Privacy Policy

KhabaTech is the data controller responsible for personal data collected through this website (khabatech.com).

For any privacy-related enquiries or to exercise your rights, contact us at: [email protected]

We collect the following categories of personal data:

a) Website analytics (only with your consent)

When you accept cookies, each page view is logged server-side with:

• IP address (used to derive approximate country; not retained beyond 30 days)
• Page URL and referrer
• Browser and device information (user-agent string)
• An anonymous session identifier (stored in your browser's session storage; expires when you close the tab)
• Timestamp of the visit

We do not use third-party analytics services (e.g. Google Analytics). All data is processed on our own servers.

b) Contact form submissions

If you contact us via the contact form or directly by email, we collect your name, email address, and any information you choose to include in your message.

c) Cookie consent preference

We store a single cookie-consent flag in your browser's localStorage to remember whether you have accepted or declined analytics tracking. This is a strictly necessary functional record and does not itself identify you.

Under UK GDPR we rely on the following legal bases:

• Consent (Article 6(1)(a)) — for analytics cookies and page-view logging. You can withdraw consent at any time by clearing your browser's local storage or refreshing to re-engage the cookie banner.
• Legitimate interests (Article 6(1)(f)) — for processing enquiry emails to respond to your message and manage our business relationship. Our legitimate interest is providing the professional services you have requested.
• Legal obligation (Article 6(1)(c)) — where we are required to retain records for tax or regulatory purposes.

• To understand how visitors use the website and improve its content and performance.
• To respond to enquiries and provide the services you have requested.
• To meet our legal and regulatory obligations.

We will never sell, rent, or trade your personal data with third parties for marketing purposes.

We do not share your personal data with third parties, except:

• Hosting infrastructure — our website is self-hosted. Server infrastructure providers may have incidental access to data as part of operating the hosting environment.
• Legal requirement — if we are required to disclose data by law, court order, or regulatory authority.

All data is processed and stored within the United Kingdom or the European Economic Area. We do not transfer personal data to countries outside the UK/EEA without appropriate safeguards.

• Analytics logs — retained for up to 30 days, then deleted.
• Enquiry emails — retained for up to 2 years unless a longer period is required for an active business relationship or legal obligation.
• Cookie consent flag — stored in your browser until you clear your local storage or withdraw consent.

You have the following rights in relation to your personal data:

• Right of access — to obtain a copy of the data we hold about you.
• Right to rectification — to have inaccurate data corrected.
• Right to erasure (“right to be forgotten”) — to request deletion of your data where there is no overriding legitimate reason to retain it.
• Right to restriction — to request that we restrict processing of your data in certain circumstances.
• Right to data portability — to receive your data in a structured, machine-readable format where processing is based on consent or contract.
• Right to object — to object to processing based on legitimate interests.
• Rights related to automated decision-making — we do not use automated decision-making or profiling that produces legal or similarly significant effects.
• Right to withdraw consent — at any time, where processing is based on consent, without affecting the lawfulness of processing before withdrawal.

To exercise any of these rights, email [email protected] with the subject line “Data Rights Request”. We will respond within one calendar month.

This website uses browser local storage (not HTTP cookies) to:

• Store your cookie consent preference (khabatech-cookie-consent)
• Store your visual theme preference (font, colour palette, brand name) for the theme customisation feature

Session storage is used to hold an anonymous session identifier while your browser tab is open. It is automatically cleared when you close the tab.

We do not set any tracking cookies or use third-party cookies.

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or disclosure. Analytics logs are stored on a private server and are not publicly accessible.

No method of transmission over the internet is completely secure. While we take reasonable precautions, we cannot guarantee absolute security.

If you believe we have handled your personal data unlawfully or are dissatisfied with how we have responded to a rights request, you have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK supervisory authority for data protection:

• Website: ico.org.uk
• Helpline: 0303 123 1113

We would appreciate the opportunity to address your concerns before you contact the ICO, so please reach out to us first at [email protected].

We may update this policy from time to time to reflect changes in our practices or legal requirements. The “Last updated” date at the top of this page will be revised accordingly. We encourage you to review this policy periodically.