Skip to content
Contact us

PRIVACY NOTICE

 

  1. Context and Scope

    At Softway (‘Softway’, ‘Us’, ‘We’, ‘Our’) we care about data privacy and security. We are committed to protecting your personal information and respecting your privacy.  By using the Website, you agree to be bound by our Privacy Notice.

    For the purposes of this Notice and applicable data protection laws, Softway (with its registered office at [insert address]) is the data controller responsible for your personal information.

    This Privacy Notice (hereinafter referred to as ‘Notice’) explains how we collect, process, use, store, and share your personal information when you interact with our website, products, and services. It also outlines your rights under applicable data protection laws, including the EU General Data Protection Regulation (GDPR), the Digital Personal Data Protection Act (DPDPA) 2023 (India), the California Consumer Privacy Act (CCPA), Personal Information Protection and Electronic Documents Act (PIPEDA), Children’s Online Privacy Protection Act (COPPA) and other relevant regulations.

    This Notice applies to personal information collected through:


    Please be advised the Website is hosted in the United States. If you access the Website from the European Union, Asia, or any other region of the world with laws or other requirements governing personal information collection, use, or disclosure that differ from applicable laws in the United States, then through your continued use of the Website or Services, you are transferring your data to the United States, and you expressly consent to have your data transferred to and processed in the United States. [Further, we do not knowingly accept, request, or solicit information from children or knowingly market to children. Therefore, in accordance with the U.S. Children’s Online Privacy Protection Act, if we receive actual knowledge that anyone under the age of 13 has provided personal information to us without the requisite and verifiable parental consent, we will delete that information from the Website as quickly as is reasonably practical.

    1. Data Subject

      This Notice applies to:.

      • Individuals who visit the Softway website, Love as a Strategy website, Love as a Business Strategy website, and Culture+ Counter page.

      • Individuals who register for our services or events.

      • Prospective clients, partners, and stakeholders who contact us via the website or other connected communication channels.

      • Individuals of Softway Solutions’ products, solutions, and services, including any support, maintenance, or consultation provided.

      • Individuals whose data may be collected through cookies, tracking technologies, and third-party integrations on our website.

      • Any other individual whose personal information is processed in the context of Softway’s business operations.


      This Notice does not apply to personal information processed by third-party websites, applications, or services that may be linked from or integrated with Softway’s website.

  2. What data do we collect?

    We collect the following data:

    • Personal Information, including but not limited to:

      • Name

      • Email address

      • Phone number

      • Location Information, including complete address of customers.

      • IP Addresses

      • Call Summaries

      • Billing Details, including billing address, credit card details, or other payment option details.

    • User Content, including text, images, and data you upload.

    • Subscriber Information and personal information entered to create an account with Softway.

    • Device Information, including the number and types of devices you use to connect to the service, as well as information about the operating systems of those devices.

    • Usage Data, including details about internet or other electronic network activity on how you and others access and use Softway’s services. This data may be collected through cookies, pixel tracking, and similar technologies.

    • Third-party Data: We may link your information with data we receive from third parties to better understand your needs and improve your experience. For example, if you create or log in to an account using your Google Apps credentials via single sign-on, we will access certain information (like your name and email address) as authorized by your Google profile settings.

     

  3. How and when do we collect your data?

    You directly provide us with most of the data we collect. We collect data and process data when you:

    • Register online or place an order for any of our products or services.

    • Voluntarily complete a survey, submit feedback, or contact us.

    • Use or view our website via your browser’s cookies or tracking technologies.

    • Log in via third-party integrations.

     

  4. How will we use your data?

    We collect and use your personal information for the following purposes, in accordance with applicable data protection laws:

    1. Processing Orders and Managing Accounts

      • We use your information to process orders for products and services, manage your subscriptions, and maintain accurate records of your account details.

      • This includes setting up your account, processing payments, and facilitating access to services based on your account settings.

    2. Communicating with You About Services, Products, and Events

      • We may contact you to provide information about your account, services, and updates.

      • We may also share details about our products, features, and upcoming events.

    3. User Authentication and Account Security

      • We process personal information to verify the identity of users and ensure that only authorized users can access specific services.

      • This includes using login credentials, multi-factor authentication, and other identifiers to protect your account.

    4. Providing, Maintaining, and Improving Our Services

      • Your information helps us operate and deliver our services effectively.

      • We use your feedback, support queries, and survey responses to improve features and customer support.

    5. Enhancing Security and Monitoring Performance

      • We collect and analyze data, including logging information, IP addresses, and general location data to ensure service security and performance.

      • Specific location data may be used to provide location-based features, with your consent.

    6. Conducting Analytics and Research

      • We analyze usage patterns and feedback to identify trends and make data-driven decisions.

      • This includes monitoring website traffic, app performance, and service usage.

    7. Sending Marketing Communications (With Your Consent)

      • With your consent, we send you marketing communications and promotional materials.

      • We track metrics like open rates and click-through rates to assess campaign performance.

    8. Responding to Inquiries and Providing Support

      • We use your contact information and inquiry details to respond and provide support.

      • This includes managing contractual relationships and service-related updates.

    9. Complying with Legal Obligations

      • We may process your data to comply with laws, legal processes, or regulatory requirements.

      • This includes responding to lawful requests and fulfilling tax or audit duties.

    10. Improving Our Websites and Applications

      • We use interaction data to improve usability, identify technical issues, and strengthen security.

      • This may involve the use of cookies and analytics tools.

    11. Other Purposes (Where Permitted or Required by Law)

      • We may use your information for other purposes where you have given consent or where legally allowed.

     

  5. Legal Basis for Processing Personal Information

    At Softway Solutions, we are committed to processing your personal information lawfully, fairly, and transparently. Depending on the context and jurisdiction, we rely on one or more of the following legal bases:

    1. Consent: We process your personal information when you have provided explicit consent. This includes scenarios such as processing of cookies, creating an account with Softway, participating in our events, or receiving marketing or promotional communications.

    2. Performance of a Contract: Processing is necessary to fulfill our contractual obligations to you. This may include scenarios like processing of personal information collected on our website for delivering our technology solutions or consulting services, managing appointments, or responding to queries sent to us through our website’s “Contact Us” page.

    3. Legal Obligation: Where we are subject to a legal obligation and need to use your personal information in order to comply with that obligation.

    4. Legitimate Interest: Where it is necessary for the legitimate interest of our business to understand our customers, promote our services, and effectively provide services—provided in each case that this is done in a legitimate way that does not unduly affect your privacy and other rights.

    5. Vital Interests: In some limited cases, we may need to process your personal information where it is necessary to protect your vital interests or the vital interests of another person.

    We will always take steps to ensure that the processing of your personal information is fair and lawful and that it does not unduly affect your privacy.

  6. Principles of Processing Personal Information

    1. Lawfulness: Personal information must be processed only when there is a valid legal basis. These bases may include the data subject’s consent; necessity for the performance of a contract; compliance with a legal obligation; protection of vital interests; performance of a task carried out in the public interest; or legitimate interests pursued by the data controller or a third party, provided such interests are not overridden by the data subject’s rights and freedoms.

    2. Fairness: Processing must be conducted in a manner that is fair to the data subjects. This means that data should be handled in ways that individuals would reasonably expect and not used in ways that have unjustified adverse effects on them. Data controllers must ensure that data subjects are informed about the collection and use of their data, and that processing does not occur in secret or for undisclosed purposes.

    3. Transparency: Data subjects must be clearly and comprehensively informed about how their Personal information will be used. Transparency applies to information provided before processing begins, throughout the lifecycle of the data processing, and in response to access requests. Controllers must ensure that this information is readily accessible and written in clear and plain language.

    4. Purpose Limitation: Personal information must be collected for specified, explicit, and legitimate purposes and not further processed in a manner that is incompatible with those purposes. Additional uses of the data must be compatible with the original purpose; otherwise, further consent or a separate legal basis is required.

    5. Data Minimization: Only the Personal information that is necessary for the purposes of processing shall be collected. The data must be adequate, relevant, and limited to what is necessary in relation to the purposes for which it is processed. Controllers must avoid collecting data on a precautionary basis or processing data that is excessive.

    6. Accuracy: Reasonable steps must be taken to ensure that Personal information is accurate and kept up to date. Inaccurate or incomplete data must be rectified or deleted without undue delay. Controllers should implement mechanisms to verify and maintain the accuracy of the data over time.

    7. Storage Limitation: Personal information must be retained only for as long as is necessary to fulfill the purposes for which it was collected. Once those purposes have been fulfilled, the data must be deleted or anonymized. Controllers should establish appropriate retention periods and periodically review stored data for continued necessity.

    8. Integrity and Confidentiality: Appropriate technical and organizational measures must be implemented to safeguard Personal information against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. These measures must be proportionate to the level of risk involved and should be reviewed and updated regularly to address evolving threats.

    9. Accountability: Data controllers and processors are responsible for ensuring and demonstrating compliance with applicable data protection laws and the principles outlined above. This includes implementing policies, maintaining records of processing activities, conducting risk assessments, and ensuring appropriate data protection governance and training across their organization.

     

  7. How do we store your data?

    We securely stores your data in Microsoft Azure Storage Cloud. Please note that the Website and Services are hosted and operated in the United States. If you are accessing our Website or Services from the European Union, Asia, or any other region with data protection laws that differ from those in the United States, please be aware that by continuing to use the Website or Services, you acknowledge and agree that your personal information will be transferred to and processed in the United States. By doing so, you expressly consent to such transfer and processing, subject to this Notice and applicable U.S. laws. Our infrastructure is located in the US (East US).

    We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including to comply with legal, regulatory, contractual, or Notice requirements. The exact retention period depends on the type of information and the purpose for which it was collected. When personal information is no longer required, we will securely delete or anonymize it in accordance with applicable laws and our internal policies.

  8. Sharing and Transferring of Personal Information

    Softway may share your personal information with certain trusted third parties and service providers to help us deliver our services effectively and comply with legal obligations. These recipients include:

    • Service Providers and Vendors: Companies that provide us with operational, IT, hosting, customer support, payment processing, marketing, or analytics services.

    • Affiliates and Business Partners: Entities within the Softway group or partners involved in joint services or offers.

    • Legal and Regulatory Authorities: When required by law, regulation, legal process, or to protect the rights, property, or safety of Softway, our users, or others.

    • Professional Advisors: Such as auditors, consultants, lawyers, and other advisors assisting Softway in its business operations or compliance obligations.

    We ensure that all recipients are bound by confidentiality agreements and data protection obligations to safeguard your personal information. Subject to your consent and as permitted by applicable laws, we may share your personal information with trusted third-party service providers and partners who help us deliver our services, including:

    • Microsoft Azure – for secure cloud hosting and storage.

    • HubSpot – for customer relationship management (CRM) and marketing automation.

    • Credit reference agencies – to verify your identity and prevent fraudulent transactions when you place an order with us.

    Your personal information may be transferred to, stored in, or processed in countries outside of your country of residence, including the United States, where our servers, service providers and partners operate. Where required by applicable law, we will ensure that appropriate safeguards are in place before transferring your personal information across borders. These safeguards may include standard contractual clauses (SCCs), adequacy decisions, or other lawful transfer mechanisms to ensure that your personal information is protected to a similar standard as required under applicable laws.

    If you have questions about cross-border data transfers or would like to request a copy of the applicable safeguards, you may contact us at contact@softway.com.

  9. Children’s Privacy

    Our Website and services are intended for adults and are not directed at children. We do not knowingly collect, use, or market personal information from individuals below the minimum ages and conditions as defined under applicable laws which includes but is not limited to:

    • 16 years under the EU General Data Protection Regulation (GDPR).

    • 18 years under the Digital Personal Data Protection Act, 2023 (India - DPDPA).

    • 13 years under the California Consumer Privacy Act (CCPA).

    • 13 years under the U.S. Children’s Online Privacy Protection Act (COPPA).

    • Under 13 years as a general guideline under PIPEDA (Canada), subject to parental consent requirements.

    By using our Website, you confirm that you meet the applicable age of digital consent based on your jurisdiction. We request that individuals below these ages do not provide any personal information. If we learn that we have inadvertently collected personal information from a child below the applicable age of digital consent without verified parental consent, we will promptly delete such data.

    If you believe that we may have collected information from or about a child without proper consent, please contact us at contact@softway.com, and we will take appropriate steps to address the issue.

  10. What are your data protection rights?

    We would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:

      1. Data Subject Rights

        Rights EU Canada US India
        Right to Obtain Information
        Right to Data Portability
        Right to Rectification
        Right to Erasure
        Right to Restrict Processing
        Right to Object
        Right to Stop Processing
        Right to Withdraw Consent
        Right to Object to Automated Decision Making
        Right to be Notified of Data Breach
        Right to Grievance Redressal
        Right to Nominate
        Right to Opt-Out of Sale and Sharing
        Right to Limit Use and Disclosure of Sensitive Personal Information
        Right of Non-discrimination

        Rights Description
        Right to Obtain Information You have the right to request details about the personal information we hold about you, including how we use it and who we share it with. You have the right to request information regarding the personal data we hold about you at any time, including information about how it is processed.
        Right to Data Portability You can ask for a copy of your personal information in a commonly used, machine-readable format. When possible, you may also request that we send your data directly to another organization (if feasible). You have the right to request a copy of your personal data in a structured, commonly used, and machine-readable format. Where technically feasible, you may also request that the data be transmitted directly to another controller.
        Right to Rectification If any personal information we have about you is inaccurate or incomplete, you can ask us to update or correct it. You have the right to request the correction of inaccurate or incomplete personal data we hold about you. This includes the right to have incomplete data completed.
        Right to Erasure You have the right to request the deletion or removal of your personal information, except where such processing is necessary: for compliance with a legal obligation; for the establishment, exercise, or defense of legal claims; where erasure would affect ongoing investigations or regulatory requirements.
        Right to Restrict Processing You may request that we restrict the processing of your personal information in the following circumstances: you contest the accuracy of the data (processing will be restricted until accuracy is verified); the processing is unlawful, but you request restriction rather than erasure; the data is no longer needed for processing, but you require it for legal claims; you have objected to processing, pending the verification of overriding legitimate grounds.
        Right to Object You have the right to object to the processing of your personal information where it is based on our legitimate interests, including profiling. This right also applies to the use of your personal information for direct marketing purposes.
        Right to Stop Processing You have the right to request that we stop processing your personal information in circumstances where such processing is no longer lawful or necessary, subject to applicable legal requirements.
        Right to Withdraw Consent Where processing is based on your consent, you have the right to withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing prior to such withdrawal.
        Right to Object to Automated Decision Making You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or significantly affects you, unless such processing is necessary for entering into or performing a contract or is otherwise authorized by law.
        Right to be Notified of any Data Breach You have the right to be notified without undue delay if a personal information breach occurs that is likely to result in a high risk to your rights and freedoms. You may also be notified of material changes to our data collection and processing practices.
        Right to Grievance Redressal If you believe your privacy rights have been violated or you are not satisfied with how we have handled your personal information, you have the right to raise a complaint. You can contact us directly to resolve your concerns (mandatory first step for India) or reach out to the relevant data protection authority for further assistance. If your request to exercise any of your rights is denied, you have the right to seek redress through appropriate grievance mechanisms or supervisory authorities.
        Right to Nominate You have the right to nominate another individual to exercise your privacy rights in the event of your death or incapacity. The nominated person must provide evidence of such authorization and identity.
        Right to Opt-Out of Sale and Sharing You have the right to opt out of selling or sharing of your personal information by us with third parties for advertising or other purposes.
        Right to Limit Use and Disclosure of Sensitive Personal Information You can limit how we use or disclose sensitive personal information, such as health or financial details, to only what is necessary.
        Right of Non-discrimination Exercising your privacy rights will not result in any denial of services, different prices, or treatment.
      2. Withdrawing Consent

        The consent that you provide for the collection, use and disclosure of your Personal Information will remain valid until such time it is withdrawn by you by submitting your request in writing or via email to contact@softway.com, or in accordance with the applicable legal requirements.

        • Upon receipt of your written request to withdraw consent, we may require a reasonable period of time to process your request subject to applicable governing laws, statutes, and regulations. We will notify you of any consequences of granting your request, including any legal implications that may affect your rights and obligations with respect to us.

        • While we respect your decision to withdraw consent, please be advised that, depending on the nature and scope of your request, we may be unable to process your request subject to applicable governing laws, statutes, and regulations. In such instances, we will notify you prior to completing the processing of your request, as outlined above.

        • Please note that withdrawing consent does not affect our right to continue collecting, using, and disclosing your personal information where such activities are permitted or required under applicable laws, even without consent.

        • If you have agreed to receive marketing, you may always opt out at a later date. You have the right at any time to stop Our Company from contacting you for marketing purposes or giving your data to other members of the Our Company Group.

          If you no longer wish to be contacted for marketing purposes, please click here.

      3. Exercising your Rights

        At Softway, we are committed to protecting your personal information and respecting your legal rights under applicable privacy laws.

        To exercise these rights, you may:

        • Submit a request through our Data Subject Rights Request Form; or

        • Contact us via email at contact@softway.com.

        We may request additional information to verify your identity. Responses will be provided within 30 days unless an extension is necessary, in which case you will be informed accordingly. Where permitted by law, we may deny certain requests—such as those that may infringe on the rights of others or conflict with legal obligations—and will provide a reason unless legally restricted from doing so.

        Please note, depending on the nature of your request, we may only share relevant portions of your personal data—not full documents.

      4. Exceptions

        If Softway's Data Protection Officer (DPO) or the designated team refuses any Data Subject Request, Softway will provide the Data Subject with a written explanation detailing the reasons for such refusal. The Data Subject will also be informed of their right to file a complaint with the relevant Data Protection Authority within the prescribed timeframe and manner as outlined by applicable regulations.

        Below are some specific exceptions where Softway may decline to fulfill a Data Subject Request:

        • Identity Verification Issues: If Softway is unable to identify or verify the identity of the Data Subject using the available information or resources, such as registered email addresses, user IDs associated with Softway’s platforms, or other online identifiers.

        • Protecting Third-Party Personal Information: If fulfilling the request would require Softway Solutions to disclose personal information belonging to another individual, the request will be declined unless that individual has explicitly consented or if it is reasonable and justified under the circumstances (e.g., in matters concerning national security or legal obligations).

        • Compliance with Legal or Governmental Obligations: Requests will be denied if complying would interfere with Softway's obligations under law, including but not limited to government functions, court orders, or other statutory duties.

        • Protection of Trade Secrets and Confidential Business Information: Requests involving personal information that would expose Softway Solutions’ trade secrets or confidential business strategies related to its products, services, or internal processes will not be fulfilled.

        • Negotiation Privacy: If the personal information requested includes details of ongoing negotiations between Softway and its employees or contractors, and releasing such information would compromise those negotiations, the request may be declined.

        • Regulatory and Investigative Contexts: Data requests related to regulatory oversight, judicial appointments, ongoing investigations, tax matters, or corporate financial services may be exempt from disclosure under applicable laws.

        • Manifestly Unfounded Requests: Requests deemed clearly without genuine intent to exercise rights, or those submitted with malicious motives or to disrupt Softway’s operations, will be rejected. For example, requests withdrawn after submission in exchange for benefits or claims will be considered abusive.

        • Manifestly Excessive Requests: Requests that are repetitive, excessively frequent, or follow patterns substantially similar to previous submissions within a short timeframe may be refused, particularly when they lack new grounds or justification.

  11. Cookies

    Cookies are text files placed on your computer to collect standard Internet log information and visitor behavior information. We use cookies to enhance your experience, understand usage, and keep you signed in. When you visit our websites, we may collect information from you automatically through cookies or similar technology.

    To learn more about the types of cookies we use and how you can manage your preferences, please refer to our Cookie Policy:

  12. Security

    The security of your Personal Information is important to us. We have implemented and maintain reasonable technical and organizational security measures and procedures to protect your data both at rest and in transit. These measures include rigorous third-party risk assessments, strong access controls, information sharing strictly on a need-to-know basis, encryption of personal information, secure data storage, and rapid data breach response protocols.

    All data transfers are conducted securely over HTTPS connections. We utilize Microsoft Azure as our cloud service provider, which maintains multiple industry-recognized certifications and compliance standards for its data centers, including ISO/IEC 27001, PCI DSS Certification, and SOC 1, SOC 2, and SOC 3 reports. For more information, you may refer to the Azure Security and Azure Compliance websites.

    For internal hosts, we use Azure Authentication for all data transfers and operational activities to ensure secure access. For event attendees, we implement email verification and JWT (JSON Web Token) encryption to validate identity and protect all operations and data transfers using unique, encrypted tokens.

    We apply Web Application Firewall (WAF) rules on our Azure services to defend against malicious activities such as DDoS attacks, injection attacks, and other common web-based threats.

  13. Third Party References and Links

    Our website may contain links to third-party websites. Please note that this Notice applies solely to our website. If you navigate to another website through a link, we encourage you to review that website's Notice, as we do not control and are not responsible for their privacy practices.

  14. Changes to our Privacy Notice

    We keep our Notice under regular review. The website Notice may be changed or updated occasionally to meet legal requirements and industry standards. We will not limit your rights under this Notice without your explicit consent. Any changes will be reflected in the updated version, and we will indicate the date of the most recent revision. We will also provide access to previous versions for your reference. If we make significant changes, we will provide a prominent notice, such as an email notification or in-service alert, as applicable.

    Customers are encouraged to frequently visit these sections and follow updates sent through email or in-service notifications in order to be updated about the changes on the website. Modifications will be effective on the day they are posted and the date on which this Notice was last updated will appear at the top of this document.

    This Notice was last updated on 15/September/2025

  15. Compliance with the applicable Laws

    You may not use the Services or access the Website if any provision of this Notice is not in compliance with the laws applicable in your jurisdiction.

  16. How to Contact Us

    If you have any questions about Our Company’s privacy policy, the data we hold on you, or if you would like to exercise one of your data protection rights, please do not hesitate to contact us:

    Email: contact@softway.com
    Phone: 281-914-4381
    Mailing Address:
    Softway®
    Attn: Legal
    18722 University Blvd, Suite 249
    Sugar Land, TX.

    For privacy-specific inquiries, you may contact our Data Protection Officer (DPO) at dpo@softway.com.

    For California Users and Residents:
    If any complaint with us is not satisfactorily resolved, you may contact the Complaint Assistance Unit of the Division of Consumer Services of the California Department of Consumer Affairs:

    Address: 1625 North Market Blvd., Suite N 112, Sacramento, California 95834
    Phone: (800) 952-5210 or (916) 445-1254