Privacy Policy

Software Quality Guru ("we," "our," or "us") is a medical device software consulting firm based in Virginia, United States. We are committed to protecting the privacy and security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you visit our website at softwarequality.guru or engage our consulting services.

Data Controller: Software Quality Guru, Virginia, USA. Contact: frank@softwarequality.guru

By using our website or services, you agree to the collection and use of information in accordance with this policy. If you do not agree with the terms of this policy, please do not access the site.

We may collect the following types of information:

Information You Provide Directly

Automatically Collected Information

Information from Third Parties

We use the information we collect for the following purposes:

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, our legal basis for collecting and using personal information depends on the context:

Special Category Data: We do not intentionally collect special category data (health data, biometric data, etc.) about website visitors. Any such data shared during a consulting engagement is processed under Art. 9(2)(b) (employment/legal obligations) or Art. 9(2)(a) (explicit consent) as applicable.

As stated in Section 2, we do not sell or share your information. The only third parties who may access your data are service providers acting strictly on our behalf under Data Processing Agreements (DPAs):

HubSpot: CRM and contact management — stores contact form submissions so we can follow up on inquiries. HubSpot is contractually prohibited from using this data for their own purposes.

Google Analytics: Anonymized, aggregated website usage data only. We use IP anonymization and do not share identifiable visitor data. Google acts as a data processor under Google's Data Processing Amendment.

Email and cloud services: Used solely to communicate with you and store project files.

All service providers are bound by data processing agreements pursuant to GDPR Art. 28 that prohibit them from using your information for any purpose other than providing services to us.

We retain personal information for as long as necessary to fulfill the purposes outlined in this policy, including:

When personal information is no longer needed, we securely delete or anonymize it. You may request early deletion at any time subject to our legal retention requirements (see Section 9).

Our website uses cookies and similar technologies to enhance your experience:

Essential Cookies: Required for basic website functionality. These cannot be disabled.

Analytics Cookies: Used to understand how visitors interact with our website (e.g., Google Analytics). These collect anonymized, aggregated data and are only set with your consent where required by law.

Functional Cookies: Remember your preferences to improve your experience.

You can control cookies through your browser settings. Disabling certain cookies may affect website functionality. Most browsers allow you to refuse new cookies, delete existing cookies, and set preferences on a per-site basis.

We do not use advertising cookies, cross-site tracking cookies, or fingerprinting technologies. We do not build behavioral profiles for advertising purposes.

Depending on your location, you may have the following rights regarding your personal information:

California Residents (CCPA/CPRA): You have the right to know what personal information is collected, the right to delete, and the right to opt-out of sale. We do not sell personal data — there is nothing to opt out of.

To exercise any of these rights, please contact us at frank@softwarequality.guru with the subject line "Privacy Request." We will respond within 30 days (CCPA) or within one month (GDPR), with the option to extend by a further two months for complex requests.

We implement appropriate technical and organizational measures (TOMs) in accordance with GDPR Art. 32 to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

No method of transmission over the Internet or electronic storage is 100% secure. While we implement commercially reasonable safeguards, we cannot guarantee absolute security.

We do not use automated decision-making or profiling processes that produce legal or similarly significant effects on you, as described in GDPR Article 22.

We do not build behavioral profiles for advertising or scoring purposes. We do not use algorithms to make decisions about you without human review.

Any analysis of your information (e.g., reviewing a contact form inquiry) involves human review and judgment by our team before any response or decision is made.

Our website may contain links to third-party websites, including regulatory bodies (FDA, ISO, IEC), standards organizations, and professional resources. We are not responsible for the privacy practices of these external sites and encourage you to review their privacy policies before providing any personal information.

Our services are directed to business professionals and organizations in the medical device industry. We do not knowingly collect personal information from individuals under the age of 18 (or under the age of 16 for EEA residents). If you believe we have inadvertently collected such information, please contact us immediately so we can delete it.

Software Quality Guru operates primarily in the United States. If you access our services from outside the United States, your information may be transferred to, stored, and processed in the United States or other countries where our service providers operate.

For transfers of personal data from the EEA, UK, or Switzerland to the United States, we rely on appropriate transfer mechanisms as required by GDPR Chapter V:

By submitting personal information through our website or services, you acknowledge that your information may be transferred to and processed in the United States.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will post the updated policy on this page with a revised "Last Updated" date.

For material changes that significantly affect your rights or how we process your data, we will provide at least 30 days' advance notice by prominent notice on our website or direct communication where we have your contact information.

Your continued use of our website or services after any changes constitutes your acceptance of the updated policy. We recommend reviewing this policy periodically.

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Software Quality Guru — Data Controller

Email: frank@softwarequality.guru

Website: softwarequality.guru

Location: Virginia, United States

For GDPR-related requests, please include "Privacy Request — GDPR" in the subject line of your email. We will acknowledge receipt within 72 hours and respond to your request within one month.

Supervisory Authority Complaints (GDPR Art. 77)

You have the right to lodge a complaint directly with a data protection supervisory authority without first contacting us. Relevant authorities include:

We would, however, appreciate the opportunity to address your concerns before you contact a supervisory authority, and ask that you contact us in the first instance.