Privacy
Policy

Help Square (SMC-Private) Limited ("Help Square", "we", "us", or "our") operates the website www.helpsquare.net (the "Website"). We are a company registered in Pakistan and provide web development, API integration, UI/UX design, and technical consultancy services to clients worldwide.

This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you visit our Website or engage with our services. It applies to all visitors, users, and others who access the Website (collectively, "you" or "Users").

We are committed to protecting your privacy in accordance with the EU General Data Protection Regulation (GDPR), the UK Data Protection Act 2018, and other applicable data protection laws. Where the GDPR applies, Help Square (SMC-Private) Limited acts as the data controller for the personal data described in this policy.

By using our Website, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our practices, please do not use our Website.

2.1 Information You Provide Directly

When you interact with our Website, you may voluntarily provide us with personal data, including:

• Contact form submissions: your name, email address, phone number (optional), service of interest, and message content.
• Live chat: any information you share via our Tawk.to live chat widget, including your name, email address, and message content.

2.2 Information Collected Automatically

When you visit our Website, we automatically collect certain technical and usage data:

• IP address — collected when you submit our contact form or interact with our services.
• Browser and device information — including your user agent string, browser type, and operating system.
• Usage data — pages visited, referring URL, time and date of your visit, and page interaction data.
• Attribution data — Google Click Identifier (GCLID), UTM parameters (source, medium, campaign, ID, term, content), first landing page, and original referrer.

2.3 Partial Form Submission Data

To improve our ability to assist potential clients and reduce lost enquiries, our Website captures partial (in-progress) form data as you type into our contact form, before you press the submit button. This may include incomplete entries for name, email, and message fields, along with technical metadata such as your IP address, user agent, page URL, and referrer.

Partial submission data is initially stored temporarily (up to 24 hours) and is subsequently persisted in our database. If you complete and submit the form, the partial data is linked to your full submission and marked as converted. Unconverted partial data is automatically deleted after 3 years.

Under the GDPR, we process your personal data on the following legal bases:

Where we rely on legitimate interest, we have conducted a balancing test and concluded that our interests do not override your rights and freedoms. You may object to processing based on legitimate interest at any time by contacting us (see Section 12).

We use the personal data we collect for the following purposes:

• To respond to enquiries — processing and replying to your contact form submissions and live chat messages.
• To recover lost enquiries — using partial form data to follow up on incomplete submissions where sufficient contact information was provided.
• To improve our Website — analysing usage patterns and visitor behaviour to enhance user experience and content.
• To measure advertising effectiveness — using attribution data (UTM parameters, GCLID) to understand which marketing channels drive enquiries.
• To protect our Website — using Cloudflare Turnstile, IP-based rate limiting, and honeypot fields to prevent spam and abuse.
• To send internal notifications — notifying our team of new enquiries via email so we can respond promptly.

We do not sell, rent, or trade your personal data to any third party. We do not use your personal data for automated decision-making or profiling that produces legal effects.

Our Website uses cookies and similar technologies. A cookie is a small text file stored on your device that helps us provide and improve our services.

5.1 Cookies We Use

5.2 Third-Party Cookies and Scripts

We use the following third-party services that may set their own cookies or collect data:

• Google Tag Manager (GTM) — a tag management system that may load additional tracking scripts (such as Google Analytics or Google Ads conversion tracking). The specific tags loaded are configured within our GTM container and may set third-party cookies.
• Tawk.to — our live chat provider, which may set cookies to maintain your chat session and preferences.
• Cloudflare Turnstile — our bot protection service, which may use cookies and browser signals to distinguish humans from automated traffic.
• Self-hosted web fonts — typography files are served from our own website infrastructure and are not loaded from third-party font providers.

5.3 Managing Cookies

You can control and delete cookies through your browser settings. Most browsers allow you to refuse cookies, delete existing cookies, or be notified when a cookie is set. Please note that disabling essential cookies may affect the functionality of our Website.

For more information on managing cookies, visit www.allaboutcookies.org.

We engage the following third-party service providers who may process your personal data on our behalf:

These providers are contractually obligated to process your data only as instructed by us and to maintain appropriate security measures. We do not authorise them to use your personal data for their own purposes.

Help Square is based in Pakistan, and our production servers are located in the United States. Your personal data may be transferred to and processed in countries outside your country of residence, including Pakistan and the United States, which may not provide the same level of data protection as your home jurisdiction.

Where we transfer personal data from the European Economic Area (EEA) or the United Kingdom to countries that have not received an adequacy decision, we rely on the following safeguards:

• Standard Contractual Clauses (SCCs) — approved by the European Commission, ensuring that your data receives adequate protection.
• Contractual obligations — binding our service providers to protect your data in accordance with GDPR standards.

You may request a copy of the safeguards we use by contacting us at the details provided in Section 12.

We retain your personal data only for as long as necessary to fulfil the purposes outlined in this policy, or as required by law:

When retention periods expire, your data is securely deleted or anonymised.

If you are located in the European Economic Area (EEA) or the United Kingdom, you have the following rights regarding your personal data:

• Right of Access (Article 15) — you may request a copy of the personal data we hold about you.
• Right to Rectification (Article 16) — you may request that we correct inaccurate or incomplete personal data.
• Right to Erasure (Article 17) — you may request deletion of your personal data, subject to certain legal exceptions.
• Right to Restriction of Processing (Article 18) — you may request that we limit how we use your data in certain circumstances.
• Right to Data Portability (Article 20) — you may request your personal data in a structured, commonly used, machine-readable format.
• Right to Object (Article 21) — you may object to processing based on legitimate interest, including any profiling.
• Right to Withdraw Consent (Article 7(3)) — where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
• Right to Lodge a Complaint — you have the right to lodge a complaint with a supervisory authority in your country of residence. For example, the UK Information Commissioner's Office (ICO) or your local EU data protection authority.

To exercise any of these rights, please contact us at contact@helpsquare.net. We will respond to your request within 30 days. We may ask you to verify your identity before processing your request.

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

• Encryption in transit — all data transmitted between your browser and our servers is encrypted using TLS (Transport Layer Security).
• CSRF protection — cross-site request forgery tokens protect against malicious form submissions.
• Bot protection — Cloudflare Turnstile and honeypot fields prevent automated spam and abuse.
• Rate limiting — IP-based rate limiting protects our services from excessive or abusive requests.
• Access controls — access to personal data is restricted to authorised personnel who need it to perform their duties.
• Secure infrastructure — our servers are hosted in secure data centres with industry-standard physical and network security.

While we strive to protect your personal data, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security but are committed to promptly addressing any breach in accordance with applicable laws.

Our Website and services are not directed at individuals under the age of 16. We do not knowingly collect personal data from children. If you are a parent or guardian and believe that your child has provided us with personal data, please contact us at contact@helpsquare.net, and we will take steps to delete such data promptly.

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

We aim to respond to all legitimate requests within 30 days. Occasionally, it may take us longer if your request is particularly complex or you have made multiple requests, in which case we will notify you and keep you updated.

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes, we will update the "Effective Date" at the top of this page.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your data. Your continued use of the Website after any changes constitutes your acceptance of the updated policy.