Privacy Policy for Bytecompass

Effective Date: 23rd September 2024

Bytecompass ("Company," "we," "us," or "our") is committed to protecting the privacy and security of our clients' data and ensuring compliance with international data protection laws. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you engage our international software development services. This policy applies to all users interacting with our services globally, including data transfers to and from India.

1. Scope of this Privacy Policy

This Privacy Policy covers all aspects of data collection, usage, storage, and sharing in the context of our software development services, including:

  • Personal and professional data collected from clients, partners, and visitors.
  • Project-specific data shared during the software development lifecycle.
  • Compliance with international data protection laws such as GDPR, CCPA, and the Indian Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011.

2. Information We Collect

2.1. Personal Information

We may collect the following personal information directly from you:

  • Contact Information: Name, email address, phone number, job title, and company name.
  • Account Information: Username, password, and any other information necessary for account creation.
  • Payment Information: Billing address, credit card details, and bank information for processing payments.
  • Professional Information: Project specifications, employment details, and business requirements.

2.2. Technical Information

We collect technical information when you interact with our website or services:

  • Log Data: IP address, browser type, operating system, device information, and timestamps.
  • Usage Data: Information on how you use our services, such as pages visited, features accessed, and actions taken.

2.3. Sensitive Personal Data or Information (SPDI)

We may collect and handle SPDI, as defined under Indian law, such as:

  • Passwords and authentication credentials.
  • Financial information, such as bank account or payment card details.
  • Physical, physiological, and mental health conditions (if relevant to the project).
  • Any other information categorized as SPDI under applicable laws.

3. How We Use the Information

We use the information collected for the following purposes:

  • Service Delivery: To provide, operate, and maintain our software development services.
  • Client Communication: To communicate with you regarding project updates, service-related notices, and support requests.
  • Compliance and Security: To comply with legal obligations, enforce our agreements, and protect the rights, safety, and property of our company, clients, and third parties.
  • Data Transfer Facilitation: To facilitate the secure transfer of data to and from India for project execution, testing, and client communication.

4. Legal Basis for Processing (GDPR Compliance)

For individuals in the European Economic Area (EEA), we process your personal data based on the following legal grounds:

  • Contractual Necessity: Processing is necessary to perform the contract with you.
  • Legitimate Interests: Processing is necessary for our legitimate business interests, such as improving our services and managing client relationships.
  • Consent: Where applicable, we will obtain your consent to process your data for specific purposes.

5. Data Security Measures

We are committed to ensuring the security of your information. We have implemented the following measures:

  • Encryption: All sensitive information is encrypted during storage and transmission.
  • Access Controls: Access to personal data is restricted to authorized personnel who require it for their job functions.
  • Multi-Factor Authentication (MFA): MFA is used to secure access to systems and applications.
  • Regular Audits: We conduct regular security audits and assessments to identify and mitigate potential vulnerabilities.
  • Data Localization and Segregation: We ensure compliance with data localization requirements and segregation of data to safeguard personal and sensitive information.

6. Compliance with NDAs and Confidentiality

We strictly adhere to Non-Disclosure Agreements (NDAs) and confidentiality clauses to protect our clients' proprietary and sensitive information. This includes:

  • Restricted Access: Only team members directly involved in your project have access to your data.
  • Data Handling: All project-related data is handled in compliance with the terms of the NDA.
  • Data Deletion: Upon project completion or termination of the contract, all client data is securely deleted or returned, as stipulated in the NDA.

7. International Data Transfers

Given our global client base, data may be transferred across borders, including to and from India. We ensure that such transfers comply with applicable data protection laws, including:

  • Standard Contractual Clauses (SCCs): For data transfers from the EEA to third countries.
  • Binding Corporate Rules (BCRs): For intra-company data transfers across multiple jurisdictions.
  • Compliance with Indian Data Protection Laws: We comply with the Indian IT Rules, 2011, and any other relevant Indian data protection regulations for data collected and processed in India.

8. Data Sharing and Disclosure

We do not sell or rent your personal information. We may share your information with:

  • Service Providers: Third-party vendors who assist in delivering our services (e.g., cloud hosting, payment processing) under strict data protection and confidentiality agreements.
  • Legal Authorities: If required by law, regulation, or legal process, we may disclose your information to regulatory authorities or other entities.
  • Affiliated Companies: We may share your information with our affiliated companies for business and operational purposes, ensuring compliance with applicable data protection laws.

9. Your Rights and Choices

9.1. For EU Residents (GDPR)

You have the following rights regarding your personal data:

  • Access: Request access to your personal data held by us.
  • Rectification: Request correction of inaccurate or incomplete data.
  • Erasure: Request deletion of your personal data.
  • Restriction: Request restriction of data processing under certain conditions.
  • Data Portability: Request transfer of your data to another entity in a structured, commonly used format.
  • Objection: Object to processing based on legitimate interests.

9.2. For California Residents (CCPA)

California residents have the following rights under the CCPA:

  • Right to Know: Request information about the categories and specific pieces of personal data we have collected about you.
  • Right to Delete: Request deletion of personal data we have collected, subject to certain exceptions.
  • Right to Opt-Out: Opt-out of the sale of your personal information.
  • Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.

9.3. For Indian Residents (IT Rules, 2011)

Indian residents have the following rights under the Indian IT Rules, 2011:

  • Right to Access and Correction: Request access and correction of any SPDI held by us.
  • Right to Withdraw Consent: Withdraw consent for data processing at any time, subject to legal and contractual restrictions.
  • Right to Complain: Lodge a complaint with the relevant data protection authority if you believe your rights have been violated.

10. Data Retention

We retain personal data for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Upon expiration of the retention period, data is securely deleted or anonymized.

We use cookies on our website to optimize your experience and provide personalized content. Specifically, we utilize cookies from Google Analytics to track website traffic, understand user interactions, and improve site performance. Additionally, we employ cookies from Google Ads to serve targeted advertisements based on your browsing history and preferences. These cookies help us refine our marketing efforts and ensure relevant ads are delivered to you. By continuing to use our site, you consent to the use of these cookies in accordance with our privacy policy.

12. Children's Privacy

Our services are not intended for individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have inadvertently collected personal data from a child, we will delete such information immediately.

13. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or for other operational, legal, or regulatory reasons. We will notify you of any significant changes by posting the new policy on our website with the updated effective date.

14. Contact Information

If you have any questions, concerns, or wish to exercise your rights, please contact us at:

Email: george.mellow@bytecompass.tech
Phone: +91-9952825293
Address: Madurai, Tamil Nadu, India.