Effective Date: 1 January 2026

NexGen Devs (Pvt) Ltd respects your privacy and is committed to protecting the personal data you share with us. This Privacy Policy explains how we collect, use, store, process, disclose, and safeguard your information when you interact with our website, contact forms, website audit forms, project onboarding forms, APIs, services, and digital platforms.

By using our website or submitting information through our forms, onboarding systems, or service request channels, you agree to the practices described in this Privacy Policy.

1.

Information We Collect

We may collect the following types of information:

a) Personal Information

This may include: Full name, email address, phone number, company or organization name, job title or role, business location or country, and any information voluntarily submitted through contact forms, website audit forms, project onboarding forms, service inquiry forms, contracts, emails, WhatsApp messages, or other communication channels.

b) Website Audit Information

When you request a website audit, we may collect information such as: Website URL, business name, industry or business category, current website issues or requirements, SEO, performance, design, speed, mobile responsiveness, security, and user experience details, publicly accessible website data required to prepare the audit, and notes, recommendations, and reports generated from the audit process.

We do not intentionally collect private login credentials for website audits unless they are specifically required for a paid service and shared by the client through an approved secure method.

c) Project Onboarding Information

When starting a project with NexGen Devs, we may collect: Project requirements and specifications, brand details, logos, colors, content, documents, images, and files, website, hosting, domain, CMS, or platform details, login credentials or access permissions required to complete the project, business process information required for software, automation, SEO, or web development work, and client feedback, approvals, revisions, and project communication records.

d) API and System Submission Data

Our website and internal systems may use APIs to collect, send, store, and process form submissions and project-related information. This may include: Contact form submissions, website audit request submissions, project onboarding form submissions, lead information, support requests, uploaded files or project materials, and technical metadata related to the submission, such as submission time, IP address, browser type, and device information.

API-based data collection is used only for legitimate business purposes such as responding to inquiries, managing projects, preparing audits, and improving our services.

e) Technical and Usage Information

We may automatically collect technical information such as: IP address, browser type and version, device type, operating system, pages visited, referral source, interaction data, session duration, cookies and tracking data, and website performance and analytics information.

2.

How We Use Your Information

We use your information for the following purposes:

  • To respond to inquiries submitted through our website, contact forms, audit forms, or other communication channels
  • To provide website audits, project consultations, proposals, quotations, and recommendations
  • To onboard clients and manage web development, software development, SEO, design, automation, and digital service projects
  • To develop, deliver, maintain, and improve websites, software, APIs, dashboards, databases, and related solutions
  • To communicate regarding projects, updates, invoices, payments, revisions, approvals, and support
  • To store and manage client information in our internal systems, CRM, project management tools, or databases
  • To improve our website performance, user experience, security, and service quality
  • To send marketing or promotional communications only where consent has been given or where legally permitted
  • To comply with legal, accounting, contractual, and regulatory obligations
  • To prevent fraud, misuse, unauthorized access, or security risks

We do not process personal data for purposes that are incompatible with the purposes listed above.

3.

Where applicable, including for individuals located in the European Economic Area, United Kingdom, or other regions with data protection laws, we process personal data under one or more of the following lawful bases:

a) Consent

When you voluntarily submit information through a form, subscribe to communication, request an audit, or opt in to marketing communication.

b) Contractual Necessity

When processing is necessary to provide services, prepare proposals, complete project onboarding, deliver contracted work, or communicate about an active project.

c) Legal Obligation

When we are required to process or retain information for tax, accounting, regulatory, legal, or compliance purposes.

d) Legitimate Interests

When processing is necessary for normal business operations, service improvement, website security, fraud prevention, project management, client communication, lead handling, and internal administration, provided your rights and freedoms are not overridden.

4.

Website Audit and Project Onboarding Forms

NexGen Devs may provide website audit forms, project onboarding forms, consultation forms, or service request forms through our website or third-party platforms.

Information submitted through these forms may be used to:

  • Analyze your website or business requirements
  • Prepare audit reports or service recommendations
  • Contact you regarding your request
  • Create proposals, quotations, or project plans
  • Start and manage client onboarding
  • Assign work internally to relevant team members
  • Store project information for future communication and support

You are responsible for ensuring that any information, files, or credentials you submit are accurate and that you have the authority to share them with us.

5.

APIs, Databases, and Internal Systems

We may use APIs, databases, automation tools, CRM systems, email tools, analytics platforms, and project management tools to collect, transfer, store, and process information submitted through our website and service channels.

These systems may be used for:

  • Form submission handling
  • Lead management
  • Website audit processing
  • Project onboarding
  • Client communication
  • Support management
  • Internal reporting
  • Service improvement

We take reasonable measures to protect data transmitted through APIs and stored in our systems. Access to such data is limited to authorized personnel who need it for business or service delivery purposes.

6.

Sharing of Information

We do not sell, trade, or rent personal data.

We may share information only in the following situations:

  • With trusted third-party service providers involved in service delivery, such as hosting providers, cloud platforms, email services, payment processors, analytics tools, automation tools, CRM systems, or project management platforms
  • With internal team members, contractors, or technical partners who are required to work on your project
  • When required by law, court order, government authority, or regulatory body
  • To protect the rights, security, property, or legal interests of NexGen Devs, our clients, or others
  • In connection with a business restructuring, merger, acquisition, investment, or sale of business assets

All third parties who process personal data on our behalf are expected to protect your information and use it only for the purposes we authorize.

7.

International Data Transfers

Some service providers, hosting platforms, analytics tools, cloud systems, or communication tools we use may store or process data outside Sri Lanka.

Where personal data is transferred outside Sri Lanka, the EEA, or your country of residence, we take reasonable steps to ensure appropriate safeguards are in place, including contractual protections and security measures consistent with applicable data protection requirements.

8.

Cookies and Tracking Technologies

We use essential browser storage and similar technologies to keep the website working properly and remember user choices, such as whether the cookie notice has been accepted.

We also use Netlify Web Analytics to understand aggregate website traffic and performance from server-side request logs. Our website does not use Google Analytics or advertising cookies.

These technologies help us:

  • Improve website functionality
  • Remember user preferences
  • Monitor website performance and security
  • Understand how visitors interact with our website

You may disable cookies through your browser settings. However, some website features may not function correctly without cookies.

If we add advertising pixels, third-party analytics, or other non-essential tracking technologies in the future, we will update this policy and the website notice before using them.

9.

Data Security

We implement reasonable technical and organizational measures to protect personal data against:

  • Unauthorized access
  • Accidental loss
  • Misuse
  • Alteration
  • Disclosure
  • Destruction

These measures may include access controls, secure storage, limited internal access, password protection, encrypted services where available, and confidentiality obligations for authorized personnel.

However, no online transmission, API, database, or storage system can be guaranteed to be 100% secure. You share information with us at your own reasonable risk.

10.

Client Credentials and Project Access

For certain services, clients may need to share access to websites, hosting accounts, domains, CMS platforms, databases, APIs, social platforms, or third-party tools.

Where such access is required:

  • We will use credentials only for the agreed project or support purpose
  • Access will be limited to authorized team members
  • We recommend clients use temporary access, role-based access, or limited permissions where possible
  • Clients should change or revoke access after project completion if required

NexGen Devs is not responsible for issues caused by incorrect credentials, third-party platform failures, or access changes made outside our control.

11.

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes described in this Privacy Policy.

This may include retaining data for:

  • Responding to inquiries
  • Preparing website audits
  • Managing project onboarding
  • Delivering active services
  • Providing support and maintenance
  • Maintaining business, accounting, legal, and tax records
  • Resolving disputes or enforcing agreements

When data is no longer required, we will take reasonable steps to securely delete, anonymize, or archive it.

12.

Your Rights

Depending on your location and applicable data protection laws, you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate or incomplete data
  • Request deletion of your personal data
  • Restrict or object to certain processing activities
  • Withdraw consent at any time where processing is based on consent
  • Request data portability, where applicable
  • Lodge a complaint with a relevant data protection authority

To exercise your rights, contact us using the details provided below.

We may need to verify your identity before responding to certain requests.

13.

Our website may contain links to third-party websites, tools, platforms, or services.

NexGen Devs is not responsible for the content, privacy policies, security practices, or data handling methods of third-party websites or platforms. We encourage you to review their privacy policies before submitting information to them.

14.

Children’s Privacy

Our services are not intended for individuals under the age of 13.

We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child without appropriate consent, we will take reasonable steps to delete such information promptly.

15.

Marketing Communications

Where permitted by law, we may use your contact details to send updates, offers, service information, or marketing communications related to NexGen Devs.

You may opt out of marketing communications at any time by contacting us or using the unsubscribe method provided in the communication, where available.

Even if you opt out of marketing messages, we may still send necessary service-related communications regarding active projects, invoices, support, or legal matters.

16.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our services, systems, legal requirements, or business operations.

Any changes will be posted on this page with an updated effective date. Continued use of our website or services after updates are posted means you accept the revised Privacy Policy.

17.

Contact Information

For questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact:

NexGen Devs (Pvt) Ltd
Sri Lanka

Email: nexgenkrf@gmail.com
Phone: +94 789 534 422 | +94 721 900 633

logo