Dream Driven Digital

QA as a Service

Privacy Policy

This Privacy Policy explains how Dream Driven Digital ("we", "us", "our") collects, uses and protects personal data in connection with our QA as a Service offering and this website.

We aim to comply with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

1. Who we are

Dream Driven Digital provides software quality assurance and test automation services to clients, primarily on a B2B basis.

If you have questions about this Privacy Policy or how we handle personal data, you can contact us at:

2. What data we collect

We may process the following categories of personal data:

  • Contact details: name, business email address, company name, role.
  • Communication data: information you provide when you contact us (for example, project description, requirements and any other information you share voluntarily).
  • Technical data: basic technical information about how you use our website (such as IP address, browser type, device type, approximate location) to the extent logged by our hosting provider and analytics tools.
  • Client-related data: where we provide QA services to a client, we may access test data, staging environments or logs that can incidentally contain personal data of end users, depending on how the client systems are set up.

3. How we collect personal data

  • Directly from you when you contact us by email or other channels.
  • From client systems and environments to which we are granted access in order to perform QA and testing activities.
  • Automatically via our website (for example, through server logs or privacy-friendly analytics), subject to your browser settings.

4. Purposes and legal bases for processing

We process personal data only where we have a valid legal basis under GDPR. Typical purposes and legal bases include:

  • Responding to enquiries and providing proposals – based on our legitimate interest in developing and operating our business, or in some cases in order to take steps at your request prior to entering into a contract.
  • Performing our contractual obligations – where we provide QA services to a client, we process data as necessary to fulfil the contract with that client.
  • Operating and securing our website and infrastructure – based on our legitimate interest in ensuring the security and proper functioning of our services, including basic, aggregated analytics.
  • Compliance with legal obligations – for example, maintaining accounting records or responding to lawful requests from authorities.

5. Hosting & analytics (Vercel)

Our website is hosted on infrastructure provided by Vercel. We also use Vercel's built-in analytics to understand aggregate traffic and performance.

  • Vercel Analytics is designed to be privacy-friendly and does not use tracking cookies.
  • The data collected for analytics is aggregated and does not aim to identify individual visitors. Typical information includes page views, referrers, device and browser type, and high-level location (e.g. country).
  • Server logs and analytics may include IP addresses and user agent information as part of normal web operations. This is processed on the basis of our legitimate interest in maintaining and improving the website.

6. How we share personal data

We do not sell your personal data. We may share data with:

  • Service providers (for example, hosting, analytics, email, project management or collaboration tools) that help us operate our business. These providers are bound by contractual obligations to protect personal data.
  • Clients and their teams when required in the context of delivering QA services (for example, when we log issues or discuss test results).
  • Public authorities where required by law or to protect our rights and legitimate interests.

7. International transfers

Because we may work with clients and service providers located in different countries, personal data may be transferred outside the European Economic Area (EEA). Where this happens, we will take appropriate measures to ensure an adequate level of protection, such as using standard contractual clauses approved by the European Commission or working with providers covered by equivalent safeguards.

8. Data retention

We keep personal data only for as long as necessary for the purposes described in this Privacy Policy or as required by law. In practice, retention periods depend on:

  • The duration of our relationship with you or with the client.
  • Legal obligations (for example, accounting records usually must be kept for several years).
  • The need to keep certain information to resolve disputes or protect our legitimate interests.

9. Your rights under GDPR

Depending on the circumstances and subject to legal conditions, you may have the following rights:

  • Right of access to your personal data.
  • Right to rectification of inaccurate or incomplete data.
  • Right to erasure ("right to be forgotten").
  • Right to restriction of processing.
  • Right to data portability.
  • Right to object to processing based on legitimate interest, including profiling.
  • Where processing is based on consent, the right to withdraw consent at any time.

To exercise your rights, contact us at contact@dreamdrivendigital.com. You also have the right to lodge a complaint with your local data protection authority if you believe your rights have been violated.

10. Security of personal data & changes to this Policy

We take appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse or disclosure. However, no system is completely secure, and we cannot guarantee absolute security.

We may update this Privacy Policy from time to time. Any changes will be published on this page, with an updated revision date.