Privacy Policy

1. Introduction

We believe transparency is the foundation of trust, and we want you to feel confident when browsing and interacting with our website. This Website Privacy Notice describes in detail how we collect, use, store, disclose, and protect your information when you visit our site. Our goal is to ensure you understand exactly what data we collect, why we collect it, how long we retain it, and how we safeguard it.

Personal Information / Personal Data

For the purposes of this Privacy Notice, “personal information” or “personal data” refers to any information that identifies, relates to, describes, or can reasonably be linked to an individual. This includes, but is not limited to, your name, email address, phone number, job title, organization, and any other information you provide while interacting with us through the Site, participating in events, campaigns, or using our services.

When you access our website, certain data is generated automatically, and some information may be provided by you directly. We handle all such data responsibly and in accordance with applicable privacy laws including GDPR, CCPA, DPDPA India, and industry best practices such as ISO/IEC 27701 and ISO/IEC 27001. This Notice applies to all visitors, users, and individuals interacting with our website and online services.

2. Information We Collect

We collect information to help us operate our website efficiently, improve user experience, enhance security, and respond to your queries. We are committed to the principle of data minimization; we only collect the minimum information necessary to fulfill your request.

Cookies and Tracking Technologies

We use cookies, pixels, tags, logs, and similar tracking technologies to personalize content, analyze traffic, secure the site.

• Essential: Some cookies are essential for the website to function properly.
• Performance & Personalization: Other cookies help improve performance or personalize your experience.
• User Control: You can manage cookie preferences through your browser settings or our cookie banner where applicable

3. How We Use Your Information

We use the information collected from your interactions with our website to deliver a secure, functional, and optimized browsing experience. More specifically, we use your data to:

• Improve website functionality, layout, and content based on usage trends.
• Understand how visitors navigate through our website so we can enhance usability.
• Respond to your inquiries, support requests, or form submissions.
• Protect the website from cyber threats, suspicious activity, or misuse.
• Maintain logs for security, troubleshooting, and diagnostic purposes.
• Carry out analytics to help us refine our services, content, and communication.
• Ensure compliance with legal, regulatory, and contractual obligations.

We do not use your data for profiling or automated decision-making without your consent.

4. Legal Basis for Processing (Where Applicable)

Depending on the nature of your interaction with our website or services and the applicable jurisdiction, we process personal data on the following legal bases, as permitted under relevant data protection laws.

• Consent – Where you provide consent, such as for non-essential cookies, marketing communications, or submitting forms.
• Legitimate Interests – We process technical data (IP addresses, logs) based on our legitimate interest in maintaining website security, preventing fraud, and analyzing site performance to improve our user experience.
• Performance of a Contract (where applicable) – Where processing is necessary to create and manage user accounts, provide requested services, or fulfil contractual obligations with you.
• Legal Obligations (where applicable) – Where processing is required to comply with applicable laws, regulatory requirements, or lawful requests from authorities.

5. How We Share Your Information

We value your privacy and do not sell your personal information. However, we may share your information with trusted third parties when necessary to operate the website or meet legal obligations. These third parties may include:

• Website hosting providers responsible for secure server operations.
• Analytics partners who help us understand site performance and usage trends.
• Security partners who detect and prevent cyber threats or fraudulent activity.
• Email or communication service providers assisting with inquiry responses.
• Regulatory, law enforcement, or government authorities when legally required.

All third parties handling your information must adhere to strict confidentiality and data protection obligations.

California Privacy Rights (CCPA/CPRA) – Sales and Sharing Disclosure

• No Sale of Information: Privacy Vista does not "sell" your personal information to third parties for monetary or other valuable consideration.
• No Sharing for Behavioural Advertising: We do not "share" your personal information with third parties for cross-contextual behavioural advertising.
• Sensitive Personal Information: We do not collect or process "Sensitive Personal Information" (e.g., social security numbers, precise geolocation) through this website.

6. Third-Party Links

Our website may contain links to third‑party websites, platforms, or services. We do not control these sites and are not responsible for their privacy practices, content, or security. Once you leave our website, we encourage you to review the Privacy Notice of any external site before providing your personal information.

7. Security Measures

We take reasonable and appropriate measures to protect personal data processed through our website. As our website is hosted on a third-party hosting provider and is largely static in nature, the implementation and management of core infrastructure and server-level security controls are primarily handled by the hosting service provider in accordance with their security practices.
Our organization implements appropriate administrative and organizational safeguards for the limited personal data we directly process, which is currently restricted to information submitted through the “Contact Us” form. These measures include:

• Use of a reputable third-party hosting provider responsible for maintaining infrastructure-level security controls, including server, network, and availability protections.
• Secure transmission of data submitted through the website using TLS-encrypted communication channels between the user’s browser and the backend systems or database.
• Restricted access to contact form data on a need-to-know basis through role-based access controls.
• Internal procedures to prevent unauthorized access, disclosure, or misuse of personal data received via the website.
• Periodic review of user access permissions to ensure continued appropriateness.
• Privacy and information security awareness training for personnel who may access personal data.
• Processes to identify, assess, and respond to suspected security incidents in accordance with applicable data protection laws.

Although we strive to use industry‑leading security practices, no system is entirely foolproof. We continuously monitor and enhance our security posture.

8. Data Retention

We retain website-related personal data only for as long as necessary to fulfil the purposes described in this Notice. Retention periods vary depending on the type of data collected:

• Analytics and log data: Retained for short durations, typically 12 months , to support operational and security purposes.
• Cookie data: Retention varies by cookie type and browser/device settings. Please refer to our Cookies Policy for detailed information.
• Form submission data (Contact Us): Retained for up to 12 months or until your inquiry is resolved, to allow us to respond effectively and maintain necessary business records.

We periodically review our retention practices to ensure personal data is not kept longer than necessary and is securely deleted or anonymized in accordance with applicable data protection laws and organizational policies. We may retain data longer if required for legal defense or regulatory compliance, as per our internal Data Retention Schedule.

9. Your Privacy Rights

Depending on applicable data protection laws, such as GDPR (EU), CCPA (California, USA), or DPDPA (India), you may have one or more of the following rights with respect to your personal data:

• Right of Access: Request confirmation of whether we process your personal data and access the information we hold about you.
• Right to Rectification: Request correction of inaccurate or incomplete personal data.
• Right to Erasure / Deletion: Request deletion of your personal information, subject to legal or contractual obligations.
• Right to Restrict or Object to Processing: Object to, or request restriction of, certain types of processing, including processing based on legitimate interests.
• Right to Withdraw Consent: Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
• Right to Opt-Out of Marketing / Analytics: Opt-out of analytics tracking or marketing communications, where applicable.
• Right to Data Portability: Where applicable (GDPR), request your personal data in a structured, commonly used, and machine-readable format.
• Right to Grievance Redressal / Lodge a Complaint: Raise concerns or complaints regarding the processing of your personal data with our organization or with the relevant supervisory or regulatory authority in your jurisdiction.

We will respond to all valid requests promptly, within applicable statutory timelines, and in accordance with the law. Internal procedures are in place to ensure compliance with these rights, including verification of requestor identity and secure handling of requests.

10. International Data Transfers

Our website may be hosted or serviced by third‑party providers located outside your country. Whenever your information is transferred internationally, we ensure appropriate safeguards such as Standard Contractual Clauses (SCCs), encryption, or other legal mechanisms to protect your data.

11. Children’s Privacy

Our website is not intended for use by children under the age of 18. We do not knowingly collect personal information from children. If we learn that a child has provided information, we will take immediate steps to delete it.

12. Changes to This Notice

We may update this Privacy Notice from time to time to reflect changes in our technology, legal requirements, or website operations. Whenever significant updates are made, we will revise the 'Last Updated' date or provide additional notice where required.

13. Contact Us