Privacy Policy

1. Introduction

ComplyDPDPA ("we," "us," or "our") operates the comply✓dpdpa.com website and related services (the "Service"). This Privacy Policy explains our practices regarding the collection, use, disclosure, and safeguarding of information obtained from users of our website and services.

We are committed to protecting your privacy and ensuring transparency about how we handle your personal data in compliance with the Digital Personal Data Protection Act (DPDPA), 2023, and other applicable data protection laws.

2. Information We Collect

We may collect and process the following types of personal data:

• Contact Information: Name, email address, phone number, company name, and job title when you contact us through forms or email
• Service Information: Details about your organization's data processing activities when using our self-check tool or compliance services
• Technical Data: IP address, browser type, operating system, referring URL, pages visited, and timestamps through cookies and analytics
• Payment Information: Transaction details when you purchase our services (processed securely by payment providers)
• Communication Data: Records of your interactions with us through email, contact forms, or customer support

3. Legal Basis for Processing

We process your personal data based on the following legal grounds under the DPDPA:

• Consent: Where you have explicitly provided consent to process your data
• Contract Performance: To fulfill our service obligations and deliver products/services you've requested
• Legal Obligation: To comply with applicable laws and regulations
• Legitimate Interest: To improve our services, maintain website security, and conduct business operations

4. How We Use Your Information

We use the collected information for the following purposes:

• Providing and improving our DPDPA compliance services and tools
• Responding to your inquiries and customer support requests
• Sending service updates, newsletters, and marketing communications (with your consent)
• Analyzing website usage and performance to enhance user experience
• Detecting and preventing fraudulent activities and security threats
• Complying with legal requirements and regulatory obligations
• Creating anonymized and aggregated reports for business intelligence

5. Data Sharing and Disclosure

We do not sell, trade, or rent your personal data to third parties. However, we may share your information with:

• Service Providers: Third-party vendors who assist us in delivering services (email providers, payment processors, hosting providers) under data processing agreements
• Legal Authorities: When required by law or to protect our rights, privacy, safety, or property
• Business Partners: With your explicit consent for collaboration or partnership activities

All third-party service providers are contractually bound to maintain the confidentiality and security of your data.

6. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected or to comply with legal obligations:

• Service Data: Retained for the duration of your engagement with us plus 3 years for record-keeping
• Contact Information: Retained until you request deletion or unsubscribe from communications
• Technical/Analytics Data: Retained for 12 months for analytics purposes
• Communication Records: Retained for 2 years for dispute resolution and service improvement

7. Data Security

We implement appropriate technical and organizational security measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction, including:

• SSL/TLS encryption for data transmission
• Secure password hashing and storage practices
• Regular security audits and vulnerability assessments
• Access controls and authentication mechanisms
• Employee training on data protection practices

However, no security system is impenetrable. While we strive to protect your data, we cannot guarantee absolute security.

8. Your Rights

Under the DPDPA and applicable data protection laws, you have the following rights:

• Right to Access: Request access to your personal data held by us
• Right to Correction: Request correction of inaccurate or incomplete data
• Right to Erasure: Request deletion of your data (subject to legal retention requirements)
• Right to Grievance Redressal: Lodge a grievance regarding data processing practices
• Right to Withdraw Consent: Withdraw consent for data processing at any time
• Right to Opt-Out: Opt out of marketing communications

To exercise these rights, please contact us at the contact information provided below.

9. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to:

• Remember your preferences and login information
• Understand how you use our website
• Improve website functionality and user experience
• Analyze traffic and performance

You can control cookie preferences through your browser settings. Please note that disabling certain cookies may affect website functionality.

10. International Data Transfers

Your personal data is primarily processed and stored in India. If we transfer your data internationally, we ensure adequate safeguards are in place to protect your data in accordance with applicable data protection laws.

11. Children's Privacy

Our Service is not intended for individuals under 18 years of age. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child, we will take steps to delete such information and terminate the child's access to our services.

12. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of external websites. We encourage you to review the privacy policies of any third-party services before providing your personal data.

13. Updates to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by posting the updated policy on our website and updating the "Last Modified" date. Your continued use of our Service after such notifications constitutes your acceptance of the updated Privacy Policy.

14. Contact Us

If you have questions about this Privacy Policy, wish to exercise your data rights, or have privacy concerns, please contact us: