Privacy Policy

360SOFTY operates through 360SOFTY LTD in the United Kingdom and 360SOFTY PVT LTD in Sri Lanka.

We provide software development, SaaS product development, web and mobile applications, AI automation, cloud, DevOps, and technology consulting services.

We may collect the following information:

• name;
• email address;
• phone number;
• company name;
• job title;
• country or location;
• project details submitted through forms;
• messages, enquiries, or consultation requests;
• billing and business information for clients;
• website usage data;
• IP address, browser type, device information, pages visited, referral source, and interaction data;
• any files, documents, or content you voluntarily provide to us.

We collect information when you:

• visit our website;
• submit a contact form;
• request a consultation;
• email or call us;
• communicate with us through social media or messaging platforms;
• become a client;
• use our project, support, or collaboration tools;
• interact with our blog, forms, or online content.

We may also collect technical data through cookies, analytics tools, security tools, and server logs.

We use your information to:

• respond to enquiries;
• arrange consultations;
• prepare proposals, quotations, and project plans;
• provide software development and support services;
• manage client relationships;
• process invoices and payments;
• improve our website and services;
• monitor website performance and security;
• prevent spam, abuse, fraud, and unauthorised access;
• send relevant business communications where permitted;
• comply with legal, tax, accounting, and regulatory obligations.

Where applicable, we process personal information based on:

• your consent;
• performance of a contract;
• steps taken before entering into a contract;
• legitimate business interests;
• legal obligations.

Our legitimate interests include responding to enquiries, improving services, securing our website, managing client relationships, and marketing relevant business services.

Our website may use cookies and similar technologies to:

• remember preferences;
• improve website performance;
• understand visitor behaviour;
• analyse traffic;
• protect the website from abuse;
• improve marketing and content.

You can control or disable cookies through your browser settings.

Some parts of the website may not work correctly if cookies are disabled.

When you submit a contact form or consultation request, we use the information provided to respond to your enquiry.

We may keep enquiry records for future communication, service improvement, legal protection, and business administration.

We may send business-related updates, service information, or marketing emails if you have consented or where permitted by law.

You can opt out of marketing communications at any time by contacting us or using the unsubscribe option where available.

We do not sell your personal information.

We may share information with trusted third parties where necessary, including:

• hosting providers;
• email service providers;
• analytics providers;
• payment processors;
• cloud infrastructure providers;
• project management and communication tools;
• legal, accounting, or professional advisers;
• regulators or authorities where required by law.

Third parties are only given information needed to perform their role.

Because 360SOFTY operates internationally, your information may be processed in the United Kingdom, Sri Lanka, or other countries where our service providers operate.

Where required, we take reasonable steps to protect personal information during international transfers.

We use reasonable technical and organisational measures to protect personal information against unauthorised access, loss, misuse, alteration, or disclosure.

These may include access controls, secure hosting, encryption where appropriate, firewalls, monitoring, backups, and restricted internal access.

However, no internet-based system is completely secure, and we cannot guarantee absolute security.

We keep personal information only for as long as necessary for the purposes described in this Policy.

Retention periods may depend on:

• the type of information;
• the reason it was collected;
• legal and tax obligations;
• contract requirements;
• dispute resolution;
• security and fraud prevention;
• ongoing client relationships.

When information is no longer needed, we delete, anonymise, or securely archive it.

Depending on your location and applicable law, you may have rights to:

• access your personal information;
• correct inaccurate information;
• request deletion;
• restrict processing;
• object to processing;
• withdraw consent;
• request a copy of your data;
• complain to a data protection authority.

To exercise your rights, contact us using the details below.

During software development or support work, clients may provide business data, user data, credentials, documents, databases, APIs, or system access.

We handle such information only for the purpose of delivering agreed services.

Clients remain responsible for ensuring they have the legal right to provide such data to us and for informing their own users where required.

Our business website is not intended for children.

We do not knowingly collect personal information from children through this website.

If you believe a child has provided us with personal information, contact us and we will take appropriate steps to remove it.

Our website may link to third-party websites, tools, or platforms.

We are not responsible for the privacy practices, content, or security of those third parties.

We may update this Privacy Policy from time to time.

The latest version will be published on this website with a revised “Last updated” date.