Privacy Notice

SaralPrivacy (saralprivacy.com) is a compliance education and advisory platform focused on the Digital Personal Data Protection Act, 2023. We help Indian businesses understand and prepare for DPDPA compliance.

For the purposes of this Privacy Notice, SaralPrivacy is the Data Fiduciary — we determine the purpose and means of processing your personal data.

Contact for privacy matters: privacy@saralprivacy.com

We collect the following categories of personal data:

From White Paper Downloads:
- Full name
- Work email address
- Mobile number (optional)
- Company name
- Industry
- Company size

From Newsletter Subscriptions:
- Name
- Email address
- Industry (optional)
- Frequency preference

From Consultation Requests:
- Full name
- Work email
- Mobile number
- Company name
- Industry
- Issue description
- Preferred contact method and time

From Website Usage:
- IP address (anonymised for analytics)
- Device type and browser (aggregated)
- Pages visited and time on page (aggregated)

We do not collect sensitive personal data (Aadhaar, PAN, financial data, health data, or biometric data) through this platform.

White paper download:
We collect your information to deliver the white paper and, where you have separately consented, to send relevant follow-up content.

Newsletter subscription:
We collect your details to send the briefings or digest you subscribed to. We use your industry preference to personalise content where possible.

Consultation requests:
We collect your contact details to schedule and conduct the requested consultation and send a follow-up summary.

Analytics:
We collect aggregated, anonymised usage data to understand how our platform is used and to improve it. We do not track individual users across sessions.

We do not:
- Sell your personal data to third parties
- Use your data for purposes other than those stated in this notice and any specific consent you have given
- Send marketing communications without your specific consent

We process your personal data on the basis of:
- Your consent — for newsletter subscriptions, marketing communications, and optional contact permissions (where you have actively opted in)
- Contractual necessity — to deliver the white paper or conduct a consultation you requested
- Legitimate interest — for aggregated, anonymised analytics that help us improve the platform

We do not rely on "legitimate interest" as a basis for marketing communications.

- Newsletter subscribers: For as long as you remain subscribed. We delete your record within 30 days of unsubscription.
- White paper download records: 24 months from download, unless you have requested earlier deletion.
- Consultation records: 12 months from the consultation date.
- Anonymised analytics: Retained indefinitely (no personal data involved).

We review our retention policies annually.

We use the following categories of service providers:
- Email service provider — to deliver newsletters and transactional emails (Data Processor)
- CRM platform — to manage consultation and download records (Data Processor)
- Analytics provider — aggregated, anonymised data only

All service providers are bound by Data Processing Agreements. We do not share your personal data with third parties for their marketing purposes.

You have the following rights over your personal data:

Right to access: Ask us what personal data we hold about you.
Right to correction: Request correction of inaccurate data.
Right to erasure: Ask us to delete your data where it is no longer needed.
Right to withdraw consent: Withdraw any consent you have given, at any time.
Right to grievance redressal: Raise a complaint with us if you believe your rights have been violated.

To exercise any of these rights, email us at privacy@saralprivacy.com. We will respond within 30 days.

If you are not satisfied with our response, you will have the right to escalate to the Data Protection Board of India once it is constituted.

You can withdraw consent at any time by:
- Clicking "Unsubscribe" in any email we send you
- Emailing privacy@saralprivacy.com
- Using our Consent Preferences page at saralprivacy.com/consent-preferences

Withdrawal of consent does not affect the lawfulness of processing carried out before withdrawal.

We may update this Privacy Notice. If changes are material, we will notify subscribed users by email. The current version and date are shown at the top of this page.

For any privacy-related queries, requests, or complaints:

Email: privacy@saralprivacy.com
Subject: Data Privacy Request

We are committed to responding within 30 days.