Privacy Policy
Effective Date: June 12, 2026 | Last Updated: June 12, 2026
| Legal Name | Viprush Technologies (OPC) Pvt Ltd |
| Registered Office | 191, Gandhinagar, Nagpur – 440010, Maharashtra, India |
| Operational Office | 16, “Vinayak”, Mauli Nagar-6, Beltarodi, Nagpur – 440037 |
| Website | https://viprushtech.in |
| [email protected] | |
| Phone | +91 8275744483 |
| Data Fiduciary | Angad Kulkarni, Director |
1. Introduction & Scope
This Privacy Policy describes how Viprush Technologies (OPC) Pvt Ltd (“Viprush”, “we”, “us”, or “our”) collects, uses, stores, discloses, and protects personal data. It applies to:
- All visitors and users of https://viprushtech.in (the “Website”);
- Individuals and organisations who interact with us through the Contact Form, WED Audit application, Career/job applications, or any other form on the Website;
- Clients and prospective clients who use or enquire about any Viprush product or service, including — but not limited to — Viprush Private Cloud, CAILA, LegalFin Data Management, and Viprush Techlabs programmes.
This Policy is published in compliance with the Digital Personal Data Protection Act, 2023 (DPDP Act) and the rules framed thereunder, and the Information Technology Act, 2000 and its associated rules, as applicable. By using our Website or engaging with us, you acknowledge that you have read and understood this Policy.
2. Definitions
The following terms are used in accordance with the DPDP Act, 2023:
- Data Principal — the natural person whose personal data is being processed (that is, you).
- Data Fiduciary — Viprush Technologies (OPC) Pvt Ltd, which determines the purpose and means of processing personal data.
- Personal Data — any data about an individual who is identifiable, directly or indirectly, by or in relation to such data.
- Processing — any operation or set of operations performed on personal data, including collection, storage, use, retrieval, disclosure, sharing, or deletion.
- Consent — a free, specific, informed, unconditional, and unambiguous indication of the Data Principal’s agreement to the processing of their personal data for a specified purpose.
- Grievance Officer — the designated person responsible for addressing complaints and concerns related to this Policy.
3. What Personal Data We Collect
We collect personal data only to the extent necessary to fulfil the purpose for which it is collected.
3.1 Website Contact Form
- Full name
- Email address
- Subject of enquiry
- Message content
3.2 WED Audit Application Form
- Name of contact person
- Designation / role
- Company name and industry
- Email address and phone number
- Brief description of business workflows and operational context
3.3 Career / Job Applications
- Full name, email address, and phone number
- Resume / CV and educational or professional background
- Any additional information voluntarily provided
3.4 Website Technical Data (Automatically Collected)
- IP address (anonymised where technically possible)
- Browser type, operating system, and device type
- Pages visited, time and duration of visit
This data is collected via server logs. We do not use Google Analytics, Facebook Pixel, or any third-party behavioural tracking tool on this website.
3.5 Client Engagement Data
When you engage us as a client, we may additionally collect business contact details, project requirements, business process documentation, and communication records — solely for the purpose of delivering agreed services.
4. Purpose of Processing & Legal Basis
We process personal data only for specific, clear, and lawful purposes. The table below sets out each type of data, its purpose, and the legal basis under the DPDP Act, 2023:
| Data Type | Purpose | Legal Basis (DPDP Act) |
|---|---|---|
| Contact form data | Responding to enquiries and business communications | Consent (Sec. 6) |
| WED Audit application | Evaluating eligibility, conducting audit, delivering report | Consent (Sec. 6) |
| Career application data | Evaluating candidates for employment | Consent (Sec. 6) |
| Technical / server logs | Security, uptime monitoring, spam prevention | Legitimate use (Sec. 7) |
| Client engagement data | Delivering contracted services and support | Contract performance (Sec. 7) |
We will not use your personal data for any purpose other than the purpose for which it was collected without obtaining fresh consent from you.
5. How We Obtain Your Consent
Before collecting your personal data, we provide a clear notice stating the purpose for which the data will be used. Consent is obtained through:
- An explicit checkbox or consent declaration on data collection forms;
- A clear statement of purpose displayed adjacent to each form on the Website;
- Continued use of the Website for passive technical data collection, where prior notice is displayed.
You have the right to withdraw your consent at any time by contacting our Grievance Officer (see Section 12). Withdrawal of consent does not affect the lawfulness of any processing carried out prior to withdrawal.
6. Data Retention
We retain personal data only for as long as is necessary to fulfil the stated purpose:
| Data Type | Retention Period |
|---|---|
| Contact form submissions | 6 months from date of submission, unless converted to an active client engagement |
| WED Audit applications | 12 months from submission, or duration of active client relationship |
| Career applications (unsuccessful) | 6 months from the date of rejection or closure of the position |
| Career applications (hired) | Duration of employment + 7 years as required by applicable labour law |
| Client engagement data | Duration of contract + 7 years (as required for statutory compliance) |
| Server / technical logs | 90 days on a rolling basis |
At the end of the applicable retention period, personal data will be securely erased or anonymised, unless retention is required by applicable law or a court order.
7. Sharing & Disclosure of Personal Data
We do not sell, rent, or trade your personal data to any third party. We do not share personal data with any advertising network, data broker, or marketing platform.
We may disclose your personal data only in the following limited circumstances:
7.1 Legal Obligation
Where disclosure is required by law, court order, or a directive from a government authority or law enforcement agency under applicable Indian law, we will comply after making reasonable attempts to notify you, unless we are legally prohibited from doing so.
7.2 Service Delivery
We may engage trusted technical contractors or service partners who work on our behalf to deliver agreed services to you. These parties are contractually bound to process your data only as instructed by us and in compliance with applicable data protection requirements.
7.3 Business Transfer
In the event of a merger, acquisition, restructuring, or sale of assets involving Viprush Technologies, personal data may be transferred to the acquiring entity, subject to equivalent data protection commitments. We will notify you before such a transfer occurs.
8. Cross-Border Data Transfers
Our website is currently hosted on a server located in the United States (New York). This means that certain technical data — such as server logs and web traffic information — is processed on infrastructure located outside India.
We are actively working to migrate our website infrastructure to a data centre located in Bengaluru, India. Once this migration is complete, all personal data collected through the Website will be stored and processed exclusively within India. We will update this Policy when that migration is finalised.
Personal data submitted through our forms (Contact, WED Audit, Career) is stored in our own managed database systems. We do not use third-party cloud platforms (such as AWS, Google Cloud, or Azure) to store or process personal data.
Where data is processed on overseas infrastructure, we take reasonable technical and contractual steps to ensure it is handled with a standard of protection consistent with the DPDP Act, 2023 and applicable Indian law.
9. Cookies & Technical Data
Our Website may use session cookies — small data files placed on your browser — to ensure correct page functioning and navigation. We do not use persistent tracking cookies, advertising cookies, or third-party analytics cookies.
Our web server automatically logs technical information such as your IP address, browser type, pages visited, and visit timestamps. This information is used solely for server security, performance monitoring, and spam prevention, and is not linked to your personal identity.
You may configure your browser to reject cookies; doing so will not materially affect your ability to use this Website.
10. Data Security
We take the security of your personal data seriously. The following measures are in place:
- Server-side firewall protection and access controls on our managed hosting environment;
- Password-protected database access with role-based permissions;
- HTTPS encryption (TLS) for all data in transit on the Website;
- Restricted access to personal data on a need-to-know basis;
- Periodic internal review of data handling practices.
While we take all reasonable precautions, no system connected to the internet can be guaranteed to be completely secure. In the event of a data breach that is likely to affect you, we will notify you and the Data Protection Board of India as required under the DPDP Act, 2023.
11. Your Rights as a Data Principal
Under the Digital Personal Data Protection Act, 2023, you have the following rights in relation to your personal data held by us:
11.1 Right to Information
You have the right to obtain a summary of the personal data held by us and to know the identity of all third parties with whom such data has been shared.
11.2 Right to Correction and Erasure
You have the right to correct inaccurate or misleading personal data held by us, and to request erasure of personal data that is no longer required for the purpose for which it was collected. We will fulfil such requests within a reasonable timeframe, subject to legal obligations requiring retention.
11.3 Right to Withdraw Consent
You have the right to withdraw your consent for processing at any time. We will cease further processing upon receipt of your withdrawal request. Withdrawal does not affect the lawfulness of processing carried out prior to withdrawal.
11.4 Right to Grievance Redressal
You have the right to have your grievances addressed in a timely and effective manner. You may contact our Grievance Officer at any time (see Section 12).
11.5 Right to Nominate
In the event of your death or incapacity, you may nominate another individual who may exercise your rights under this Policy on your behalf.
11.6 Right to Complain to the Data Protection Board
If you are dissatisfied with our response to a grievance, you have the right to lodge a complaint with the Data Protection Board of India, once constituted and operational under the DPDP Act, 2023.
To exercise any of the above rights, please contact our Grievance Officer using the details in Section 12. We will respond within 30 days of receiving your request.
12. Grievance Officer & Contact
In accordance with Section 13 of the DPDP Act, 2023, the following person has been designated as the Grievance Officer for all privacy-related concerns:
| Name | Mr. Angad Kulkarni |
| Designation | Director, Viprush Technologies (OPC) Pvt Ltd |
| Address | 191, Gandhinagar, Nagpur – 440010, Maharashtra, India |
| [email protected] | |
| Phone | +91 8275744483 |
| Response Time | Within 30 days of receiving the complaint |
| Hours | Monday – Saturday, 10:00 AM – 6:00 PM IST |
Complaints must be submitted in writing (including by email). We will acknowledge receipt within 3 working days and aim to resolve the matter within 30 days. Complex matters may take longer, in which case we will keep you informed of the progress.
13. Children’s Data
Our Website and services are not directed at children under the age of 18. We do not knowingly collect personal data from minors. If you believe that a child’s data has been submitted to us without appropriate guardian consent, please contact our Grievance Officer immediately and we will promptly delete such data.
14. Links to Third-Party Websites
Our Website may contain links to external websites including social media platforms (LinkedIn, Facebook, Instagram, YouTube, Twitter/X) and mapping services (Google Maps). These third-party websites have their own privacy policies, which we encourage you to review. We are not responsible for the privacy practices of any external website.
Clicking on a WhatsApp contact link on our Website will open a conversation in WhatsApp, which is governed by Meta Platforms’ own privacy policy. Data shared in that conversation is outside our direct control.
15. Updates to This Policy
We may update this Privacy Policy from time to time to reflect changes in law, our operations, or data handling practices. When we make material changes, we will:
- Update the “Last Updated” date at the top of this Policy;
- Display a notice on our Website for a reasonable period following the update;
- Seek fresh consent from you where the changes materially affect how we process your data.
We encourage you to review this Policy periodically. Continued use of the Website after any changes take effect constitutes your acceptance of the revised Policy, to the extent permitted by applicable law.
16. Governing Law
This Privacy Policy is governed by and construed in accordance with the laws of India, including the Digital Personal Data Protection Act, 2023, the Information Technology Act, 2000, and all applicable rules and regulations thereunder. Any dispute arising from this Policy shall be subject to the exclusive jurisdiction of the courts in Nagpur, Maharashtra, India.
Viprush Technologies (OPC) Pvt Ltd | viprushtech.in | [email protected] | +91 8275744483
This document was prepared in compliance with the Digital Personal Data Protection Act, 2023 (India).