Privacy Policy

1. Who we are

haynes lab LLC ("haynes lab," "we," "us," or "our") is a North Carolina limited liability company headquartered in Charlotte, NC, USA. We operate the website hayneslab.dev and provide software engineering consultancy services to clients worldwide.

This Privacy Policy explains what information we collect when you visit our website or work with us, how we use it, who we share it with, and the choices you have.

2. Information we collect

Information you give us

When you contact us, request a quote, or engage us as a client, you may provide:

• Name and email address
• Company name and website
• Phone number (optional)
• Project details, requirements, and any files or links you share
• Payment and billing information (processed by our payment provider — see Section 5)

Information collected automatically

When you visit our site, we automatically collect a limited set of technical data:

• IP address and approximate location (country/region)
• Browser type, operating system, and device type
• Pages viewed and referring URL
• Date and time of visit

Cookies and similar technologies

We use a small number of cookies and similar technologies to operate the site, remember preferences, and understand how visitors use it. We do not use cookies for advertising or cross-site tracking. You can disable cookies in your browser settings; some site features may not work without them.

3. How we use information

We use the information we collect to:

• Respond to your inquiry, send proposals, and provide the services you ask for
• Communicate with you about active projects, including status updates and invoices
• Operate, secure, and improve hayneslab.dev
• Comply with legal obligations and enforce our agreements
• Send occasional follow-ups (e.g., a project update or a relevant resource) — never spam, and you can opt out at any time

We do not sell, rent, or trade your personal information to third parties.

4. Legal bases (EEA / UK visitors)

If you are in the European Economic Area or the United Kingdom, we process your personal data on the following legal bases:

• Performance of a contract — to deliver the services you've engaged us for.
• Legitimate interests — to operate, secure, and improve our website and respond to inquiries.
• Consent — where required (e.g., non-essential cookies or marketing emails). You can withdraw consent at any time.
• Legal obligation — where we must process data to comply with applicable law.

5. Service providers we share data with

We use a small set of trusted third-party service providers to run our business. These providers process data on our behalf under written agreements that limit how they may use it:

• Hosting & infrastructure: Cloudflare and our internal homeserver for site delivery, DNS, and tunneling.
• Email: Google Workspace (Gmail) for client correspondence.
• Project management: ClickUp for tracking client projects (limited to project-relevant data only).
• Payment processing: our payment provider (e.g., Stripe or Wise) handles billing data; we do not store full card numbers on our servers.
• Analytics: a privacy-respecting analytics provider for aggregate usage data (no cross-site tracking).
• AI tooling: we may use AI services (such as Anthropic Claude or OpenAI) as part of our internal workflow. Client content is not used to train third-party models, and sensitive material is handled under client-specific agreements.

We do not share your personal information with anyone for their own marketing or advertising purposes.

6. How long we keep information

We retain personal information only as long as needed to provide our services, comply with our legal obligations, resolve disputes, and enforce our agreements. Inquiry data from prospective clients who don't engage us is typically retained for up to 24 months and then deleted or anonymized.

7. Security

We use industry-standard administrative, technical, and physical safeguards to protect personal information — including TLS encryption in transit, access controls, and limited internal access on a need-to-know basis. No system is perfectly secure; we encourage you to use strong, unique passwords and to share sensitive information only through channels we recommend.

8. International data transfers

We are based in the United States, and our service providers may store and process data in the U.S. or other countries. When we transfer personal data out of your region, we rely on appropriate safeguards (such as Standard Contractual Clauses) where required by law.

9. Your rights

Depending on where you live, you may have rights regarding your personal information, including the right to:

• Access the personal information we hold about you
• Correct inaccurate information
• Request deletion (subject to legal exceptions)
• Object to or restrict certain processing
• Receive a portable copy of your data
• Withdraw consent where processing is based on consent

California residents have specific rights under the California Consumer Privacy Act (CCPA), including the right to know, delete, correct, and opt out of "sale" or "sharing" of personal information. haynes lab does not sell or share personal information for cross-context behavioral advertising.

To exercise any of these rights, email us at the address in Section 12. We will respond within the timeframe required by applicable law.

10. Children's privacy

Our website and services are not directed to children under 13, and we do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will delete it.

11. Changes to this policy

We may update this Privacy Policy from time to time. When we do, we'll change the "Last updated" date at the top of this page. For material changes, we'll provide a more prominent notice (such as a banner on the site or an email to active clients).

12. Contact us

If you have questions about this Privacy Policy or how we handle your information, contact us at:

For general project inquiries, please use our contact page.