Privacy Policy
We respect your privacy and are committed to protecting your personal data. This policy explains how we collect, use and safeguard your information when you use our website or purchase our services.
Table of Contents
Soft Solution International (SMC-Private) Limited is a registered IT company (SECP ID: 0339597) operating the website thesoftsolution.com. In this policy we are referred to as “The Soft Solution”, “we”, “us” or “our”.
We are the data controller responsible for your personal data collected through this website. If you have any questions about this privacy policy or how we handle your data, please contact us:
- Email: info@thesoftsolution.com
- WhatsApp: +92 311 6611148
- Website: thesoftsolution.com/contact/
We collect only the data we need, we store it securely, we never sell it, and we make it easy for you to request deletion at any time.
Depending on how you interact with our website, we may collect the following categories of personal data:
| Category | Data Collected | When |
|---|---|---|
| Identity Data | First name, last name, username | When you register or place an order |
| Contact Data | Email address, phone number, WhatsApp number | When you contact us or place an order |
| Transaction Data | Order details, products purchased, amounts paid | When you make a purchase |
| Technical Data | IP address, browser type, device type, pages visited | Automatically when you visit our website |
| Communication Data | Messages, support requests, feedback | When you contact our support team |
| Account Credentials | Website login details shared for service delivery | Only when required to complete an IT service |
We do not store your payment card details. All payments are processed securely by Stripe and PayPal who handle and store payment information under their own privacy policies and PCI-DSS compliance standards.
We collect data through the following means:
- Direct interactions — when you fill in forms, place orders, create an account, contact us via email, WhatsApp or our contact page, or subscribe to our emails.
- Automated technologies — when you browse our website, we automatically collect technical data via cookies, server logs and similar technologies.
- Third-party sources — we may receive data from analytics providers (Google Analytics), payment processors (Stripe, PayPal), and advertising platforms (Google Ads, Facebook Ads) in aggregated or anonymised form.
We do not purchase personal data lists or obtain data from data brokers.
We use your personal data only for the following purposes:
| Purpose | Data Used |
|---|---|
| Process your order | Identity, contact, transaction data |
| Deliver IT services | Identity, contact, account credentials |
| Send order confirmations & updates | Identity, contact, transaction data |
| Provide customer support | Identity, contact, communication data |
| Send marketing emails (with consent) | Identity, contact data |
| Improve our website & services | Technical data (anonymised) |
| Fraud prevention & security | Technical, transaction data |
| Legal compliance | All categories as required |
We will only send you marketing emails if you have opted in. You can unsubscribe at any time by clicking the unsubscribe link in any email, or by contacting us directly. We use Retainful for email marketing and your data is never shared with third-party advertisers.
We process your personal data under the following legal bases:
- Contract — processing is necessary to fulfil your order and deliver the services you have purchased.
- Legitimate interests — to operate and improve our business, prevent fraud, and maintain security of our systems.
- Consent — for marketing emails and non-essential cookies. You may withdraw consent at any time.
- Legal obligation — where we are required to process data to comply with applicable law.
We never sell your personal data. We share data only where necessary with the following categories of trusted third parties:
- Payment processors — Stripe and PayPal, to securely process your payments.
- Email service providers — Retainful, for transactional and marketing emails.
- Analytics providers — Google Analytics, for anonymised website usage data.
- Hosting provider — Hostinger, who hosts our website and stores data on our behalf under strict data processing agreements.
- Advertising platforms — Google Ads and Facebook Ads may receive anonymised conversion data to measure advertising performance.
All third-party providers are required to process your data only for specified purposes and in accordance with our instructions and applicable data protection law.
Data brokers, list rental companies, or any third party for their own marketing purposes. Your data is yours — we are merely a processor on your behalf.
Our website uses cookies — small text files stored on your device — to improve your experience and analyse site usage. We use the following types of cookies:
| Type | Purpose | Required? |
|---|---|---|
| Essential | Shopping cart, login sessions, security | Yes — cannot be disabled |
| Analytics | Google Analytics — understand how visitors use our site | No — consent required |
| Marketing | Google Ads, Facebook Pixel — measure ad performance | No — consent required |
| Functional | Remember your preferences and settings | No — consent required |
You can manage your cookie preferences at any time via the cookie consent banner on our website, or through your browser settings. Note that disabling essential cookies may affect the functionality of the site.
We retain your personal data only for as long as necessary for the purposes it was collected and to meet legal obligations:
| Data Type | Retention Period |
|---|---|
| Order & transaction records | 7 years (for accounting and tax purposes) |
| Customer account data | Duration of account + 2 years after last activity |
| Support communications | 3 years from last interaction |
| Website credentials (IT services) | Deleted immediately after project completion |
| Marketing email list | Until you unsubscribe or request deletion |
| Analytics data | 26 months (Google Analytics default) |
After the retention period expires, your data is securely deleted or anonymised.
Depending on your location, you may have the following rights regarding your personal data:
Request a copy of the personal data we hold about you
Request correction of inaccurate or incomplete data
Request deletion of your personal data (“right to be forgotten”)
Object to processing of your data for marketing purposes
Request restriction of processing in certain circumstances
Receive your data in a structured, machine-readable format
Contact us at info@thesoftsolution.com with the subject line “Data Rights Request”. We will respond within 30 days. We may need to verify your identity before processing your request. There is no charge for reasonable requests.
If you are located in the European Economic Area (EEA) or United Kingdom, you also have the right to lodge a complaint with your local data protection authority.
We take the security of your personal data seriously and implement appropriate technical and organisational measures to protect it against unauthorised access, loss or disclosure:
- SSL encryption — all data transmitted between your browser and our website is encrypted using SSL/TLS.
- Secure payment processing — card data is processed by PCI-DSS compliant payment providers. We never see or store your full card details.
- Access controls — access to customer data is restricted to team members who need it to fulfil your order.
- Credential security — any login credentials shared with us for IT service delivery are handled with strict confidentiality and permanently deleted after project completion.
- Regular backups — our systems are backed up regularly to prevent data loss.
- Security monitoring — we use security plugins and monitoring to detect and prevent unauthorised access.
In the unlikely event of a data breach that poses a risk to your rights and freedoms, we will notify affected individuals and relevant authorities as required by applicable law, within 72 hours of becoming aware of the breach.
Our business is based in Pakistan and serves customers internationally, primarily in the USA, UK, Canada and Australia. By using our services, your data may be transferred to and processed in Pakistan.
We also use third-party services (such as Stripe, PayPal, Google, Hostinger) that may process data in other countries. Where data is transferred internationally, we ensure appropriate safeguards are in place, including:
- Working only with third-party providers that maintain adequate data protection standards.
- Using service providers that have agreed to appropriate data processing terms.
- Minimising the personal data shared with any third party to only what is strictly necessary.
If you are located in the European Economic Area or United Kingdom, your data may be transferred outside the EEA/UK. We rely on the adequacy of our security measures and contractual safeguards with third-party providers to protect your data in accordance with GDPR requirements.
If you have any questions about this privacy policy, wish to exercise your data rights, or have a complaint about how we handle your personal data, please contact us:
- Email: info@thesoftsolution.com
- WhatsApp: +92 311 6611148
- Subject line: “Privacy Enquiry” or “Data Rights Request”
We will acknowledge your contact within 24 hours and provide a full response within 30 days.
If you are not satisfied with our response and are located in the UK or EEA, you have the right to complain to your national data protection authority:
- UK: Information Commissioner’s Office (ICO) — ico.org.uk
- EU: Your national supervisory authority
- Australia: Office of the Australian Information Commissioner — oaic.gov.au
- Canada: Office of the Privacy Commissioner — priv.gc.ca
This privacy policy was last updated in June 2025. We will notify registered customers of any material changes by email. The most current version will always be available at thesoftsolution.com/privacy-policy/
Questions about your privacy?
We take privacy seriously. Contact us any time and we’ll respond within 24 hours.