Privacy Policy

38 Labs provides Data, ML and AI solutions and services to global customers. While carrying out our business operations, we take utmost care and due diligence to ensure that Privacy aspects of every individual who interacts with us, as well as our solutions and services, are taken care of, by design and by default, in alignment with all applicable laws and regulations.

There are a few avenues and ways where personal information is collected and used by 38 Labs for fair and legal business purposes. The sections below explain what personal data we collect and what we do with it. It also explains how the rights of every individual whose personal information we are dealing with are effectively protected and fulfilled.

Please review the Privacy Statement before you share any personal information with us. By using the website further and providing us with your personal information, you are demonstrating your understanding and acknowledgement of our Privacy Statement. In accordance with applicable laws and regulations, we will be seeking your consent on the collection and usage of data in specific contexts, as required.


Our Commitment to Privacy Acts and Regulations

We, as an organization, are committed to the adoption of standards, frameworks, and good practices to enhance our Data protection framework and compliance. We are committed towards the applicable Privacy acts and regulations of the countries and regions where we conduct our business and offer our Solutions & Services, including the European Union (EU) regulation, GDPR. We have also established strong Information Security and Data Protection frameworks within our business operations, including a strong Information Security Management System certified towards ISO/IEC 27001 framework.

As part of our continual improvement and our focus on continued compliance with applicable statutes and regulations, our Privacy Statement could be reviewed and updated to make our practices toward privacy better and stronger.

If you have any questions, contact us at


What Personal Information Do We Collect?

The term “Personal Information” or “Personally Identifiable Information (PII)” means any information, whether recorded in a material form or not, when put together with other information, would directly and certainly identify an individual. “Personal data” refers to all types of personal information.

The data we collect depends on the context of your interactions with 38 Labs and the choices you make, including your privacy settings and the products and features you use. You have choices when it comes to the services you use and the data you share. When we ask you to provide personal data, you can decline.


Our Role as a Data Processor

We collect and process personal information as a Data Processor in the following contexts:

  • 38 Labs provides Data, ML and AI solutions to our global customers. Though 38 Labs does not engage individuals directly nor collect personal information directly from them in this process, some personal information is collected by our solutions and processed. Such processing is carried out entirely on behalf of our customers.

  • 38 Labs acts as a Data Processor of Personal information, to the extent of, and strictly bound and governed by the specific Statement of Work (SOW) and Data Processing Agreement (DPA) with our customers.



We use cookies to store information such as user preferences and session information. It helps us to record your login and activity on our website, improve security, and provide better services when you re-visit our website.

Most browsers are set up to accept cookies, but you can change your settings to have your browser notify you when you receive a new cookie, or you can change your settings to refuse to accept some or all cookies. However, please note that if you change your browser settings to block essential cookies, you may not be able to access parts of our website.

For more information, please read our Cookie Policy.


Children’s Privacy

38 Labs does not provide services or offer solutions to, nor engage, or recruit/employ children under the age of 18. Hence, as a Data Controller, there are no avenues where 38 Labs collects or processes the personal data of persons below 18.

By default, even as a Data Processor, we do not receive and/or process personal data of children below 18 from our customers. If we discover that we have received any personal information from/about a child under the age of 18 in violation of this policy, we will remove the information. If you believe we have received any information from or about anyone under the age of 18, please e-mail us at


Our employees will:

  • Be familiar with the environment impact and requirements relevant to their own role and activities and take responsibility for their own impact on the environment.


How Do We Collect Your Personal Information?

As per context, we may collect, store, use, and disclose your personal information to authorized personnel for the following purposes:

  • Your personal data collected through our web forms will be used only for the designated purposes for which it was collected and for purposes for which your consent was taken.
  • The technical and related user end data collected will be used for the following purposes:
  • Ensuring customized and optimum presentation and performance of our website.
  • Monitoring and analyzing to ensure effective and efficient system performance and usage of our website and related services.
  • Identification and proactive handling of any technical issues.
  • Troubleshooting and support purposes.
  • The data collected for recruitment purposes will only be used for the purpose and processes related to the same, as per the consent received from you, and in accordance with applicable laws and regulations.
  • The data stored in 38 Labs systems is subject to periodic backup. The backup data is further used/processed only for the following purposes:
    • Troubleshooting and data recovery purposes.
    • Backup and Recovery testing/verifications.
    • We do not profile users or monitor the behavior of users using their personal information, either manually or in any automatic manner, for any purpose other than legitimately required as a part of delivering and supporting the designated service from us.
  • We do not use personal data collected/provided to us for any purpose other than:
    • Those which are detailed in this Privacy Statement.
    • Those for which specific consent has been received from you.
    • Those that are explicitly included in our formal data processing agreement with our Customers as Data controllers.



  • Personal information collected for Marketing and Sales purposes will be used only for legitimate business purposes, in compliance with the applicable laws and regulations, subject-specific aspects such as:
  • Demonstrable relevance, context, and value of the communication to you.
  • Explicit consent is sought from you at first contact to continue the conversation.
  • 38 Labs may, from time to time, send e-mails regarding our products and services to users who have registered their interest with us.


Data Storage, Transfer & Retention

38 Labs takes data security, including that of personal data, very seriously. A robust information Security Management System (ISMS) is established within 38 Labs that governs the systems and practices. This ISMS is established and managed in alignment with global best practices and certified towards ISO/IEC 27001:2013 standard.

The data collected will be stored in physical and/or cloud-based Servers and Databases owned and managed by 38 Labs and/or our customers.

The data might be stored and/or transferred within or outside the region of collection to fulfill the agreed and lawful processing. However, any transfer of data outside the region of data subjects will be done in compliance with the applicable Privacy acts and regulations.

All the Personal Data we collect is disposed of securely as per 38 Labs’s data retention policy.


Disclosure of Personal Information with Third Parties

  • We may disclose personal information to affiliates, group companies and/or third parties strictly on confidential terms.
  • We may disclose such information to third parties in order to provide you with customer support facilities, to comply with our legal obligations, or to prevent, detect, mitigate, and investigate fraudulent or illegal activities related to the website and to avail services from third parties in order to improve and manage our services and for data analysis and market research.
  • In the event of any requirement by court order, government, or quasi-government agency to disclose your personal information, we will disclose information as may be legally required. We may also disclose your personal information if we, in good faith, believe that such disclosure is reasonably necessary to respond to subpoenas, court orders, or other legal process.
  • In the event the company is merged with or acquired by another company or in the case of re-organization or re-structuring of business, we and our affiliates will share your personal information, wholly or in part, with another business entity.
  • Some of the personal data may also be shared with designated service/solution providers who act as sub-processors for designated purposes, such as marketing services, recruitment and payroll services, and other technical services such as e-mails, spam filtering, analytics, monitoring, troubleshooting, and more.
  • We contractually require our agents, service providers, and affiliates who may process personal data related to the Services to provide the same level of protection for personal data as required under the principles and applicable laws and regulations.


Users’ Data Rights and Choices

Subject to applicable local laws and regulations, users may have some or all the following rights with respect to their personal data residing with us:

  • To obtain a copy of your personal data together with information about how and on what basis that personal data is processed.
  • To rectify inaccurate personal data (including the right to have incomplete personal data completed).
  • To request for erasing your personal data residing with us, subject to specific context and the Cookie Policy.
  • To request a restriction on processing personal data under certain circumstances.
  • To port your data in machine-readable format to a third party (or to you).
  • To withdraw your consent to us processing your personal data (where that processing is based on your consent).
  • To lodge a complaint with the supervisory authority in your region.

In relation to any such rights-related aspects of privacy, please contact us at


Contact Us

If you have any questions regarding our data privacy practices or need to report a complaint, please contact us at or write to us at:

Attn: Data Protection Officer (DPO).

38 Labs, 6 Rue Jean Hemard, 94000, Creteil, France

We will review this Environmental Policy annually and measuring targets and performance as part of that review.

Copyright © 2024 38 Labs, All rights reserved.