Privacy & Trust

We design with privacy in mind, from proposal to production.

This privacy policy explains how Craftora Labs LLC (“Craftora”, “we”, “us”, or “our”) collects, uses, and protects information when we design and build mobile apps, websites, backends, and related services for our clients.

Read the full policy Ask a privacy question

Scope of this policy

This policy covers information collected on craftoralabs.com, the project discovery and proposal process, and client work delivered across mobile, web, and backend platforms.

Information we collect

We only collect the information needed to discuss and deliver your project.

  • Inquiry details: When you submit the contact form we ask for your name, email address, optional company name, and the brief you provide about your project.
  • Project assets: During discovery we may request design files, product requirements, datasets, credentials, or other materials needed to scope, prototype, or build your solution.
  • Operational metadata: We maintain internal notes, estimates, invoices, and contractual records required to deliver services and meet legal obligations.
  • Communication history: Emails, meeting notes, and support requests are stored so we can track decisions, milestones, and outstanding tasks.

How we use information

  • Reply to inquiries, prepare proposals, and provide estimates tailored to your goals.
  • Plan, design, and build mobile apps, websites, APIs, and infrastructure outlined in our agreements.
  • Set up CI/CD, analytics, monitoring, and other technical services referenced on the homepage.
  • Send project updates, invoices, and important service communications.
  • Improve our delivery playbooks, tooling, and quality practices in anonymized, aggregated form.

We do not sell or rent client information and we use it solely for the purposes above.

Legal basis

When applicable laws require it, we process personal data under one or more of the following bases:

  • Contractual necessity: Information required to scope, build, and maintain the software you request.
  • Legitimate interest: Running secure infrastructure, preventing fraud, and improving our services.
  • Consent: Optional marketing updates or testimonials, which you can opt out of at any time.
  • Legal obligation: Recordkeeping for tax, accounting, compliance, or regulatory requirements.

Third-party services

We work with trusted vendors to power the stacks mentioned on our site (for example, cloud providers, CI/CD platforms, analytics, or payment processors). We only share information with these partners when necessary to fulfill the services you request, under confidentiality agreements and data protection terms.

If your project requires additional integrations (e.g., Apple, Google, AWS, Stripe), we will document those processors and obtain any required approvals before sharing data.

Security & infrastructure

Security is built into our process, as highlighted on our homepage. We use access controls, encryption, code reviews, CI/CD, monitoring, and secure environments to safeguard client assets. Only authorized team members and contractors working on your project can access your information, and they are bound by confidentiality obligations.

If we become aware of unauthorized access or disclosure, we will notify affected clients and take remediation steps in line with our agreements and applicable laws.

Data retention

  • Inquiry records are kept for up to 24 months so we can track conversations and follow up on opportunities.
  • Active project artifacts are retained for the duration of the engagement and archived for up to 36 months afterward, unless you request earlier deletion.
  • Financial records (invoices, contracts, tax documents) are stored for the statutory retention period required in our operating jurisdictions.

You may request deletion of specific assets at any time by contacting support@craftoralabs.com. Some information may need to be retained to comply with legal obligations.

Your choices & rights

  • Review, correct, or update information we hold about you.
  • Request deletion of project data that is no longer required for service delivery or legal compliance.
  • Ask for details about the processors we use for your engagement.
  • Opt out of optional updates or marketing communications.

To exercise these rights, email support@craftoralabs.com. We respond to verified requests within 30 days.

International transfers

Craftora is headquartered in the United States and works with clients globally. When we transfer personal data across borders we rely on appropriate safeguards such as Standard Contractual Clauses or vendor frameworks that comply with regional requirements.

Policy updates

We may update this policy to reflect new services, regulations, or best practices. The “Last updated” date below indicates the latest revision. Material updates will be communicated to active clients directly.

Last updated: October 10, 2025

Contact

If you have questions about this privacy policy or how we handle data, contact our privacy team:

Craftora Labs LLC
support@craftoralabs.com