Privacy Policy
Last updated: May 2025
1. Introduction
Gyansetu Digitalisation Solutions ("Gyansetu", "we", "us", "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains who we are, how we collect and use information about you, and your rights in relation to that information.
This policy applies to all personal data we process in connection with our website at gyansetu-digital.in, our Smart City OS, Digital Twin, Analytics, and IoT platforms, and any communications between us. Please read it carefully. By using our services, you confirm that you have read and understood this policy.
For the purposes of applicable data protection law, Gyansetu Digitalisation Solutions is the data controller for personal data processed under this policy.
2. Data We Collect
We collect personal data in the following categories:
Account Information
When you register for an account or subscribe to a plan, we collect your name, email address, job title, organisation name, billing address, and payment method details (handled by our payment processor; we do not store full card numbers).
Usage Data
We automatically collect technical information about how you use our platform, including: IP address, browser type and version, device identifiers, pages visited, features used, time spent, error logs, and API call patterns. This helps us improve reliability, performance, and the user experience.
Cookies & Tracking
We use cookies and similar technologies to keep you logged in, remember your preferences, and understand how visitors use our website. See Section 8 for full details on cookies.
Communications
When you contact us via email, support tickets, or our contact form, we retain the content of those communications and any attachments, along with metadata such as date, time, and your contact details.
3. How We Use Your Data
We use your personal data for the following purposes, relying on the legal bases indicated:
- check_circle Providing and operating the platform — to create and manage your account, process payments, deliver platform features, and authenticate your identity. (Contractual necessity)
- check_circle Customer support — to respond to your queries, diagnose issues, and provide technical assistance. (Contractual necessity / Legitimate interest)
- check_circle Product improvement — to analyse usage patterns, identify bugs, and improve the functionality and usability of our services. (Legitimate interest)
- check_circle Security and fraud prevention — to detect and prevent unauthorised access, abuse, and fraud. (Legitimate interest / Legal obligation)
- check_circle Communications — to send you service notifications, renewal reminders, and (where you have opted in) product updates and newsletters. (Consent / Legitimate interest)
- check_circle Legal compliance — to comply with applicable laws, regulations, and court orders, including tax and accounting requirements. (Legal obligation)
4. Data Sharing
We never sell your personal data to third parties. We share your data only in the following limited circumstances:
- dns Infrastructure providers — we engage trusted cloud hosting, storage, and CDN providers to operate our platform. These providers act as data processors under a Data Processing Agreement (DPA) and are contractually prohibited from using your data for any purpose other than delivering services to us.
- payments Payment processors — billing and payment card data is processed by PCI-DSS-compliant payment processors. We receive only a tokenised payment reference.
- balance Legal requirements — we may disclose your data to law enforcement or regulatory bodies where required by applicable law, a court order, or to protect the rights and safety of Gyansetu, our users, or the public.
- business Business transfers — in the event of a merger, acquisition, or sale of assets, your data may be transferred to the acquiring entity, subject to the same privacy protections described in this policy.
5. Data Retention
We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by applicable law:
| Data Category | Retention Period |
|---|---|
| Account & profile data | Duration of account + 6 months after deletion request |
| Billing & transaction records | 7 years (statutory requirement) |
| Usage & log data | 12 months rolling |
| Support communications | 3 years from case closure |
| Cookie & analytics data | Up to 24 months |
On expiry of the applicable retention period, data is securely deleted or anonymised such that it can no longer be linked to an individual.
6. Your Rights
Subject to applicable law, you have the following rights in relation to your personal data:
Access
Request a copy of the personal data we hold about you.
Correction
Ask us to correct inaccurate or incomplete data.
Deletion
Request erasure of your data where there is no lawful basis for continued processing.
Portability
Receive your data in a structured, machine-readable format.
Objection
Object to processing based on legitimate interests, including direct marketing.
Restriction
Request that we restrict processing of your data in certain circumstances.
To exercise any of these rights, please email us at privacy@gyansetu-digital.in with your full name, email address, and a description of your request. We will respond within 30 days. We may need to verify your identity before processing your request.
7. Cookies
We use the following types of cookies on our website and platform:
- check_circle Strictly necessary cookies — required for authentication, session management, and security. These cannot be disabled without breaking core platform functionality.
- check_circle Preference cookies — remember your settings such as language, dashboard layout, and notification preferences.
- check_circle Analytics cookies — help us understand how visitors use our site so we can improve content and performance. Data is aggregated and anonymised where possible.
You can manage cookie preferences through your browser settings or via the cookie consent banner displayed on your first visit. Note that disabling analytics cookies does not affect platform functionality.
8. International Transfers
Gyansetu is incorporated in India and primarily processes data within Indian data centres. Some of our infrastructure providers and sub-processors may be located in other countries. Where personal data is transferred outside India, we ensure that appropriate safeguards are in place — such as standard contractual clauses or the recipient country's adequacy status — consistent with requirements under the Digital Personal Data Protection Act, 2023.
If you have questions about the specific safeguards applicable to your data, please contact us at privacy@gyansetu-digital.in.
9. Contact
If you have any questions, concerns, or complaints about this Privacy Policy or how we handle your personal data, please contact our Privacy team:
If you are not satisfied with our response, you have the right to lodge a complaint with the relevant data protection authority under applicable Indian law.