax requirements, and regulatory obligations.

Consent

To send marketing communications where you have opted in. You may withdraw consent at any time.

4. Cookies

This website uses minimal cookies. Specifically:

  • Strictly necessary cookies — required for the website to function. These cannot be disabled.
  • Analytics cookies — used to understand how visitors interact with our site. These are only set with your consent.

We do not use advertising, tracking, or third-party social media cookies. You can manage cookies through your browser settings at any time.

5. Data Sharing & Third Parties

We do not sell, rent, or trade your personal data. We may share data with:

  • Service providers — such as email platforms, invoice tools, and project management software used to deliver our services. All are bound by data processing agreements.
  • Legal authorities — where required by law, court order, or to protect our legal rights.
  • Business transfers — if we are involved in a merger, acquisition, or asset sale, your data may be transferred under equivalent protections.

Where any third-party processor is located outside the UK, we ensure adequate safeguards are in place (such as the UK International Data Transfer Agreement or equivalent).

6. Data Retention

We retain personal data only for as long as necessary to fulfil the purpose for which it was collected:

  • Project records and correspondence — up to 6 years from project completion (in line with UK contract law limitation periods).
  • Financial records — 7 years as required by HMRC.
  • Marketing consent records — until consent is withdrawn.
  • Website analytics data — typically 26 months, then anonymised or deleted.

7. Your Rights Under UK GDPR

You have the following rights regarding your personal data:

  • Right of access — request a copy of the data we hold about you.
  • Right to rectification — ask us to correct inaccurate or incomplete data.
  • Right to erasure — request deletion of your data where there is no lawful basis to retain it.
  • Right to restrict processing — ask us to limit how we use your data.
  • Right to data portability — receive your data in a structured, machine-readable format.
  • Right to object — object to processing based on legitimate interests or direct marketing.
  • Rights related to automated decisions — we do not make solely automated decisions that have significant effects on you.

To exercise any of these rights, contact us at opusdevs@proton.me. We will respond within 30 days. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO).

8. Security

We take appropriate technical and organisational measures to protect your data against unauthorised access, loss, or disclosure. These include encrypted communications, access controls, and secure cloud storage. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

9. Children's Privacy

Our services are not directed at individuals under the age of 18. We do not knowingly collect personal data from minors. If you believe we have inadvertently collected such data, please contact us immediately so we can delete it.

10. Changes to This Policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top of this page will always reflect the most recent revision. Continued use of our website or services after changes are posted constitutes acceptance of the updated policy.

11. Contact

If you have any questions or concerns about this Privacy Policy or how we handle your data, please contact us:

Company: OpusDevs

Location: United Kingdom (Remote)

Email: opusdevs@proton.me

Response time: Within 4 hours (Mon–Fri)