Back to Home

Privacy Policy

Last Updated: February 13, 2026

Introduction

At ImparLabs, we are committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you use our website and services.

We comply with the EU General Data Protection Regulation (GDPR) and other applicable data protection laws.

What Data We Collect

1. Contact Form Data

When you submit our contact form, we collect:

  • Your name
  • Your email address
  • Project type/interest
  • Your message

2. Analytics Data (Privacy-First)

We use Umami Analytics, a privacy-first analytics tool that does NOT use cookies. We collect anonymized data including:

  • Pages visited
  • Referrer source
  • Device type (desktop/mobile/tablet)
  • Approximate location (country-level only)

Note: Umami does not track individual users, does not use cookies, and honors Do Not Track (DNT) browser settings.

How We Use Your Data

  • To respond to your inquiries and project requests
  • To improve our website and services
  • To understand how visitors use our website (via anonymized analytics)
  • To comply with legal obligations

Data Storage and Security

Your data is stored securely on European infrastructure:

  • Contact form submissions: Stored in PostgreSQL database hosted on our self-hosted Coolify instance (EU-based server)
  • Analytics data: Stored by Umami Analytics on EU servers

We retain contact form data for 2 years or until you request deletion, whichever comes first. Analytics data is retained indefinitely in anonymized form.

Data Sharing

We do NOT sell, rent, or share your personal data with third parties for marketing purposes.

We may disclose your data only if required by law or to protect our legal rights.

B2B Business Communications

In addition to website interactions, ImparLabs may contact businesses directly as part of our B2B outreach activities. This section explains how we handle data in that context.

Legal Basis

We process business contact data under Article 6(1)(f) of the GDPR (Legitimate Interest). We have conducted a Legitimate Interest Assessment documenting that our outreach is proportionate, targeted, and includes appropriate safeguards.

Data We Collect

For B2B outreach, we collect publicly available business information:

  • Company name and domain
  • Business email addresses (corporate emails only, never personal)
  • Industry and business sector
  • Technology indicators from public websites

How We Obtain This Data

We collect business data exclusively from public sources: company websites, business directories, and publicly available professional profiles. We do not purchase data from third-party brokers.

Data Retention

Business contact data from outreach is retained for 90 days if there is no response. Data from interested leads is retained for up to 2 years. Opt-out records are kept for 3 years as proof of compliance.

Your Right to Opt Out

You can opt out of our business communications at any time. Every email we send includes an opt-out link. You can also request removal by contacting us at:

Click here to opt out

Email: contact@imparlabs.com

Your Rights (GDPR)

Under GDPR, you have the following rights:

  • Right to Access - Request a copy of your personal data
  • Right to Rectification - Request correction of inaccurate data
  • Right to Erasure - Request deletion of your data ('right to be forgotten')
  • Right to Restriction - Request limitation of data processing
  • Right to Data Portability - Receive your data in a structured, machine-readable format
  • Right to Object - Object to processing of your data

To exercise any of these rights, contact us at: contact@imparlabs.com

Cookies

We do NOT use tracking cookies. Our website only uses essential technical cookies required for basic functionality (e.g., language preference, theme).

Our analytics tool (Umami) is cookieless and privacy-first by design.

Security Measures

We implement appropriate technical and organizational measures to protect your data, including encryption, secure servers, and access controls. However, no method of transmission over the internet is 100% secure.

Children's Privacy

Our services are not directed to individuals under 16 years of age. We do not knowingly collect personal data from children.

Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated 'Last Updated' date.

Contact Us

If you have any questions about this Privacy Policy or wish to exercise your GDPR rights, contact us at:

Email: contact@imparlabs.com