Scope
This Privacy Policy explains how Driftlab collects, uses, stores, and protects personal data when you visit this website, contact us, request a website, buy or inquire about a web property, or work with us.
We aim to handle personal data in line with Kosovo Law No. 06/L-082 on Protection of Personal Data, which is aligned with core GDPR principles such as lawfulness, fairness, transparency, purpose limitation, data minimisation, accuracy, storage limitation, integrity, confidentiality, and accountability.
Who Controls Your Data
Driftlab is the controller for personal data collected through this website and direct business communications, unless a separate written agreement says otherwise.
Contact: rronsurdulli1@outlook.com
Data We Collect
- Contact details such as your name, email address, phone number, business name, and social or website links.
- Project information such as website goals, brand materials, content, budget, timeline, feedback, and files you send us.
- Transaction and contract information such as invoices, agreed scope, payment status, and delivery records.
- Technical information such as IP address, browser type, device information, pages visited, referral URL, and basic server logs.
- Client website data when needed to build, host, migrate, maintain, or sell a website or web property.
Why We Use Data
- To reply to messages and project inquiries.
- To prepare proposals, quotes, invoices, contracts, and project plans.
- To design, build, launch, maintain, transfer, or sell websites and web properties.
- To provide customer support and keep project records.
- To protect the security and reliability of this website and our services.
- To comply with legal, tax, accounting, and dispute-resolution obligations.
Legal Bases
Depending on the situation, we process personal data because it is necessary to take steps before a contract, perform a contract, comply with a legal obligation, pursue legitimate business interests, protect rights and security, or because you gave consent.
Sharing Data
We may share data with service providers that help us run the website and business, such as hosting providers, domain registrars, email providers, analytics tools, payment providers, accountants, legal advisers, or project tools. We may also share data where required by law, to protect rights, or as part of the sale or transfer of a website, digital property, or business asset.
International Transfers
Some service providers may process data outside Kosovo. Where this happens, we try to use reputable providers and appropriate safeguards consistent with applicable data protection requirements.
Retention
We keep personal data only as long as reasonably needed for the purposes described here, including project delivery, legal records, accounting, security, and dispute handling. Contact inquiries that do not become projects may be deleted sooner.
Your Rights
Subject to applicable law, you may have the right to request access to your personal data, correction, deletion, restriction, objection, portability, and withdrawal of consent where processing is based on consent. You may also have the right to complain to Kosovo's Information and Privacy Agency.
To exercise rights, contact rronsurdulli1@outlook.com.
Security
We use reasonable technical and organisational measures to protect personal data. No website, email, or internet transmission is completely secure, so you should avoid sending highly sensitive information unless necessary and agreed.
Children
Our services are intended for businesses and adults. We do not knowingly collect personal data from children.
Changes
We may update this Privacy Policy when our services, tools, or legal obligations change. The latest version will be posted on this page.