Privacy Policy

1. Introduction

Zynapte Technologies Private Limited (“Zynapte”, “we”, “our”, or “us”) values your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, share, and safeguard information obtained through our websites (www.zynapte.com), SaaS platforms, applications, and related professional services.

This policy complies with the Digital Personal Data Protection Act, 2023 (India) and aligns with globally recognized data-protection standards such as the EU GDPR and ISO 27001 principles.

2. Information We Collect

2.1 Personal Data

• Full name, job title, and company details
• Email address, phone number, and mailing address
• Billing, GST, and payment information
• Account credentials for Zynapte platforms (where applicable)

2.2 Technical Data

• IP address, device identifiers, and browser details
• Usage logs, access time, and pages visited
• Cookies, pixels, and analytics identifiers
• Geolocation (approximate, non-precise)

2.3 Sensitive or Client Data

When you use our CRM or SaaS products, we may process data uploaded by you or your organization (“Client Data”). Zynapte acts as a data processor for this information, and you remain the data controller.

3. Purpose and Legal Basis for Processing

• To provide, operate, and maintain our products and services
• To process orders, payments, and subscriptions
• To deliver support, updates, and security notifications
• To analyze usage and improve performance
• To comply with legal, tax, and regulatory obligations
• To prevent fraud, abuse, or unauthorized access
• To send marketing or product communication (with consent)

Processing is based on one or more lawful grounds: your consent, fulfillment of a contract, legitimate business interests, or legal compliance.

4. Cookies and Tracking Technologies

We use cookies and similar tools to personalize content, analyze traffic, and improve user experience. You can accept or decline non-essential cookies via your browser settings or the consent banner. Essential cookies necessary for authentication and security cannot be disabled.

5. Data Retention

We retain personal data only for as long as required to fulfill the purposes outlined in this policy or as mandated by law. After expiry, data is securely deleted or anonymized. Client-uploaded data may be deleted within 30 days of subscription termination unless otherwise requested in writing.

6. Disclosure and Third-Party Sharing

We never sell personal data. We may share limited information with:

• Authorized employees and contractors under NDAs
• Payment processors (Razorpay, Stripe, etc.)
• Cloud hosting and storage providers (AWS, GCP, DigitalOcean)
• Analytics and marketing tools (Google Analytics, Meta Pixel)
• Government or law-enforcement agencies when legally required

All third-party partners are bound by confidentiality and data-processing agreements.

7. International Transfers

If data is transferred outside India, such transfer occurs only to countries with adequate data-protection safeguards or under binding contracts ensuring protection equivalent to Indian law.

8. Data Security

• Encryption of data at rest and in transit (TLS 1.2 +)
• Role-based access controls and multifactor authentication
• Periodic vulnerability scans and audits
• Employee confidentiality and cybersecurity training
• Secure data-center facilities located in India

In the event of a data breach that may impact you, we will notify affected users and authorities as required by law within a reasonable timeframe.

9. Your Rights and Choices

• Access a copy of your personal data
• Request correction or deletion (“right to erasure”)
• Withdraw consent for marketing communications
• Restrict or object to certain processing activities
• Request data portability in a machine-readable format

To exercise your rights, email us at [email protected]. We may verify your identity before fulfilling such requests.

10. Children’s Privacy

Our services are not directed to individuals under the age of 13 (or 18 where applicable law requires parental consent). We do not knowingly collect data from minors. If we discover such data, it will be deleted promptly.

11. Updates to This Policy

We may revise this policy from time to time to reflect legal or operational changes. The updated version will be posted on this page with a new “Last Updated” date. Continued use of our services after an update constitutes acceptance of the revised policy.

12. Jurisdiction and Applicable Law

This Privacy Policy and any disputes arising from it are governed by the laws of India. The courts of Kolkata, West Bengal shall have exclusive jurisdiction.