Privacy Policy
Last updated: 4 July 2026
1. Information We Collect
When you contact us or use our services, we may collect: your name, email address, company name, and project details provided via the contact form or direct email.
When you purchase a product through our checkout (pay.octoarc.com), we additionally collect your order details and — only with your explicit opt-in — your email address for product updates.
We do not use tracking cookies, third-party analytics, or advertising pixels on this website.
2. Cookies & Local Storage
This website sets no cookies. The only browser storage we use is a single localStorage entry ('octoarc-theme') that remembers your light/dark theme choice — it never leaves your device, identifies nobody, and is classed as strictly necessary. Because we use no tracking or advertising cookies anywhere on octoarc.com or its subdomains, no cookie consent banner is required — and you won't find one here.
Our checkout at pay.octoarc.com likewise sets no cookies for buyers; payment pages are hosted by the payment provider you choose (Stripe, PayPal, PayHere), whose own cookie policies apply on their domains.
3. How We Use Your Information
Information you provide is used solely to respond to your enquiry, provide the services requested, deliver purchased licenses, and maintain communication about your project. Marketing emails are sent only to addresses that explicitly opted in, and every one carries a one-click unsubscribe link that takes effect immediately. We do not sell, share, or rent personal data to third parties.
4. Payment Data
If payment services are engaged through this domain, payment processing is handled by PCI-DSS-compliant third-party processors (e.g., Stripe, PayPal). Octoarc does not store, transmit, or process raw card data. All payment pages are served over HTTPS with valid TLS certificates. We comply with PCI-DSS SAQ-A requirements for redirect-based payment flows.
5. Data Security
This site is served exclusively over HTTPS (TLS 1.2+). We apply HTTP security headers including HSTS, Content-Security-Policy, X-Frame-Options, and X-Content-Type-Options. Access to any stored enquiry data is restricted to authorised personnel.
6. Data Retention
Enquiry data is retained for up to 24 months from the date of contact, or until the relevant project engagement concludes, whichever is later. You may request deletion at any time.
7. Your Rights
You have the right to access, rectify, or erase personal data we hold about you. To exercise these rights, email [email protected].
8. Third-Party Links
Our site may link to external services (GitHub, LinkedIn). We are not responsible for the privacy practices of those sites.
9. Changes to This Policy
We may update this policy periodically. The date at the top of this page indicates the most recent revision.
10. Contact
For any privacy-related questions: [email protected]