LEGAL
ApexStack is committed to protecting your personal data and being transparent about how we collect, use, and safeguard the information you entrust to us. This notice explains your privacy rights and how the law protects you.
Last updated: February 2026
ApexStack ("we," "us," or "our") is a cloud engineering and digital transformation company operating globally through the domain apexstacktechnologies.com. We provide cloud strategy, migration, modernization, managed services, and related technology consulting to enterprises across multiple industries.
This Privacy Notice applies to all personal data we collect through our website (apexstacktechnologies.com), our digital platforms, client engagements, recruitment processes, marketing activities, and any other interactions you have with ApexStack. It describes the types of information we gather, how we process and protect that information, and the choices available to you regarding your personal data.
By accessing our website or providing your personal data to us, you acknowledge that you have read and understood the practices described in this Privacy Notice. If you do not agree with any part of this notice, please refrain from using our website or providing personal information to us.
We collect personal data in several ways depending on how you interact with us. The categories of information we may collect include:
Contact Information: Name, email address, phone number, job title, company name, and postal address provided when you fill out forms, request a consultation, subscribe to our newsletter, or correspond with us directly.
Account and Client Data: Information necessary to deliver our services, including technical credentials, project specifications, organisational details, and billing information provided during client onboarding and throughout the course of an engagement.
Usage Data: Information automatically collected when you visit our website, including your IP address, browser type and version, operating system, referring URLs, pages viewed, time spent on pages, click patterns, and other diagnostic data.
Cookies and Tracking Data: Data collected through cookies, web beacons, pixels, and similar tracking technologies. This may include session identifiers, user preferences, and behavioural analytics. Please see Section 9 for further details on cookies.
Recruitment Data: Information submitted through job applications, including your curriculum vitae or resume, cover letter, educational history, employment history, references, and any other details you choose to provide during the hiring process.
Communications Data: Records of correspondence when you contact us via email, phone, live chat, or social media, including the content of messages and any attachments.
Event and Webinar Data: Registration details and participation records when you attend our webinars, workshops, conferences, or other events.
We process your personal data for the following purposes:
Service Delivery: To provide, manage, and improve our cloud engineering and digital transformation services, including project scoping, architecture design, migration execution, managed services, and ongoing support.
Communication: To respond to your enquiries, send service-related notifications, provide updates on projects, and deliver requested information about our offerings.
Marketing and Business Development: To send newsletters, whitepapers, case studies, event invitations, and other marketing communications where you have opted in or where we have a legitimate interest in doing so. You may opt out of marketing communications at any time.
Analytics and Improvement: To analyse website usage patterns, measure the effectiveness of our content and campaigns, conduct research, and improve the functionality and user experience of our digital platforms.
Recruitment: To evaluate job applications, communicate with candidates, conduct background checks where applicable, and manage our hiring pipeline.
Legal and Compliance: To comply with applicable laws, regulations, and legal processes, to enforce our terms and conditions, and to protect the rights, property, and safety of ApexStack, our clients, and the public.
Security: To detect, prevent, and respond to fraud, unauthorised access, and other security incidents affecting our systems and services.
In accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws, we process your personal data on one or more of the following legal bases:
Consent: Where you have given clear, informed, and unambiguous consent for us to process your personal data for a specific purpose, such as subscribing to our marketing communications or accepting cookies on our website. You have the right to withdraw your consent at any time.
Contractual Necessity: Where processing is necessary for the performance of a contract to which you are a party, or to take steps at your request prior to entering into a contract. This includes processing data to deliver our cloud engineering services, manage client accounts, and fulfil our contractual obligations.
Legitimate Interest: Where processing is necessary for our legitimate business interests, provided those interests are not overridden by your rights and freedoms. This includes analytics, fraud prevention, network and information security, business development, and improving our services.
Legal Obligation: Where processing is necessary for compliance with a legal obligation to which ApexStack is subject, such as tax reporting, regulatory requirements, or responding to lawful requests from public authorities.
We do not sell your personal data. We may share your information with the following categories of third parties, solely for the purposes described in this notice:
Cloud Platform Partners: We work closely with Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform. In the course of delivering our services, limited data may be processed through these platforms in accordance with their respective data processing agreements and our contractual safeguards.
Technology and Analytics Providers: We use third-party tools for website analytics, customer relationship management, email marketing, and other business operations. These providers process data on our behalf under strict data processing agreements.
Professional Advisors: We may share data with our legal, accounting, and insurance advisors where necessary for the management of our business operations and legal obligations.
Regulatory and Legal Authorities: We may disclose personal data where required by law, regulation, legal process, or enforceable governmental request, or where necessary to protect the rights, property, or safety of ApexStack, our clients, or the public.
Business Transfers: In the event of a merger, acquisition, reorganisation, or sale of assets, your personal data may be transferred as part of that transaction. We will notify you of any such change and any choices you may have regarding your data.
ApexStack operates across multiple countries and continents. As a result, your personal data may be transferred to, stored in, and processed in jurisdictions outside your country of residence, including countries that may not provide the same level of data protection as your home jurisdiction.
Where we transfer personal data outside the European Economic Area (EEA), the United Kingdom, or other regions with data transfer restrictions, we implement appropriate safeguards to ensure your data remains protected. These safeguards may include:
Standard Contractual Clauses (SCCs): We use European Commission-approved standard contractual clauses with our service providers and partners to ensure adequate protection for cross-border data transfers.
Adequacy Decisions: Where applicable, we transfer data to countries that have been deemed to provide an adequate level of protection by the relevant regulatory authority.
Additional Security Measures: We apply supplementary technical and organisational measures, such as encryption in transit and at rest, to further protect data during international transfers.
We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by applicable law. The retention period depends on the nature of the data and the purpose of processing:
Client Data: Retained for the duration of the client relationship and for a period of up to six years after the conclusion of a contract, to comply with legal, tax, and regulatory obligations.
Marketing Data: Retained until you withdraw your consent or opt out of marketing communications. We periodically review our marketing lists to remove inactive contacts.
Recruitment Data: Applications for specific roles are retained for up to twelve months after the conclusion of the recruitment process, unless you provide consent for us to keep your data on file for future opportunities.
Website Usage Data: Analytics and cookie data are retained in accordance with the retention periods specified in our cookie settings and the policies of our analytics providers.
When personal data is no longer required, we securely delete or anonymise it so that it can no longer be associated with you.
Depending on your location and applicable data protection laws, you may have the following rights regarding your personal data:
Right of Access: You have the right to request a copy of the personal data we hold about you, along with information about how it is being processed.
Right to Rectification: You have the right to request that we correct any inaccurate or incomplete personal data we hold about you.
Right to Erasure: You have the right to request the deletion of your personal data where there is no compelling reason for its continued processing, subject to certain legal exceptions.
Right to Restrict Processing: You have the right to request that we limit the processing of your personal data in certain circumstances, such as when you contest the accuracy of the data or object to its processing.
Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another controller where technically feasible.
Right to Object: You have the right to object to the processing of your personal data where we rely on legitimate interest as our legal basis, or where your data is being processed for direct marketing purposes.
Right to Withdraw Consent: Where we rely on your consent to process personal data, you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.
Right to Lodge a Complaint: You have the right to lodge a complaint with your local data protection supervisory authority if you believe your personal data has been processed in a manner inconsistent with applicable data protection laws.
To exercise any of these rights, please contact us at info@apexstacktechnologies.com. We will respond to your request within the timeframe required by applicable law, typically within 30 days.
Our website uses cookies and similar tracking technologies to enhance your browsing experience, analyse site traffic, and understand how visitors interact with our content. Cookies are small text files placed on your device by your web browser when you visit a website.
Essential Cookies: These cookies are necessary for the website to function correctly. They enable core features such as page navigation, secure access, and form submissions. You cannot opt out of essential cookies as they are required for the site to operate.
Analytics Cookies: These cookies help us understand how visitors use our website by collecting information about page views, traffic sources, and user behaviour in an aggregated and anonymous form. We use this data to improve the performance and content of our website.
Marketing Cookies: These cookies are used to track visitors across websites and display advertisements that are relevant to individual users. They may be set by us or by third-party advertising partners.
Functional Cookies: These cookies enable enhanced functionality and personalisation, such as remembering your preferences, language settings, and previously entered form data.
You can manage your cookie preferences at any time through our Cookie Settings page. Most web browsers also allow you to control cookies through their settings, including the ability to block or delete cookies. Please note that disabling certain cookies may affect the functionality of our website.
ApexStack takes the security of your personal data seriously. We implement a comprehensive range of technical and organisational measures designed to protect your information against unauthorised access, alteration, disclosure, or destruction. These measures include:
Encryption: All data transmitted between your browser and our servers is protected using Transport Layer Security (TLS) encryption. Sensitive data at rest is encrypted using industry-standard AES-256 encryption.
Access Controls: We enforce strict role-based access controls to ensure that only authorised personnel can access personal data, and only to the extent necessary for their job functions. Multi-factor authentication is required for all internal systems that process personal data.
Infrastructure Security: Our systems are hosted on enterprise-grade cloud infrastructure with built-in redundancy, intrusion detection, firewalls, and continuous monitoring. We leverage the security capabilities of cloud platforms including AWS, Azure, and Google Cloud.
Regular Audits and Testing: We conduct regular security assessments, penetration tests, and vulnerability scans to identify and address potential risks. Our security practices are reviewed and updated on an ongoing basis to reflect evolving threats and industry best practices.
Incident Response: We maintain a formal incident response plan to detect, investigate, and respond to data breaches and security incidents promptly. In the event of a breach affecting your personal data, we will notify you and the relevant supervisory authorities as required by applicable law.
Employee Training: All ApexStack employees receive regular training on data protection, information security, and privacy best practices to ensure a security-aware culture throughout the organisation.
Our website, services, and platforms are not directed at individuals under the age of 16. We do not knowingly collect, solicit, or process personal data from children under 16 years of age. If we become aware that we have inadvertently collected personal data from a child under 16, we will take immediate steps to delete that information from our systems.
If you are a parent or guardian and believe that your child has provided personal data to ApexStack, please contact us at info@apexstacktechnologies.com so that we can take appropriate action.
We may update this Privacy Notice from time to time to reflect changes in our practices, legal requirements, or business operations. When we make material changes, we will update the "Last updated" date at the top of this notice and, where appropriate, notify you by email or through a prominent notice on our website.
We encourage you to review this Privacy Notice periodically to stay informed about how we are protecting your personal data. Your continued use of our website and services after any changes to this notice constitutes your acknowledgement of the updated terms.
If you have any questions, concerns, or requests regarding this Privacy Notice or our data protection practices, please contact us:
Email: info@apexstacktechnologies.com
Website: apexstacktechnologies.com
We aim to respond to all privacy-related enquiries within 30 days. If you are not satisfied with our response, you have the right to escalate your concern to the relevant data protection supervisory authority in your jurisdiction.