Privacy Policy

Effective Date: January 1, 2024 • Last Updated: July 31, 2025

Introduction

TopSkyll ("we," "our," or "us") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our services, or interact with us in any capacity.

This Privacy Policy applies to all users of our platform, including clients seeking developer talent, developers applying to join our network, and visitors to our website. By using TopSkyll's services or accessing our website, you consent to the practices described in this Privacy Policy.

If you do not agree with the terms of this Privacy Policy, please do not access or use our services.

Information We Collect

Personal Information You Provide

For Clients:

•Contact Information: Name, email, phone, company
•Business Information: Company size, industry
•Account Information: Username, password
•Payment Information:
•Project Details & Communication Records

For Developers:

•Personal & Professional Information
•Technical Skills & Employment Info
•Identity Verification Documents
•Portfolio Data & Assessment Results
•Financial Information:

Information Automatically Collected

•Website Usage Data
•Platform Interaction Data
•Geolocation Data (IP-based)
•Cookies & Tracking Technologies

Information from Third Parties

•Social Media Integration
•Background Check Services
•Payment Processors
•Analytics & Security Services

How We Use Your Information

Service Delivery and Operations

For Clients:

• Talent Matching & Project Management
• Account Management & Quality Assurance

For Developers:

• Profile Creation & Opportunity Matching
• Performance Evaluation & Career Development

Communication and Support

• Service Communications & Customer Support
• Marketing Communications (with consent)
• Surveys and Feedback collection

Business Operations and Improvement

• Analytics and Insights for platform improvement
• Research and Development of new features
• Security and Fraud Prevention measures
• Legal Compliance and regulatory requirements

Marketing and Business Development

• Personalized Marketing based on preferences
• Partnership Development with third-parties
• Market Research and competitive analysis
• Brand Promotion with user consent

How We Share Your Information

Authorized Sharing for Service Delivery

Client-Developer Matching: We share relevant developer information with potential clients during the matching process and basic client information with developers for opportunity evaluation. Detailed information is shared only after mutual interest and agreement.

Service Providers: We engage trusted third-party providers for payment processing, background checks, communication tools, and analytics services. Data sharing is limited to what's necessary for service delivery.

Legal and Regulatory Requirements

• Legal Compliance: Sharing information as required by applicable laws
• Law Enforcement: Cooperating with legitimate investigations
• Safety and Security: Protecting users' safety or preventing fraud
• Regulatory Reporting: Providing information to regulatory bodies

Business Transactions

• Mergers and Acquisitions: Information may be transferred
• Asset Sales: Data may be included in business asset sales
• Due Diligence: Information shared with potential partners

Consent-Based Sharing

• Marketing Partners: With explicit user consent
• Testimonials and Case Studies: With explicit consent
• Public Profiles: Displayed with developer consent

Data Security and Protection

Security Measures

Technical Safeguards:

• Encryption of all sensitive data in transit and at rest
• Role-based access controls limiting data access
• Network security with firewalls and intrusion detection
• Regular security audits and vulnerability testing

Operational Safeguards:

• Employee security awareness training
• Background checks for employees with data access
• Incident response procedures
• Data minimization principles

Physical Safeguards:

• Secure data centers with physical controls
• Secure disposal of hardware
• Limited physical access to servers

Data Breach Response

In the event of a data breach that may compromise your personal information:

• We will investigate the incident promptly
• Affected users will be notified within 72 hours
• Regulatory authorities will be notified as required
• We will provide protective guidance
• Additional safeguards will be implemented

Your Privacy Rights and Choices

Access and Control Rights

Data Access

You have the right to request copies of your personal information in a machine-readable format. Requests fulfilled within 30 days.

Data Correction

Request corrections to inaccurate information through your account or customer support. Identity verification required.

Data Deletion

Request deletion of your data, subject to legal obligations. Some information may be retained for legitimate purposes.

Data Portability

Request your data in portable format (JSON/CSV). Portability requests fulfilled within 45 days.

Communication Preferences

Marketing Communications

Opt out of marketing emails via unsubscribe links. Control notification settings through your account dashboard.

Account Settings

Modify privacy settings, profile visibility, and data sharing preferences in your account dashboard.

Regional Privacy Rights

European Union (GDPR):

• Right to be informed
• Right of access and rectification
• Right to erasure ("right to be forgotten")
• Right to restrict processing
• Right to data portability
• Right to object

California (CCPA/CPRA):

• Right to know what data is collected
• Right to delete personal information
• Right to opt-out of data sale
• Right to non-discrimination
• Right to correct information
• Right to limit sensitive data use

Data Retention and Deletion

Retention Periods

Active Users:

• Account information retained while active
• Communication records retained for 7 years
• Payment information retained per financial regulations

Inactive Accounts:

• Client accounts: 3 years after last activity
• Developer accounts: 2 years after last activity
• Marketing data: Until opt-out or 5 years

Legal and Regulatory Requirements:

• Tax-related information: 7 years
• Employment verification: 3 years
• Security incident logs: 2 years

Deletion Procedures

Automated Deletion:

• System identifies data eligible for deletion
• Monthly processes remove expired data
• Secure deletion methods prevent recovery

Manual Deletion Requests:

• Users can request immediate deletion
• Requests reviewed for legal compliance
• Completed within 30 days of approval

International Data Transfers

TopSkyll operates globally and may transfer your personal information across international borders for business operations. When we transfer data internationally, we ensure appropriate safeguards are in place:

Safeguards for International Transfers

Adequacy Decisions:

• Prioritize transfers to countries with adequate data protection
• EU-US Data Privacy Framework compliance
• Regular monitoring of adequacy decisions

Standard Contractual Clauses:

• EU-approved SCCs for international transfers
• Regular review and updates for compliance
• Additional safeguards implemented where needed

Binding Corporate Rules:

• Internal data protection policies
• Regular audits for global compliance
• Employee training on data protection

Cookies and Tracking Technologies

Types of Cookies We Use

Essential Cookies:

• Authentication
• Security
• Basic functionality
• User preferences

Analytics Cookies:

• Usage statistics
• Performance monitoring
• Behavior analysis
• Conversion tracking

Marketing Cookies:

• Personalized ads
• Social media
• Email marketing
• Remarketing

Cookie Management

Browser Controls:

• Most browsers allow cookie control
• Block, delete, or restrict cookies
• Disabling may affect functionality

Our Cookie Management Tool:

• Granular control over preferences
• Easy opt-in/opt-out for categories
• Regular updates for new technologies

Third-Party Services and Links

Integrated Services

Payment Processors:

• Stripe, PayPal, and other secure providers
• Each has its own privacy policy
• We do not store complete payment card info

Communication Tools:

• Video conferencing and messaging platforms
• Third-party privacy policies apply
• Review third-party policies

Analytics and Marketing:

• Google Analytics, social media pixels
• Data sharing limited where possible
• Opt out through browser settings

External Links

Our website may contain links to external websites not operated by TopSkyll:

• We are not responsible for external privacy practices
• Review privacy policies of linked websites
• Links provided for convenience, not endorsement

Children's Privacy

TopSkyll does not knowingly collect personal information from children under 13 years of age (or under 16 in the EU). Our services are designed for and directed to adults seeking professional development services.

If we become aware that we have collected personal information from a child under the applicable age:

• We will take immediate steps to delete such information
• We will not use or disclose the information
• We will implement additional safeguards

Parents or guardians who believe their child has provided personal information to us should contact us immediately using the information provided in the Contact section.

Changes to This Privacy Policy

Policy Updates

We may update this Privacy Policy periodically to reflect changes in our business practices, updates to applicable laws and regulations, introduction of new services or features, and feedback from users and regulatory authorities.

Notification of Changes

Significant Changes:

• Email notification 30 days before
• Prominent notice on website
• Clear explanation of changes

Minor Changes:

• Updated effective date
• Platform notifications
• Summary in communications

Continued Use

Your continued use of TopSkyll services after policy changes indicates acceptance of the updated terms. If you do not agree with changes, you may:

• Discontinue use of our services
• Request deletion of your personal information
• Contact us to discuss specific concerns

Contact Information

Privacy Inquiries

For questions, concerns, or requests regarding this Privacy Policy or our privacy practices:

Privacy Officer:

Email: privacy@topskyll.com

Data Protection Officer (EU Users):

Email: dpo@topskyll.com

Response Times

• General privacy inquiries: 5 business days
• Data access requests: 30 days
• Data deletion requests: 30 days
• Urgent privacy concerns: 24 hours

Complaint Resolution

If you are not satisfied with our response to your privacy concern:

• You may file a complaint with relevant data protection authorities
• EU users can contact their local Data Protection Authority
• California users can contact the California Attorney General's Office
• We will cooperate fully with regulatory investigations

Regulatory Compliance

TopSkyll is committed to compliance with applicable privacy laws and regulations, including but not limited to:

• General Data Protection Regulation (GDPR)
• California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA)
• Canada's Personal Information Protection and Electronic Documents Act (PIPEDA)
• Australia's Privacy Act
• Other applicable regional and national privacy laws

We regularly review and update our practices to ensure ongoing compliance with evolving privacy regulations worldwide.

This Privacy Policy represents our commitment to protecting your privacy and maintaining the trust you place in TopSkyll. We encourage you to review this policy regularly and contact us with any questions or concerns.

Have Privacy Questions?

Contact our privacy team for any questions about your data or our policies