Legal

Privacy Policy

Last updated: June 24, 2026. Effective date: June 24, 2026.

This Privacy Policy explains how DilyaSoft collects, uses, stores and protects personal data when you visit our website, submit a contact form, request a technical assessment, book a call, communicate with us, or use our website.

For the purposes of this Privacy Policy, "DilyaSoft", "we", "us" or "our" means:

Legal entity
Limited Liability Partnership "DilyaSoft"
Registration / BIN
240140015614
Registered address
Kazakhstan, Almaty, Almaly District, Bogenbay Batyr Street, 241, postal code 050026

If you are located in the European Economic Area, the United Kingdom or Switzerland, DilyaSoft acts as the data controller for the personal data described in this Privacy Policy.

1. Scope of this Privacy Policy

This Privacy Policy applies to:

  • our website at https://dilyasoft.pro;
  • contact forms and project inquiry forms;
  • technical assessment requests;
  • business communications by email, calendar tools, messengers or professional platforms;
  • website security, spam protection and email delivery related to submitted forms;
  • analytics and performance monitoring, where enabled.

This Privacy Policy does not apply to third-party websites, platforms or services that we do not control, such as LinkedIn, Upwork, calendar booking tools, hosting providers, Cloudflare, Resend or other third-party services. Those services are governed by their own privacy policies.

2. Personal Data We Collect

We may collect the following categories of personal data.

2.1. Data you provide through the contact form

When you submit a form on our website, we may collect:

  • name;
  • email address;
  • company name;
  • project type;
  • budget range;
  • message or project description;
  • any other information you choose to include in your message.

Please do not submit confidential source code, passwords, production credentials, sensitive personal data, health data, government ID numbers, payment card data or regulated client data through our public website forms.

2.2. Data you provide during business communication

When you communicate with us by email, call, calendar booking, messenger or professional platform, we may collect:

  • name;
  • business email address;
  • phone number, if provided;
  • company name;
  • job title or role;
  • country or region;
  • project requirements;
  • technical environment information;
  • files or documents you choose to share;
  • communication history.

2.3. Technical and website data

When you visit or use our website, we may automatically process limited technical data, such as:

  • IP address;
  • browser type and version;
  • device type;
  • operating system;
  • pages visited;
  • referring website;
  • approximate location based on IP address;
  • date and time of visit;
  • security and anti-spam signals;
  • cookie or similar technology identifiers, where applicable.

3. How We Use Personal Data

We use personal data for the following purposes:

  • to receive and review your inquiry;
  • to respond to your message;
  • to schedule and conduct calls;
  • to understand your project type, budget range and technical needs;
  • to prepare proposals, estimates, assessments or statements of work;
  • to provide software development, modernization, consulting and support services;
  • to manage client relationships and business communications;
  • to protect our website from spam, bots, abuse and security threats;
  • to deliver form submissions and email notifications through service providers;
  • to improve our website, content, user experience and services;
  • to comply with legal, accounting, tax, contractual or regulatory obligations;
  • to establish, exercise or defend legal claims.

We do not use personal data submitted through our website forms for automated decision-making that produces legal or similarly significant effects.

4. Legal Bases for Processing under GDPR

If GDPR applies to you, we process personal data under one or more of the following legal bases.

4.1. Pre-contractual steps and contract performance

We process your name, email address, company, project type, budget range and message to respond to your inquiry, evaluate a potential project, prepare a proposal, discuss terms or provide services.

4.2. Legitimate interests

We may process personal data for our legitimate business interests, including:

  • responding to business inquiries;
  • managing B2B communications;
  • improving our website and services;
  • protecting the website from spam, bots, abuse and security threats;
  • maintaining records of business communication;
  • establishing, exercising or defending legal claims.

4.3. Consent

We may rely on consent where required by law, including for:

  • submitting personal data through our website form, where consent is required;
  • non-essential cookies or analytics, where enabled;
  • marketing communications, if you separately opt in;
  • processing activities where applicable law requires consent.

You may withdraw consent at any time. Withdrawal of consent does not affect processing that occurred before withdrawal.

4.4. Legal obligation

We may process personal data where required to comply with legal, tax, accounting, regulatory or dispute-resolution obligations.

5. Is Providing Personal Data Required?

Providing personal data through our contact form is voluntary. However, if you do not provide your name, email address and message, we may not be able to respond to your inquiry.

Providing company name, project type and budget range helps us understand the context of your request and respond more accurately.

6. Cookies, Security Tools and Analytics

Our website may use cookies and similar technologies to:

  • make the website work properly;
  • protect forms from spam and automated abuse;
  • understand website traffic and performance;
  • improve content and user experience;
  • remember user preferences, where applicable.

We use Cloudflare Turnstile for bot protection. We may also use analytics or infrastructure tools such as Google Analytics, Cloudflare Analytics or similar tools. Google Analytics is not currently enabled on the website, but may be enabled in the future.

Our website uses locally hosted web fonts served from our own website infrastructure.

Where required by law, non-essential cookies or analytics will only be used with your consent.

You can usually control cookies through your browser settings. Disabling some cookies may affect website functionality.

7. Website Hosting, Form Delivery and Storage

Our website is hosted on servers located in Germany. The website is a static marketing website and does not currently store contact form submissions in a website database.

When you submit a contact form, the information you provide is transmitted through our website infrastructure and delivered to DilyaSoft by email using Resend as an email delivery provider.

This means that your form submission may be processed by:

  • our website hosting provider, for website operation and server-level technical processing;
  • Cloudflare Turnstile, for bot protection and abuse prevention;
  • Resend, for email delivery and related delivery metadata;
  • our business email systems, where the submitted inquiry is received and stored;
  • authorized DilyaSoft team members who review and respond to inquiries.

Depending on the configuration of these providers, your personal data may be processed or stored in countries other than Kazakhstan, including Germany, the European Union, the United States or other jurisdictions where our providers, infrastructure or email systems operate.

We do not operate a separate public website database for storing submitted form data at this time.

8. Cloudflare Turnstile

We use Cloudflare Turnstile to protect our forms from spam, bots and automated abuse. When you interact with a protected form, Cloudflare may process technical data such as IP address, browser and device information, interaction signals and security challenge data.

This processing is necessary to protect the website, prevent abuse and ensure that submitted forms are made by legitimate users.

9. Resend Email Delivery

We use Resend to deliver website form submissions and related email notifications to DilyaSoft.

When you submit a form, Resend may process the content of your form submission, including your name, email address, company, project type, budget range and message, as well as email delivery metadata such as sender, recipient, subject, timestamp and delivery status.

We use Resend only to transmit and deliver form-related emails. We do not use Resend to send marketing emails unless you separately consent to receive such communications.

10. Recipients and Service Providers

We do not sell personal data.

We may share or make personal data available to the following categories of recipients where necessary:

  • website hosting providers, including hosting infrastructure located in Germany;
  • Cloudflare Turnstile, for bot protection, website security and abuse prevention;
  • Resend, for email delivery and form notification processing;
  • business email providers, where website inquiries are received and stored;
  • email and communication providers;
  • calendar booking providers, if you book a call;
  • analytics providers, if analytics are enabled;
  • subcontractors, developers or team members involved in reviewing your request or providing services;
  • professional advisers such as lawyers, accountants or auditors;
  • government authorities, courts or regulators where required by law.

We require service providers and subcontractors to process personal data only for agreed purposes and to use appropriate confidentiality and security measures.

11. International Data Transfers

DilyaSoft is a Kazakhstan legal entity, but our website and service providers operate internationally.

Your personal data may be transferred to or processed in countries outside Kazakhstan and outside your country of residence, including Germany, the European Union, the United States and other jurisdictions where our hosting, security, email delivery, communication or business service providers operate.

For users located in the European Economic Area, the United Kingdom or Switzerland, such transfers may involve countries that do not provide the same level of data protection as your jurisdiction. Where required by applicable law, we rely on appropriate safeguards such as contractual data protection obligations, data processing agreements, standard contractual clauses or other recognized transfer mechanisms.

For users located in Kazakhstan or where Kazakhstan personal data rules apply, by submitting the website form you consent to the transfer of your personal data to service providers and to cross-border processing as described in this Privacy Policy.

12. Data Retention

We retain personal data only for as long as reasonably necessary for the purposes described in this Privacy Policy.

Typical retention periods are:

  • website contact form submissions received by email: up to 24 months from the last meaningful communication;
  • inquiries that become client relationships: for the duration of the business relationship and for a reasonable period afterward;
  • business email correspondence: as needed for client relationship management, legal claims, service delivery and business records;
  • contracts, invoices and accounting records: as required by applicable law;
  • website hosting logs and security logs: for a limited period necessary for website operation, security and abuse prevention;
  • email delivery metadata: according to the retention settings and policies of our email delivery provider;
  • analytics data, if enabled: according to the retention settings of the analytics provider.

We may retain some information longer where required for legal, tax, accounting, dispute-resolution, security or contractual purposes.

13. Security

We use reasonable technical and organizational measures to protect personal data against unauthorized access, loss, misuse, disclosure, alteration or destruction.

These measures may include:

  • secure website connection;
  • access control;
  • limited access to personal data;
  • confidentiality obligations;
  • secure hosting and cloud providers;
  • bot and spam protection;
  • monitoring and security tools;
  • internal security practices.

No method of transmission or storage is completely secure. We cannot guarantee absolute security, but we take reasonable steps to protect the information we process.

14. Your Rights under GDPR

If GDPR applies to you, you may have the following rights:

  • the right to access your personal data;
  • the right to correct inaccurate or incomplete personal data;
  • the right to request deletion of your personal data;
  • the right to restrict processing;
  • the right to object to processing;
  • the right to data portability;
  • the right to withdraw consent where processing is based on consent;
  • the right to lodge a complaint with a supervisory authority.

To exercise your rights, contact us at [email protected].

We may need to verify your identity before responding to your request.

15. California Privacy Notice / CalOPPA

This section applies to visitors and users from California.

The California Online Privacy Protection Act requires commercial websites and online services that collect personally identifiable information from California consumers to conspicuously post a privacy policy.

Based on our current small B2B operations, DilyaSoft does not believe it is subject to the California Consumer Privacy Act / California Privacy Rights Act. This section is provided for CalOPPA transparency and general California privacy notice purposes.

Categories of personal information we collect

We may collect:

  • identifiers, such as name, email address, company name and IP address;
  • business contact information;
  • internet or network activity information, such as browser, device and website usage data;
  • professional or employment-related information, such as company role or business context, if provided;
  • project-related information, such as project type, budget range and message.

How we use this information

We use this information to:

  • respond to inquiries;
  • review project requests;
  • prepare proposals or assessments;
  • communicate with potential and existing clients;
  • protect our website from spam, bots and abuse;
  • deliver form submissions through email providers;
  • improve our website and services;
  • comply with legal obligations.

Categories of third parties with whom information may be shared

We may share information with:

  • hosting and infrastructure providers, including hosting infrastructure located in Germany;
  • Cloudflare Turnstile for bot protection and website security;
  • Resend for email delivery;
  • business email providers where inquiries are received and stored;
  • email and communication providers;
  • calendar booking providers;
  • analytics providers, if enabled;
  • subcontractors or team members involved in service delivery;
  • professional advisers;
  • authorities where required by law.

Sale of personal information

We do not sell personal information.

Do Not Track

Some browsers offer Do Not Track signals. There is currently no uniform industry standard for responding to such signals. Our website does not currently respond to Do Not Track signals.

You can manage cookies through your browser settings.

Third-party tracking

Third-party analytics, hosting, security or embedded service providers may collect information about your activity on our website depending on the tools enabled on the website and your cookie choices.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time. Material changes will be posted on this page with an updated Last updated date.

16. Kazakhstan Personal Data Notice

This section applies where the laws of the Republic of Kazakhstan on personal data protection apply.

By submitting information through our website forms, you consent to the collection, recording, systematization, accumulation, storage, clarification, use, transfer, blocking, deletion and destruction of your personal data by DilyaSoft for the purposes described in this Privacy Policy.

The purposes of processing include:

  • reviewing your inquiry;
  • responding to your message;
  • preparing a proposal, estimate or technical assessment;
  • communicating with you about services;
  • protecting the website from spam, bots and abuse;
  • delivering form submissions through email delivery providers;
  • storing and managing business correspondence in our email systems;
  • maintaining business, legal and accounting records.

The personal data processed may include name, email address, company, project type, budget range, message, IP address, browser and device information, security and anti-spam data, email delivery metadata, and communication history.

DilyaSoft may transfer personal data to service providers and contractors where necessary for the purposes described in this Privacy Policy. Such providers may include website hosting, website security, anti-spam, email delivery, analytics, communication and business email providers.

Our website is currently hosted in Germany. Contact form submissions are delivered through Resend and received in our business email systems. We do not currently operate a separate website form database for storing submitted inquiries.

Some service providers or technical infrastructure may be located outside Kazakhstan. Where required by applicable law, by submitting the form you consent to cross-border transfer and processing of your personal data as described in this Privacy Policy.

The term of consent and processing is limited to the period necessary to achieve the purposes described in this Privacy Policy, unless a longer period is required by applicable law, contract, accounting requirements, dispute resolution, security purposes or other legitimate grounds.

You may contact us to request access to your personal data, correction, deletion, withdrawal of consent or other actions available under applicable law.

For Kazakhstan-related privacy requests, contact [email protected].

17. Children's Privacy

Our website and services are intended for business users and are not directed to children. We do not knowingly collect personal data from children.

If you believe that a child has provided personal data to us, please contact us and we will take appropriate steps to delete it.

18. Links to Third-Party Websites

Our website may contain links to third-party websites, platforms or professional profiles, including LinkedIn, Upwork, calendar booking tools or other services.

We are not responsible for the privacy practices, content, availability or security of third-party websites.

19. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. The updated version will be posted on this page with a new Last updated date.

Your continued use of the website after changes are posted means that you acknowledge the updated Privacy Policy.

20. Contact Us

For privacy-related questions, requests or concerns, contact us at:

Limited Liability Partnership "DilyaSoft"

Registration / BIN: 240140015614

Registered address: Kazakhstan, Almaty, Almaly District, Bogenbay Batyr Street, 241, postal code 050026

Email: [email protected]