Privacy Policy
PALSANIA WEB TECHNOLOGY PRIVATE LIMITED is committed to protecting your privacy and ensuring the security of your personal information.
1Introduction
PALSANIA WEB TECHNOLOGY PRIVATE LIMITED respects your privacy and is committed to protecting it through this Privacy Policy. This policy explains how we collect, use, disclose, and safeguard your information when you use our services, websites, and applications.
We are dedicated to maintaining the highest standards of data protection and privacy in compliance with applicable laws and regulations, including GDPR, CCPA, and other international privacy frameworks.
2Information We Collect
Personal Information
We may collect personally identifiable information such as:
- Name
- Email address
- Phone number
- Company name
- Billing and payment details
- Professional credentials and certifications
Non-Personal Information
We automatically collect certain information including:
- Browser type and version
- IP address
- Device information (OS, screen resolution)
- Usage data and analytics
- Website navigation patterns
- Geographic location data
Cookies and Tracking Technologies
We use cookies, web beacons, and similar technologies to enhance user experience, analyze website traffic, and provide personalized content. You can control cookie preferences through your browser settings.
3How We Use Your Information
Service Delivery
- • Provide and maintain our IT services
- • Process transactions and payments
- • Deliver project updates and support
- • Manage client relationships
Business Operations
- • Improve our website and offerings
- • Conduct analytics and research
- • Ensure security and prevent fraud
- • Comply with legal obligations
Communication
We use your information to communicate with you about our services, including support responses, service updates, marketing communications (with consent), and important security notifications.
5Data Security
Enterprise-Grade Security Measures
We implement comprehensive technical and organizational measures to protect your data from unauthorized access, alteration, disclosure, or destruction. Our security framework includes:
6Data Retention
We retain personal information only as long as necessary for the purposes outlined in this Privacy Policy, or as required by applicable laws and regulations. Our retention periods are determined based on:
- The nature of the information and its sensitivity
- The potential risk of harm from unauthorized use or disclosure
- Legal, regulatory, tax, and accounting requirements
- Our legitimate business needs
When information is no longer needed, we securely delete or anonymize it in accordance with our data retention schedule and legal requirements.
7Your Rights
Access & Control
- • Access: Request a copy of your personal data
- • Correction: Request correction of inaccurate data
- • Deletion: Request deletion of your personal data
- • Portability: Request transfer of your data
Additional Rights
- • Withdraw Consent: Withdraw consent for processing
- • Object: Object to processing in certain circumstances
- • Restrict: Request restriction of processing
- • Lodge Complaint: File complaints with supervisory authorities
To exercise these rights: Contact our Data Protection Officer using the information provided in the Contact Us section. We will respond to your request within 30 days or as required by applicable law.
8Third-Party Links
Our website and services may contain links to third-party websites, applications, or services. This Privacy Policy does not apply to these external sites. We encourage you to review the privacy policies of any third-party services you use.
We are not responsible for the privacy practices, content, or security of third-party websites or services. Your interactions with these third parties are subject to their own terms and privacy policies.
9International Data Transfers
Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws than your jurisdiction.
When we transfer personal data internationally, we ensure appropriate safeguards are in place, including:
- Standard Contractual Clauses approved by relevant authorities
- Adequacy decisions by competent data protection authorities
- Binding Corporate Rules for intra-group transfers
- Certification schemes and codes of conduct
10Children's Privacy
Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will take steps to delete such information promptly.
If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately so we can remove the information.
11GDPR Compliance
EU General Data Protection Regulation
For users located in the European Union, we comply with the GDPR requirements. Our GDPR compliance includes:
- Lawful basis for processing personal data
- Data Protection Impact Assessments (DPIA) for high-risk processing
- Data Protection Officers and representatives in EU member states
- Records of processing activities
- Breach notification procedures within 72 hours
Data Subject Rights Under GDPR
EU residents have additional rights including the right to data portability, the right to object to automated decision-making, and the right to lodge complaints with supervisory authorities.
12Cloud Services & Data Processing Agreement
Cloud Infrastructure Providers
We utilize industry-leading cloud service providers to ensure high availability, scalability, and security:
Data Processing Agreement (DPA)
We offer comprehensive Data Processing Agreements that outline:
- Scope and purpose of data processing
- Technical and organizational security measures
- Subprocessor obligations and notifications
- Data subject rights and assistance
- Incident notification and response procedures
- Return or deletion of personal data
- Audit rights and cooperation with regulators
Contact us to request a DPA for your organization.
13Incident Response Procedures
Security Incident Response
In the event of a security incident involving personal data, we follow a structured incident response process:
Immediate Response (0-24 hours)
- • Incident detection and assessment
- • Containment of the breach
- • Notification of internal security team
- • Initial impact analysis
Follow-up Actions (24-72 hours)
- • Forensic investigation
- • Regulatory notifications
- • Affected user communications
- • Remediation and recovery
Breach Notification
We will notify affected individuals and relevant authorities within 72 hours of becoming aware of a breach, as required by applicable data protection laws. Notifications will include details about the breach and steps taken to mitigate harm.
14Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:
- Update the "Effective Date" at the top of this policy
- Post the updated policy on this page
- Send email notifications to registered users (where applicable)
- Provide prominent notice of significant changes
We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.