Privacy Policy

Effective Date: 1ist August, 2025

Last Updated: 17th November, 2025

1. Overview & Scope
AIEGS India Private Limited (“AIEGS”, “we”, “us”) delivers IT solutions through AI-integrated applications. This policy details how we collect, use, share, and protect personal data under Indian laws.

2. Definitions

• Personal Data: Identifiable data such as name, email, phone, IP, etc.
  
• Sensitive Personal Data (SPD): Includes passwords, financial information, health, biometrics, etc.
  
• Data Principal: The individual whose personal data is processed.
  
• Data Fiduciary: AIEGS; defines purpose and means of data processing.
  
• Data Processor: Third-party service providers who process data on our behalf.
  

3. Notice & Consent
Prior to collecting data, we provide clear notice of: the type of data collected, purposes, retention periods, recipients, and rights (zscaler.com, scrut.io).
We secure free, specific, informed, unambiguous consent via active opt-in (e.g., checkbox) (legalserviceindia.com).
Consent is revocable at any time via links or by contacting us. Records are maintained with timestamps and methods.

4. What Data We Collect

• Identity Data: Name, email, phone, job title
  
• Professional Data: Company, designation
  
• Technical & Usage Data: IP, device, browser, pages, analytics
  
• Sensitive Data (only with explicit consent): Passwords, payment info, health/biometric data (michalsons.com, en.wikipedia.org, indiafilings.com)
  

5. Purpose & Legal Basis
Processing is limited to necessary purposes:

• Service delivery & support (contractual necessity)
  
• Personalization & improvement (legitimate interest with balancing test)
  
• Legal compliance or public necessity (legal obligation/public interest)
  
• With explicit consent for marketing, feedback, etc. (zscaler.com, infotrust.com)
  

6. Data Minimization & Retention
Only necessary data is collected, and retained for the minimum period needed unless longer storage is required by law. After retention ends, data is securely deleted or anonymized (gotrust.tech).

7. Sharing and Cross‑Border Transfers
We do not sell personal data. We share data:

• With our processors (under contract and same security standards)
  
• With legal authorities when required by law (CrPC, IT Act, etc.) (michalsons.com)
  Cross-border transfers follow DPDPA: only to whitelisted countries or with explicit consent/legal exception (infotrust.com).
  

8. Data Security & Organizational Practices
We implement safeguards aligned with IS/ISO/IEC 27001 standards (mondaq.com), include:

• Encryption (at rest and in transit)
  
• Access controls & least privilege
  
• Regular vulnerability assessments and audits
  
• Employee training and breach awareness sessions
  

9. Breach Notification
In case of a data breach likely to cause harm, we will notify:

• Data Protection Board of India within 72 hours (zscaler.com, agrudpartners.com)
  
• Affected individuals promptly
  
• Remedial measures taken and documented.
  

10. Data Principal Rights & Procedures
You can exercise the following rights:

1. Access – obtain a copy of your data
   
2. Correction – update inaccurate or incomplete personal data
   
3. Erasure – delete data when no longer needed or if processed unlawfully
   
4. Restrict Processing – in particular cases
   
5. Portability – receive data in a machine-readable format
   
6. Object – to processing like direct marketing or profiling
   
7. Withdraw Consent – withdraw at any time for processing based on consent
   
8. Nominate Representative – if incapacitated or deceased (infotrust.com, reddit.com, legalserviceindia.com, gotrust.tech)
   Requests can be made via email or portal. We respond within 30 days of receipt. If unresolved, escalate to Data Board.
   

11. Grievance Department
In compliance with IT Rules & DPDPA (wired.com, indiafilings.com):
Grievance Department Contact Email:
📧 info@aiegsindia.com

• Acknowledgement within 72 hours, resolution within 15 days (reddit.com)
  

12. Intermediary Compliance
If acting as an intermediary:

• We’ll respond to lawful takedown requests within 36 hours (reddit.com)
  
• Preserve required logs/data for up to 180 days for investigative purposes (reddit.com)
  

13. Data Protection Officer (DPO)
If designated as a Significant Data Fiduciary, a DPO is appointed:

 Email: info@aiegsindia.com

The DPO oversees compliance, serves as point of contact with Data Board.

14. Internal Audits & DPIA
For large-scale or sensitive processing, we conduct Data Protection Impact Assessments (DPIAs) and independent audits at least annually (gotrust.tech)

15. Changes to Policy
We may update this policy as needed. Significant changes will be notified via email or website updates.

16. Contact Us
For questions or concerns, contact:

 Email: info@aiegsindia.com

Address: WeWork 247 Park, 13th Floor
Vikhroli Corporate Park
Hindustan C. Bus Stop, Lal Bahadur Shastri Rd
Gandhi Nagar, Vikhroli West
Mumbai, Maharashtra – 400079/83, India