Privacy Policy

Last updated: November 20, 2025

1. Introduction

Xion Tech ("we", "us", or "our") is committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website, services, or interact with us. By using our services, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Personal Information

We may collect the following types of personal information:

  • Contact Information: Name, email address, phone number, mailing address
  • Business Information: Company name, job title, business address
  • Account Information: Username, password (hashed), account preferences
  • Payment Information: Billing address, payment method details (processed securely through third-party payment processors)
  • Communication Data: Messages, inquiries, feedback, and correspondence

2.2 Technical Information

We automatically collect certain technical information when you visit our website:

  • Device Information: IP address, browser type, device type, operating system
  • Usage Data: Pages visited, time spent, click patterns, referring URLs
  • Cookies and Tracking: See our Cookie Policy section below
  • Log Files: Server logs, error logs, access logs

2.3 Project-Related Information

When you engage our services, we may collect:

  • Project requirements, specifications, and documentation
  • Business data and content you provide for development purposes
  • User data and analytics from applications we develop (as specified in project agreements)

3. How We Use Your Information

We use the collected information for the following purposes:

  • Service Delivery: To provide, maintain, and improve our development services
  • Communication: To respond to inquiries, send project updates, and provide customer support
  • Business Operations: To process payments, manage accounts, and fulfill contractual obligations
  • Legal Compliance: To comply with legal obligations, enforce agreements, and protect rights
  • Marketing: To send promotional materials (with your consent) and inform you about new services
  • Analytics: To analyze usage patterns, improve our website and services, and conduct research
  • Security: To detect, prevent, and address security issues and fraudulent activity

4. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), we process personal data based on:

  • Contractual Necessity: To fulfill our contractual obligations and provide requested services
  • Legitimate Interests: For business operations, security, and service improvement
  • Consent: When you have provided explicit consent for specific processing activities
  • Legal Obligation: To comply with applicable laws and regulations

5. Information Sharing and Disclosure

We do not sell your personal information. We may share information in the following circumstances:

5.1 Service Providers

We may share information with trusted third-party service providers who assist in:

  • Payment processing (Stripe, PayPal, etc.)
  • Cloud hosting and infrastructure (AWS, Azure, GCP)
  • Email and communication services
  • Analytics and monitoring tools
  • Customer support platforms

These providers are contractually obligated to protect your information and use it only for specified purposes.

5.2 Legal Requirements

We may disclose information when required by law, court order, or government regulation, or to:

  • Comply with legal processes or respond to government requests
  • Enforce our Terms of Service or other agreements
  • Protect our rights, property, or safety, or that of our users
  • Prevent fraud or security threats

5.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity, subject to the same privacy protections.

6. Data Security

We implement appropriate technical and organizational measures to protect your personal information:

  • Encryption: Data in transit (SSL/TLS) and at rest
  • Access Controls: Limited access to personal data on a need-to-know basis
  • Security Monitoring: Regular security audits and vulnerability assessments
  • Data Backup: Regular backups with secure storage
  • Employee Training: Security awareness training for all staff
  • Incident Response: Procedures for detecting and responding to security incidents

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

7. Data Retention

We retain personal information for as long as necessary to:

  • Fulfill the purposes outlined in this Privacy Policy
  • Comply with legal obligations and resolve disputes
  • Enforce our agreements and protect our rights
  • Maintain business records as required by law

When information is no longer needed, we securely delete or anonymize it in accordance with our data retention policies.

8. Your Rights and Choices

Depending on your location, you may have the following rights regarding your personal information:

8.1 Access and Portability

You have the right to access and receive a copy of your personal information in a structured, machine-readable format.

8.2 Correction

You can request correction of inaccurate or incomplete personal information.

8.3 Deletion

You may request deletion of your personal information, subject to legal and contractual obligations.

8.4 Objection and Restriction

You can object to certain processing activities or request restriction of processing in specific circumstances.

8.5 Withdraw Consent

Where processing is based on consent, you may withdraw consent at any time.

8.6 Opt-Out

You can opt out of marketing communications by clicking unsubscribe links or contacting us directly.

To exercise these rights, please contact us at privacy@xiontech.com. We will respond to your request within 30 days.

9. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to:

  • Remember your preferences and settings
  • Analyze website traffic and usage patterns
  • Provide personalized content and advertisements
  • Improve website functionality and user experience

You can control cookies through your browser settings. However, disabling cookies may limit certain website functionality.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place, including:

  • Standard contractual clauses approved by data protection authorities
  • Compliance with applicable data protection laws
  • Implementation of security measures consistent with this Privacy Policy

11. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately, and we will take steps to delete such information.

12. California Privacy Rights (CCPA)

California residents have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information is collected, used, and shared
  • Right to delete personal information (with certain exceptions)
  • Right to opt-out of the sale of personal information (we do not sell personal information)
  • Right to non-discrimination for exercising privacy rights

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. Material changes will be communicated through our website or by email. The "Last updated" date at the top indicates when this policy was last revised. Continued use of our services after changes constitutes acceptance of the updated policy.

14. Contact Us

If you have questions, concerns, or wish to exercise your privacy rights, please contact us:

Xion Tech
Email: privacy@xiontech.com
Phone: +1 (234) 567-890
Address: San Francisco, CA, United States

For EU residents, you also have the right to lodge a complaint with your local data protection authority if you believe we have not adequately addressed your concerns.