Privacy Policy

1. Introduction

TvaritaTech ("we," "our," or "us") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our services, in compliance with the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and other applicable Indian privacy laws.

2. Indicative Privacy Terms and Individual Agreement Variations

2.1 General and Indicative Framework

IMPORTANT NOTICE: This Privacy Policy provides a general, indicative, and baseline framework for our data protection practices. These provisions may be modified, supplemented, or superseded by specific privacy terms, data processing agreements, or contractual arrangements tailored to individual client engagements or service relationships.

2.2 Case-by-Case Privacy Arrangements

TvaritaTech reserves the right to establish different, customized, or enhanced privacy and data protection terms for specific clients, projects, or service categories. Such variations may include, but are not limited to:

• Enhanced data security measures and protection protocols
• Specific data retention periods and deletion schedules
• Customized consent mechanisms and opt-out procedures
• Specialized data processing purposes and lawful bases
• Enhanced user rights and data subject access procedures
• Specific international data transfer safeguards
• Industry-specific compliance requirements and standards
• Customized breach notification and incident response procedures
• Specialized audit, monitoring, and compliance reporting arrangements

2.3 Precedence of Individual Data Protection Agreements

Where specific data processing agreements, privacy addendums, or contractual privacy terms are executed for particular engagements ("Individual Privacy Agreements"), such agreements shall take precedence over this general Privacy Policy to the extent of any conflict, inconsistency, or variation.

2.4 Compliance-Driven Customization

Privacy terms may be customized based on factors including:

• Nature and sensitivity of personal information involved
• Client's industry, regulatory environment, and compliance obligations
• Cross-border data transfer requirements and jurisdictional considerations
• Risk assessment outcomes and security threat evaluations
• Applicable sectoral privacy laws and regulatory guidelines
• Client's internal privacy policies and corporate governance requirements

2.5 Baseline Protection Commitment

While specific terms may vary, all Individual Privacy Agreements will maintain compliance with applicable Indian privacy laws, including the Information Technology Act, 2000, and will not provide protection standards lower than those mandated by applicable legal requirements.

2.6 Framework for Privacy Discussions

This Privacy Policy serves as a starting point for privacy-related discussions and establishes our general approach to data protection. It does not constitute the final privacy terms for specific engagements until confirmed through Individual Privacy Agreements.

3. Information We Collect

3.1 Personal Information

We may collect the following types of personal information:

• Contact Information: Name, email address, phone number, postal address
• Business Information: Company name, job title, business requirements
• Communication Records: Messages, inquiries, and correspondence with us
• Technical Information: IP address, browser type, device information, usage data

3.2 Sensitive Personal Data

We do not intentionally collect sensitive personal data such as:

• Financial information (credit card details, bank account information)
• Health information
• Biometric information
• Password or similar security information

3.3 Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your browsing experience, analyze website traffic, and understand user preferences.

4. How We Use Your Information

We use the collected information for the following purposes:

• Service Delivery: To provide, maintain, and improve our IT services
• Communication: To respond to inquiries, provide customer support, and send service-related communications
• Business Operations: To process transactions, manage accounts, and conduct business activities
• Marketing: To send promotional materials and updates about our services (with your consent)
• Legal Compliance: To comply with applicable laws, regulations, and legal processes
• Security: To protect against fraud, unauthorized access, and other security threats

5. Information Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following circumstances:

5.1 Service Providers

We may share information with trusted third-party service providers who assist us in operating our business, provided they agree to keep your information confidential.

5.2 Legal Requirements

We may disclose your information when required by law, court order, or government authority, or to protect our rights, property, or safety.

5.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.

6. Data Security

We implement appropriate technical and organizational security measures to protect your personal information against:

• Unauthorized access, alteration, disclosure, or destruction
• Accidental loss or damage
• Unlawful processing

Our security measures include encryption, secure servers, access controls, and regular security assessments.

7. Data Retention

We retain your personal information only for as long as necessary to:

• Fulfill the purposes for which it was collected
• Comply with legal obligations
• Resolve disputes and enforce our agreements

When personal information is no longer needed, we will securely delete or anonymize it.

8. Your Rights and Choices

Under Indian privacy laws, you have the following rights:

• Access: Request access to your personal information we hold
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal information (subject to legal requirements)
• Portability: Request transfer of your data to another service provider
• Opt-out: Unsubscribe from marketing communications
• Withdraw Consent: Withdraw previously given consent for data processing

To exercise these rights, please contact us using the information provided below.

9. International Data Transfers

Your personal information is primarily processed and stored in India. If we transfer data outside India, we ensure appropriate safeguards are in place to protect your information in accordance with Indian law.

10. Children's Privacy

Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected information from a child, we will take steps to delete it promptly.

11. Grievance Officer

In accordance with the Information Technology Act, 2000, we have appointed a Grievance Officer to address privacy-related concerns:

12. Company Rights and Data Processing Discretion

12.1 Absolute Discretion in Data Processing

TvaritaTech reserves the absolute right to exercise its discretion in all matters relating to the collection, use, processing, storage, and disclosure of personal information, subject to applicable Indian laws. This discretion includes, but is not limited to:

• Determining the types and categories of personal information to collect
• Establishing purposes for data processing and usage
• Setting data retention periods and deletion schedules
• Implementing security measures and data protection protocols
• Deciding on third-party sharing arrangements and disclosures
• Establishing international data transfer mechanisms
• Determining compliance procedures and privacy practices

12.2 Business Operations and Data Management

The Company may make unilateral decisions regarding any aspect of its data processing operations, privacy practices, or data management procedures without requiring consultation, consent, or approval from data subjects, except where specifically required by mandatory provisions of Indian law.

12.3 Right to Modify Data Practices

We reserve the right to modify, enhance, or change our data collection, processing, and protection practices at any time, in our sole discretion, to improve our services, comply with legal requirements, or for any other business purpose we deem appropriate.

12.4 Interpretation and Enforcement

The Company reserves the right to interpret this Privacy Policy and make determinations regarding its application and enforcement in specific circumstances. All such interpretations and determinations shall be made in the Company's sole discretion and shall be final and binding.

12.5 Compliance with Law

While exercising the rights and discretion described in this section, the Company will comply with applicable Indian privacy laws, including the Information Technology Act, 2000, and related rules and regulations. Where the law provides mandatory requirements, those requirements shall prevail over this section.

13. Changes to This Privacy Policy

13.1 Unilateral Right to Modify

TvaritaTech reserves the absolute and unconditional right to modify, amend, add to, delete from, or otherwise change this Privacy Policy at any time and from time to time, in its sole and absolute discretion, without any prior notice, consent, or approval from any user, data subject, or third party. Such modifications shall be effective immediately upon posting on our website, regardless of whether users have actual notice of such changes.

13.2 Scope of Modifications

Our right to modify this Privacy Policy includes, but is not limited to, changes regarding:

• Types of personal information we collect, use, or disclose
• Purposes for which we process personal information
• Data retention periods and deletion practices
• Security measures and data protection protocols
• Your rights and our obligations under applicable laws
• Third-party sharing arrangements and disclosures
• International data transfer mechanisms
• Contact information and grievance procedures
• Legal basis for processing under Indian privacy laws
• Any other aspect of our privacy practices as deemed necessary

13.3 Notice Provisions

While we may, in our discretion, provide notice of material changes by:

• Posting the updated policy on our website with a new "Last Updated" date
• Sending email notifications to registered users (if email addresses are available)
• Displaying prominent notices on our website or services
• Publishing notices through other communication channels we deem appropriate

Such notice is provided as a courtesy only and is not a legal requirement under this Privacy Policy. The absence of such notice shall not affect the validity, enforceability, or effectiveness of any modifications.

13.4 Binding Effect

Your continued use of our services following any modification to this Privacy Policy constitutes your unconditional acceptance of such modifications. If you do not agree to any modifications, your sole remedy is to discontinue use of our services and request deletion of your personal information in accordance with applicable law.

13.5 Compliance with Law

All modifications to this Privacy Policy shall be made in accordance with applicable Indian laws, including the Information Technology Act, 2000, and related rules and regulations. Where required by law, we will ensure compliance with mandatory notice periods or consent requirements, but reserve the right to implement changes to the fullest extent permitted by law.

13.6 No Limitation on Modification Rights

Nothing in this Privacy Policy shall be construed to limit our right to modify this Policy, including any provision regarding notice requirements, grandfathering of existing practices, or user consent. This right to modify extends to all provisions of this Privacy Policy, including this modification clause itself.

14. Supremacy of Company Rights

14.1 Overriding Authority in Data Processing

In the event of any conflict, ambiguity, or inconsistency between any provision in this Privacy Policy that grants rights to data subjects and any provision that reserves rights to TvaritaTech, the provision favoring the Company's rights shall prevail, subject to mandatory requirements of Indian privacy law.

14.2 Liberal Interpretation

All provisions of this Privacy Policy relating to the Company's rights, discretion, and authority in data processing shall be interpreted liberally and broadly in favor of the Company, while ensuring compliance with applicable Indian laws including the Information Technology Act, 2000.

14.3 Business Operations Priority

Where Indian law permits discretion in data processing practices, the Company's business operations, security requirements, and operational efficiency shall take priority in determining how such discretion is exercised.

14.4 Final Determinations

All determinations made by the Company regarding data processing, privacy practices, and the interpretation of this Privacy Policy shall be final and conclusive, except where data subjects have specific rights under mandatory provisions of Indian privacy law.

15. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

16. Governing Law

This Privacy Policy is governed by and construed in accordance with the laws of India. Any disputes arising from this policy shall be subject to the exclusive jurisdiction of the courts in [Your City], India.