1. Introduction
Atharv SecureTech ("we," "our," or "us") is committed to protecting your privacy and ensuring you have a positive experience on our website and services. This Data Protection Policy ("Policy") explains how we collect, use, store, and protect your personal data in compliance with the Digital Personal Data Protection Act, 2023 ("DPDPA") and other applicable Indian laws.
This Policy applies to all personal information we collect through our website, applications, customer interactions, and business operations. Please read this Policy carefully. If you do not agree with our practices, please do not use our services.
2. Key Definitions
Personal Data
Any information that identifies you or can be used to identify you, including: name, email address, phone number, physical address, payment details, IP address, cookies, and any other identifying information.
Processing
Any operation performed on personal data, including collection, recording, organization, storage, adaptation, retrieval, use, disclosure, transfer, deletion, or destruction.
Data Subject
The individual to whom personal data relates. This includes our customers, website visitors, users, employees, and partners.
Sensitive Data
Special categories of personal data requiring enhanced protection, including financial information, health data, biometric information, government-issued identification numbers, caste, religion, or political affiliation.
Data Breach
Unauthorized access, disclosure, alteration, or loss of personal data caused by accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to personal data transmitted, stored, or processed in any other manner.
3. Information We Collect
We collect personal data from you directly and from your interactions with our services. The following table outlines the types of information we collect:
| Information Type | Examples | Purpose |
|---|---|---|
| Contact Information | Name, email, phone, address, company | Service delivery, communication, support |
| Payment Information | Credit card, bank details, transaction history | Payment processing, billing, accounting |
| Usage Information | IP address, browser type, pages visited, cookies | Service improvement, analytics, security |
| Communications | Email preferences, communication history, feedback | Marketing, support, service updates |
4. Consent & Legal Basis for Processing
We process your personal data based on the following legal grounds:
- Your explicit consent: You have given us clear permission to process your data
- Contract fulfillment: Processing is necessary to provide services you've requested
- Legal compliance: We are required by law to process certain data
- Legitimate interest: Processing is necessary for our business operations and your interests are not overridden
We obtain your consent through clear, affirmative action (such as checking a consent box during signup). You can withdraw your consent at any time by contacting us.
5. How We Protect Your Data
The security of your personal data is paramount. We implement comprehensive security measures to protect against unauthorized access, alteration, disclosure, or destruction:
Technical Security Measures
- End-to-end encryption for sensitive data in transit and at rest
- SSL/TLS encryption on all web pages
- Secure authentication and strong password policies
- Regular security vulnerability assessments and penetration testing
- Firewalls and intrusion detection systems
Organizational Security Measures
- Restricted access: Only authorized employees can access personal data
- Employee training: All staff receive data protection training
- Confidentiality agreements: All employees sign non-disclosure agreements
- Regular compliance audits and security reviews
6. How Long We Retain Your Data
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected or as required by law. Our retention schedule is as follows:
| Data Category | Retention Period |
|---|---|
| Customer Contact Information | 3 years after last transaction or 2 years after last contact |
| Payment & Transaction Data | 7 years (for accounting and tax compliance) |
| Website Analytics & Cookies | Up to 2 years |
| Employee Records | 2 years after employment termination |
| Support & Communication Records | 1 year or until issue resolved |
7. Your Data Subject Rights
Under the DPDPA 2023, you have the following rights regarding your personal data:
Right to Access
You have the right to request a copy of all personal data we hold about you. We will provide this information within 5 business days of your request.
Right to Correction
If your personal data is inaccurate or incomplete, you may request correction. We will correct the data without delay.
Right to Erasure
You may request deletion of your personal data if it is no longer necessary for the purpose it was collected, or if you withdraw your consent. We will delete your data within 30 days, unless we are required to retain it by law.
Right to Withdraw Consent
If you have provided consent for processing, you may withdraw it at any time. After withdrawal, we will cease processing unless we have another legal basis.
Right to Data Portability
You may request your personal data in a structured, commonly-used, and machine-readable format for transfer to another service provider.
How to Exercise Your Rights
To exercise any of these rights, please contact us at director@atharvsecuretech.com with your request. Please include your full name, email address, and a clear description of your request. We will respond within 5 business days.
8. Data Breach Notification
In the event of a personal data breach that compromises the security or privacy of your information, we will:
- Immediately investigate and contain the breach
- Report the breach to the Data Protection Board within 72 hours
- Notify all affected data subjects without undue delay
- Provide guidance on protective measures you may take
- Implement corrective measures to prevent future breaches
9. Data Sharing & Third Parties
We may share your personal data with third parties only in the following circumstances:
Service Providers
We share data with trusted service providers who assist in delivering our services, such as payment processors, email service providers, cloud hosting providers, and analytics providers. All service providers are bound by confidentiality agreements.
Legal Requirements
We may disclose personal data when required by law or in response to lawful requests from government authorities, law enforcement agencies, or courts.
We may disclose personal data when required by law or in response to lawful requests from government authorities, law enforcement agencies, or courts.
Business Transfers
If we are involved in a merger, acquisition, bankruptcy, or sale of assets, your personal data may be transferred as part of that transaction. We will provide notice before your data becomes subject to a different privacy policy.
Your Consent
We will share your data with third parties only when you have explicitly consented or when it is necessary for the purposes described in this Policy.
We will share your data with third parties only when you have explicitly consented or when it is necessary for the purposes described in this Policy.
10. Cookies & Tracking Technologies
Our website uses cookies and similar tracking technologies to enhance user experience and analyze usage patterns. Cookies are small text files stored on your device that help us remember your preferences and track your activity.
Types of Cookies We Use
- Essential cookies: Required for website functionality
- Performance cookies: Analyze how you use our website
- Marketing cookies: Track your interests for personalized content
You can control cookie settings through your browser preferences. Disabling cookies may affect website functionality.
See our Cookie Policy for details.
11. Contact Information
For questions, concerns, or to exercise your data rights, please contact us:
For privacy-related questions or to exercise your rights, contact director@atharvsecuretech.com.
| Information | Details |
|---|---|
| Organization Name | Atharv SecureTech |
| Registered Address | TBI, BITS-Pilani, Hyderabad Campus, Secunderabad, Telangana, 500078, India. |
| Founder & Director | Manish Kumar |
| director@atharvsecuretech.com | |
| CIN | U62091TS2025PTC204537 |
| DPIIT Recognition | DIPP230751 |
12. Changes to This Policy
We may update this Data Protection Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by updating the "Last Updated" date at the top of this Policy and, if necessary, by sending you an email notification.
Your continued use of our services after any modifications to this Policy constitutes your acceptance of the updated terms.
Last Updated: April 2025
This document is subject to the Digital Personal Data Protection Act, 2023.