Eunoiana Software Development

Published privacy control

Personal Data Protection Policy

Eunoiana Dev maintains an internal personal data protection policy for handling personal data in company operations and client project work. The policy is reviewed and updated as tools, client requirements, business operations or legal obligations change.

Owner: Eunoiana Dev Effective date: 18 April 2026 Review cycle: Regularly and when requirements change

Policy Statement

Eunoiana Dev protects personal data by limiting use to authorised business and project purposes, restricting access, minimising unnecessary collection or copying, storing information in approved systems and handling client information confidentially.

This policy applies to personal data handled through client projects, enquiry forms, support activity, project communications, CRM or operational tools, analytics, documentation and approved third-party services.

Limited and Lawful Use

Personal data is used only for legitimate business, client project, support, operational or compliance purposes. Eunoiana Dev avoids using personal data in ways that are unrelated to the agreed purpose.

Data Minimisation

Eunoiana Dev aims to collect, copy, export and retain only the personal data needed for the relevant project or business purpose. Test and development work should avoid unnecessary use of live personal data where practical.

Access Restrictions

Access to personal data is limited to authorised users and legitimate purposes. Least-privilege access controls are applied so users, accounts and services have only the access needed to perform authorised work.

Secure Storage

Personal data is stored in approved systems, reputable cloud platforms or managed services appropriate to the project. Sensitive stored data is protected using provider-supported security controls, including encryption at rest where available.

Secure Transfer

Personal data should be transferred through approved systems and protected channels. Public web applications and cloud services are expected to use HTTPS/TLS in production where applicable.

Approved Sharing

Personal data is shared only with authorised recipients or third-party services required for delivery, support, hosting, communication, analytics, operations or legal compliance. Unapproved public links and casual file sharing are avoided.

Retention and Disposal

Personal data is retained only for as long as needed for the relevant project, business purpose, support need or legal obligation. Unneeded exports, temporary files and obsolete project materials are removed where practical.

Incident Handling

Suspected personal data incidents are handled through Eunoiana Dev's incident response process, including triage, containment, investigation, client communication where applicable, remediation and post-incident review.

Regular Review and Updates

This personal data protection policy is reviewed and updated as business operations, client requirements, technology choices, third-party services or legal obligations change.

Questions about this policy can be sent to hello@eunoiana.com.