Kurdish (soon)

Privacy Policy

HomePrivacy Policy

Privacy Policy for Developer.KRD

Effective Date: July 25, 2025

1. Introduction

Developer.KRD ("we", "us") respects your privacy. This policy explains how we collect, use, and protect personal data when you use our services (email hosting, development services, VPS/hosting). By using developer.krd, you consent to these practices.

2. Data We Collect

2.1 Information You Provide

  • Account Data: Name, email, phone number, billing address
  • Service Data: Email content (for email hosting), project requirements (for development services)
  • Payment Data: Credit card details (processed through secure gateways)

2.2 Automatic Collection

  • Usage Data: IP address, browser type, pages visited
  • Technical Data: Server logs, error reports, performance metrics
  • Cookies: Session cookies, authentication tokens (manage via cookie banner)

3. How We Use Your Data

Purpose Legal Basis
Provide services (email hosting, VPS, development) Contractual necessity
Process payments and prevent fraud Legal obligation
Technical support and troubleshooting Legitimate interest
Service improvements and new features Legitimate interest
Security monitoring and incident response Legal obligation

4. Data Storage & Security

4.1 Storage Locations

  • Primary: Erbil, Iraq (Kurdistan Region)
  • Backups: Frankfurt, Germany (EU-compliant)
  • Email Routing: Global points-of-presence

4.2 Security Measures

  • End-to-end encryption for email transmission
  • AES-256 encryption for data at rest
  • Regular penetration testing
  • Two-factor authentication (2FA) enforcement for admin access
  • Kurdish Data Protection Officer oversight

5. Data Sharing & Disclosure

We do not sell your data. Limited sharing occurs with:

  • Payment Processors: Stripe, ZainCash (Iraqi payments)
  • Infrastructure Partners: Server providers in Germany/UK/US
  • Legal Requirements: When required by Kurdish or international law

All third-parties sign GDPR/Kurdish data protection agreements.

6. Your Rights (Kurdish & EU Users)

Access

Request copies of your data

Rectification

Correct inaccurate information

Erasure

Delete your data ("Right to be Forgotten")

Portability

Receive data in machine-readable format

Restriction

Limit processing in certain circumstances

Objection

Opt-out of marketing or profiling

Exercise rights by emailing: [email protected]

7. Data Retention

  • Active Accounts: Until deletion request
  • Billing Records: 7 years (Kurdish tax law requirement)
  • Backups: 90 days before permanent deletion
  • Inactive Accounts: Deleted after 18 months of inactivity

8. International Transfers

Data may transit through:

🇮🇶 Erbil 🇩🇪 Frankfurt 🇬🇧 London 🇺🇸 New York

All transfers use:

  • EU Standard Contractual Clauses
  • Kurdistan Region Data Protection Standards
  • Encryption in transit (TLS 1.3+)

9. Children's Privacy

We do not knowingly collect data from children under 16. Kurdish users under 16 must have parental consent.

10. Changes to This Policy

We will notify users of material changes via email 30 days before implementation. Continued use constitutes acceptance.

11. Contact Us

Data Protection Officer:
Sahand Sami
[email protected]
+964 750 881 35 35