Back to home

Privacy Policy

Last updated: May 12, 2026

This Privacy Policy explains how SDETLab ("we", "us", or "our") collects, uses, stores, and shares information when you visit sdetlab.com and related subdomains (the "Site"), subscribe to our newsletter, use our tools or integrations, or otherwise interact with our services (collectively, the "Services"). We aim to meet the expectations of a global audience and to respect applicable privacy laws, including—where they apply—the EU/UK General Data Protection Regulation ("GDPR"), the California Consumer Privacy Act as amended by the California Privacy Rights Act ("CCPA/CPRA"), and similar laws in other regions.

We are not your lawyer. This document is for transparency. If you need advice about your specific legal obligations, consult qualified counsel.

1. Who is responsible for your information?

The data controller for personal information processed through the Services is the operator of SDETLab. For privacy-related requests, contact us via our Contact page. We will respond within a reasonable time and, where required by law, within statutory deadlines.

2. Scope and acceptance

By using the Services, you acknowledge this Policy. If you do not agree, please discontinue use of the Site and Services. This Policy applies to information collected online through the Services; it does not apply to third-party websites, applications, or services that we do not control.

3. Information we collect

Depending on how you use the Services, we may collect:

3.1 Information you provide voluntarily

  • Contact and account data: Such as name, email address, and message content when you use forms, authenticate (e.g. through our authentication provider), or communicate with us.
  • Newsletter: Email address and related preferences when you subscribe.
  • User-generated content: For example, comments or other text you submit where such features are available.
  • AI or tool inputs: Text or files you submit to interactive tools on the Site. Do not submit passwords, secrets, regulated health data, or other highly sensitive categories unless a feature explicitly requires it and you choose to provide them.

3.2 Information collected automatically

  • Device and usage data: Such as IP address, browser type, operating system, approximate location derived from IP, pages viewed, referring/exit pages, and timestamps.
  • Cookies and similar technologies: See Section 6.

3.3 Information from third parties

We may receive limited information from analytics providers, authentication platforms, payment processors, hosting providers, or content platforms integrated with the Site (for example, to display or manage content). Such providers process data under their own policies and, where we act as controller, we describe our use below.

4. Legal bases for processing (EEA, UK, Switzerland, and similar)

Where GDPR or comparable laws apply, we rely on one or more of the following legal bases:

  • Contract: Processing necessary to provide the Services you request (e.g. account or newsletter).
  • Legitimate interests: For example, securing the Site, analyzing aggregated usage, improving content, and preventing abuse—balanced against your rights.
  • Consent: Where required for specific cookies or marketing communications, or where you opt in.
  • Legal obligation: Where we must comply with applicable law.

5. How we use information

We use personal information to:

  • Operate, maintain, and improve the Site and tools;
  • Send newsletters or transactional messages (subject to your choices);
  • Respond to inquiries and provide support;
  • Analyze usage trends in an aggregated or de-identified form where possible;
  • Detect, investigate, and prevent fraud, abuse, and security incidents;
  • Comply with law, regulation, or lawful requests; and
  • Enforce our Terms and protect our rights and those of our users.

We do not sell your personal information as "sale" is defined under the CCPA/CPRA.

6. Cookies and similar technologies

We use cookies, local storage, pixels, and similar technologies for essential functionality, preferences, analytics, and—only if configured—measurement. You can control cookies through your browser settings. Blocking certain cookies may limit some Site features.

7. Analytics and third-party services

We may use third-party services that process data on our behalf ("processors") or that collect data under their own terms when you interact with their scripts. Depending on configuration, these may include:

  • Hosting and infrastructure (e.g. Vercel or comparable edge/hosting providers);
  • Analytics—for example Google Analytics (with settings such as IP anonymization where enabled), Microsoft Clarity, and/or PostHog—to understand traffic and product usage;
  • Content management (e.g. Sanity or similar) for editorial content;
  • Authentication (e.g. Supabase or similar) when you create or use an account;
  • Payments (e.g. Razorpay or other providers) when you purchase paid offerings;
  • Email delivery for newsletters and transactional mail.

Each provider's privacy policy governs their collection and use of data they process as a separate controller or subprocessors. We encourage you to review those policies.

8. International transfers

We may process and store information in India, the United States, the European Economic Area, the United Kingdom, or other countries where we or our service providers operate. If we transfer personal data from the EEA, UK, or Switzerland to countries not deemed adequate by the relevant authority, we will use appropriate safeguards where required (such as Standard Contractual Clauses) unless an exception applies.

9. Retention

We retain personal information only as long as necessary for the purposes described in this Policy, unless a longer period is required or permitted by law. Criteria include the nature of the data, legal obligations, dispute resolution, and legitimate business needs (e.g. security logs). When data is no longer needed, we delete or anonymize it where feasible.

10. Security

We implement reasonable technical and organizational measures designed to protect personal information. However, no method of transmission or storage is completely secure; you use the Services at your own risk.

11. Your privacy rights

Depending on your location, you may have rights to access, rectify, erase, restrict, or object to certain processing, data portability, withdrawal of consent where processing is consent-based, and the right to lodge a complaint with a supervisory authority.

11.1 European Economic Area, United Kingdom, Switzerland

You may exercise GDPR-related rights by contacting us through the Contact page. You may also complain to your local data protection authority.

11.2 California and other U.S. state privacy laws

California residents may have the right to know, delete, and correct personal information, and to limit use of sensitive personal information where applicable. We do not sell personal information or share it for cross-context behavioral advertising as those terms are defined under the CCPA/CPRA without appropriate choice mechanisms. To submit a request, use our Contact page. We will verify your request as required by law. You may designate an authorized agent where permitted.

11.3 Other regions

If applicable law grants you additional rights (for example in Brazil, Canada, or Asia-Pacific jurisdictions), you may contact us and we will respond consistent with applicable law.

12. Children's privacy

The Services are not directed to children under 16 (or the minimum age required in your jurisdiction). We do not knowingly collect personal information from children. If you believe we have collected such information, please contact us so we can delete it.

13. Automated decision-making

We do not use automated decision-making that produces legal or similarly significant effects solely based on automated processing of your personal data. AI-assisted features on the Site may generate suggestions; human review and your judgment remain essential.

14. Changes to this Policy

We may update this Policy from time to time. The "Last updated" date at the top will change when we publish a revision. Material changes may be announced via the Site or email where appropriate. Continued use after changes become effective constitutes acceptance of the updated Policy, to the extent permitted by law.

15. Contact

For privacy questions or requests, contact us through the Contact page.