Legal
Privacy Policy
Development United, Inc. (“Development United,” “we,” “us,” or “our”) respects your privacy. This Privacy Policy explains how we collect, use, share, and protect personal information when you visit developmentunited.com (the “Site”), engage our engineering, AI, and product services, or otherwise interact with us.
By using the Site or our services, you agree to the terms of this Privacy Policy. If you do not agree, please do not use the Site or engage our services.
1. Information We Collect
1.1 Information You Provide Directly
When you contact us, request a Lena Labs squad, sign an engagement, or otherwise interact with us, we collect:
- Contact details — name, email address, phone number, organization, website URL.
- Project information — details you share about the product, problem, or engagement you want us to help with.
- Communications — emails, messages, meeting notes, and other correspondence with our team.
- Engagement records — contracts, statements of work, deliverables, billing details, and related records for clients.
1.2 Information Collected Automatically
When you visit the Site, we may automatically collect:
- Log data — IP address, browser type and version, operating system, referring and exit pages, time stamps, language preferences.
- Device data — device identifiers, screen resolution, time zone.
- Usage data — pages viewed, links clicked, interactions with the Site (including the “Book a Lena Labs squad” form).
- Cookies and similar technologies — see Section 5.
1.3 Information From Third Parties
We may receive information about you from publicly available sources, professional networks (such as LinkedIn), referrers, business partners, vendors, and service providers. We may combine this information with information you provide to us.
2. How We Use Your Information
We use personal information to:
- Respond to inquiries and provide the services you request.
- Deliver, maintain, secure, and improve our products and services.
- Personalize your experience on the Site.
- Send service-related communications, security alerts, and administrative messages.
- Conduct research, analytics, and reporting to improve our offerings.
- Comply with legal obligations, regulatory requirements, and lawful requests.
- Detect, prevent, investigate, and address fraud, abuse, security, or technical issues.
- Establish, exercise, or defend legal claims.
- Carry out business transactions (e.g. financing, merger, acquisition, or sale of assets).
We do not sell personal information to third parties for monetary consideration.
3. Legal Bases for Processing (EEA / UK)
Where the EU/UK GDPR applies to our processing of your personal information, we rely on the following legal bases:
- Consent — where you have given us specific consent (e.g. to receive marketing emails).
- Performance of a contract — to provide services you have requested or that are necessary to perform a contract with you or your organization.
- Legal obligation — to comply with applicable laws and regulations.
- Legitimate interests — for our legitimate interests in operating, securing, and improving our Site and services, provided those interests are not overridden by your rights.
6. Data Retention
We retain personal information for as long as needed to fulfill the purposes described in this Policy, comply with our legal obligations, resolve disputes, and enforce our agreements. Specifically:
- Inquiry / form submissions — typically up to 24 months from your last interaction with us, then archived or deleted.
- Engagement & billing records — up to seven (7) years to meet tax, audit, and regulatory obligations.
- Web logs & analytics — up to 13 months in aggregated/identifier-stripped form.
When personal information is no longer needed, we delete or de-identify it in accordance with our internal retention schedules.
7. Data Security
We implement reasonable administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, disclosure, alteration, or destruction. These include:
- Encryption in transit (TLS) for all Site traffic and API calls.
- Encryption at rest for sensitive fields stored in our database.
- Role-based access controls and the principle of least privilege.
- Regular security reviews, dependency scanning, and architecture reviews.
- Vendor due diligence for any third party that handles personal information on our behalf.
No method of transmission or storage is 100% secure. We cannot guarantee absolute security, but we will notify affected individuals of material breaches as required by applicable law.
8. Your Rights
Depending on where you live, you may have certain rights with respect to your personal information, including:
- Access — request a copy of the personal information we hold about you.
- Correction — ask us to correct inaccurate or incomplete information.
- Deletion — request that we delete your information, subject to legal exceptions.
- Restriction or objection — ask us to restrict or object to certain processing, including processing based on legitimate interests or for direct marketing.
- Portability — receive your information in a structured, machine-readable format.
- Withdrawal of consent — where processing is based on your consent, withdraw it at any time without affecting prior lawful processing.
- Complaint — lodge a complaint with a data-protection authority in your jurisdiction.
To exercise these rights, contact privacy@developmentunited.com. We will verify your identity and respond within the timeframe required by applicable law.
8.1 California Residents (CCPA / CPRA)
California residents have additional rights, including the right to know the categories of personal information we collect, the sources we collect from, our business purposes for collecting, and the categories of third parties with whom we share information. You may also request deletion and correction of your information and request that we limit use of sensitive personal information.
We do not sell or “share” (as defined under the CPRA) personal information for cross-context behavioral advertising.
8.2 Authorized Agents
You may designate an authorized agent to make a request on your behalf. We will require reasonable proof of authorization.
9. International Data Transfers
Development United is headquartered in the United States, and we may transfer personal information to the United States or other countries where our service providers operate. These jurisdictions may have data-protection laws different from your own. Where required, we use approved transfer mechanisms, such as the European Commission’s Standard Contractual Clauses, to safeguard the transfer.
10. Children’s Privacy
The Site and our services are intended for business and professional users. We do not knowingly collect personal information from children under 16. If you believe a child has provided us with personal information, please contact us and we will take appropriate steps to delete the information.
11. Third-Party Links
The Site may contain links to third-party websites, products, or services. We are not responsible for the privacy practices of those third parties. We encourage you to read the privacy policies of any third-party site you visit.
12. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or for other operational reasons. When we make material changes, we will update the “Last updated” date at the top of this page and, where appropriate, provide additional notice (such as by email or a prominent banner on the Site).
13. Contact
For questions, requests, or complaints relating to this Privacy Policy or our handling of personal information, contact:
Development United, Inc.
Privacy: privacy@developmentunited.com
General: hello@developmentunited.com