← Back to Home

Privacy Policy

Effective Date: April 8, 2026

Information We Collect

We collect information you provide directly to us, such as when you create an account, use our services, or contact us for support. This includes your name, email address, company information, and any content you upload or create using our platform.

We also automatically collect certain information about your device and how you interact with our services, including IP address, browser type, operating system, referral URLs, and usage patterns.

How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our services
  • Process transactions and send related information
  • Send technical notices, updates, security alerts, and support messages
  • Respond to your comments, questions, and requests
  • Monitor and analyze trends, usage, and activities
  • Comply with legal obligations

Information Sharing

We do not sell, trade, or otherwise transfer your personal information to third parties without your consent, except as described in this policy. We may share your information in the following circumstances:

  • Service Providers: With vendors who perform services on our behalf
  • Legal Requirements: When required by law or to protect our rights
  • Business Transfers: In connection with a merger, acquisition, or sale of assets
  • With Your Consent: When you have given us explicit permission

Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. This includes encryption of data in transit and at rest, regular security assessments, and access controls.

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

Data Retention

We retain your personal information for as long as necessary to provide you with our services, comply with our legal obligations, resolve disputes, and enforce our agreements. When we no longer need your information, we will securely delete or anonymize it.

Your Rights

Depending on your location, you may have the following rights regarding your personal information:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request that we correct inaccurate information
  • Deletion: Request that we delete your personal information
  • Portability: Request a copy of your data in a machine-readable format
  • Opt-out: Unsubscribe from marketing communications

To exercise these rights, please contact us at privacy@gdsfactory.com.

International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your information in accordance with applicable data protection laws.

Children's Privacy

Our services are not directed to children under 13 years of age. We do not knowingly collect personal information from children under 13. If we learn that we have collected information from a child under 13, we will delete it promptly.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Effective Date" above. We encourage you to review this policy periodically.

Sub-Processors

We engage third party service providers to assist in providing our services by processing certain user data. We call these third-party service providers “sub-processors.” These sub-processors process personal data only as necessary to perform services on our behalf and in accordance with contractual obligations, including data processing agreements that comply with applicable data protection laws such as the General Data Protection Regulation (GDPR).

Where personal data is transferred outside of the European Economic Area (EEA), including to the United States, we rely on appropriate safeguards such as Standard Contractual Clauses (SCCs) approved by the European Commission, or other lawful transfer mechanisms in accordance with GDPR requirements.

We may update our list of sub-processors from time to time. Where required under applicable law (including GDPR Article 28), we will provide notice of any new sub-processors by updating this page or through other appropriate communication channels.

Where required, we will provide customers with the opportunity to object to the appointment of a new sub-processor on reasonable data protection grounds. In such cases, we will work in good faith to address the objection or provide an alternative solution where feasible.

We share only the minimum amount of personal data necessary for sub-processors to perform their functions. All sub-processors are contractually required to implement appropriate technical and organizational measures to protect personal data, including encryption, access controls, and confidentiality obligations.

Our sub-processors follow contractual safeguards to protect data.

Below, list our sub-processors, the purpose of their data processing, and the jurisdiction of the sub-processors.

Name Purpose Location
Amazon Web Services (AWS) Cloud hosting and infrastructure United States
Anthropic AI processing United States
OpenAI AI processing United States
Datadog Monitoring, logging, and analytics United States
PostHog Monitoring, logging, and analytics United States
Pydantic Logfire Monitoring, logging, and analytics United States
Google/Gemini AI processing United States

Contact Us

If you have any questions about this Privacy Policy or our privacy practices, please contact us at:

DoPlayDo, Inc
Email: privacy@gdsfactory.com
Website: www.gdsfactory.com