๐ŸŽ‰ New Flat 20% off on Annual SEO packages โ€” Limited time Claim Now โ†’ New office launched in Mumbai โ€” Walk-in consultations Visit Us โ†’ FREE consultation worth โ‚น5,000 โ€” Book your strategy call Book Free โ†’
Webthropic
Get Free Quote
Call WhatsApp
Privacy & Data Protection

Privacy Policy

This Privacy Policy explains how Webthropic Technologies collects, uses, stores, and protects your personal information in accordance with the Digital Personal Data Protection Act, 2023 (DPDP Act) and the Information Technology Act, 2000.

Last updated: 01 May 2026
Compliant with DPDP Act 2023 & IT Act 2000
India Jurisdiction
On this page
  1. Information We Collect
  2. How We Use Your Data
  3. Cookies & Tracking
  4. Sharing With Third Parties
  5. Your Rights (DPDP Act)
  6. Data Retention
  7. Data Security
  8. Children's Privacy
  9. Cross-Border Transfer
  10. Changes to This Policy

01 Information We Collect

We collect information you provide directly (such as when filling our inquiry forms) and information collected automatically (such as analytics data). Specifically:

Personal Information You Provide

  • Contact Details: Full name, email address, mobile number, company name, designation
  • Project Information: Service requirements, budget range, project descriptions you share
  • Communication Records: Emails, WhatsApp messages, call recordings (with consent), meeting notes
  • Payment Information: Billing address, GSTIN (for businesses), bank/UPI details for invoicing. We do not store credit/debit card numbers โ€” these are processed by our PCI-DSS compliant payment gateway partners (Razorpay, Cashfree).

Information Collected Automatically

  • Device & Browser Data: IP address, browser type, operating system, screen resolution
  • Usage Data: Pages visited, time spent, referring URL, search terms used
  • Cookies & Similar Technologies: See Section 3 below
We do not collect sensitive personal data (caste, religion, political views, biometric data, health records, sexual orientation) unless explicitly required for a specific project and provided with your explicit consent.

02 How We Use Your Data

We use your personal data for the following legitimate purposes (legal basis: consent, contractual necessity, and legitimate interest under DPDP Act 2023):

  • Service Delivery: To respond to inquiries, prepare quotes, execute service agreements, and deliver projects
  • Communication: To send project updates, invoices, support replies, and important notices
  • Marketing (with consent only): Newsletters, promotional offers, and service announcements โ€” you can unsubscribe anytime via the link in every email
  • Analytics & Improvement: To understand how users interact with our website and improve our services
  • Legal Compliance: To comply with tax, accounting, and regulatory obligations under Indian law
  • Fraud Prevention: To detect and prevent abuse, fraud, or unauthorized access

We will never sell your personal data to third parties for advertising purposes.

03 Cookies & Tracking Technologies

We use cookies and similar tracking technologies to improve your experience:

  • Essential Cookies: Required for site functionality (login sessions, security). Cannot be disabled.
  • Analytics Cookies: Google Analytics โ€” helps us understand how visitors use our site. Anonymized.
  • Marketing Cookies: Meta Pixel, Google Ads conversion tracking โ€” only set if you consent.
  • Functionality Cookies: Remember your preferences (language, dark mode if applicable).

You can control cookies via your browser settings or through our cookie banner. Read our full Cookie Policy for details.

04 Sharing With Third Parties

We share your data only with trusted service providers necessary for service delivery, under strict confidentiality agreements:

  • Cloud Infrastructure: AWS Mumbai, Google Cloud India (data hosted in India)
  • Email Service: Google Workspace, SendGrid
  • Payment Processors: Razorpay, Cashfree (RBI-compliant)
  • Analytics: Google Analytics 4 (anonymized)
  • CRM & Project Management: Internal tools and HubSpot
  • Legal/Statutory: When required by Indian law, court order, or government authority

We require all third-party processors to comply with the DPDP Act 2023 and implement adequate technical and organizational safeguards.

05 Your Rights Under DPDP Act 2023

As a Data Principal under Indian law, you have the following rights, which you can exercise by emailing us at info@webthropic.com:

  • Right to Information: Know what personal data we hold about you and how it is processed
  • Right to Correction: Request correction of inaccurate or incomplete data
  • Right to Erasure: Request deletion of your data when no longer needed (subject to legal retention requirements)
  • Right to Withdraw Consent: Withdraw consent previously given for processing
  • Right to Grievance Redressal: File a complaint with our Grievance Officer (details at the bottom of this page)
  • Right to Nominate: Nominate another individual to exercise rights in case of your death or incapacity
Response Time: We will respond to all rights requests within 15 working days as required under IT Rules 2021. If unsatisfied with our response, you may appeal to the Data Protection Board of India.

06 Data Retention

We retain personal data only as long as necessary:

  • Inquiry submissions: 2 years from last contact
  • Active client data: Duration of engagement + 3 years post-completion
  • Financial records: 8 years (as required under Income Tax Act & GST Act)
  • Marketing data: Until you unsubscribe + 30 days
  • Analytics data: 26 months (Google Analytics default)

After retention periods expire, data is securely deleted or anonymized.

07 Data Security

We implement industry-standard security measures to protect your data:

  • Encryption: TLS 1.3 for data in transit, AES-256 for sensitive data at rest
  • Access Controls: Role-based access, multi-factor authentication for all internal systems
  • Regular Audits: Quarterly security reviews and annual penetration testing
  • Incident Response: 72-hour breach notification policy (to you and Indian CERT-In)
  • Employee Training: Annual data protection and security awareness training

However, no system is 100% secure. While we take reasonable steps, we cannot guarantee absolute security. If you suspect a security incident, please notify us immediately at info@webthropic.com.

08 Children's Privacy

Our services are intended for businesses and individuals 18 years and older. We do not knowingly collect personal data from children under 18 without verifiable parental consent, as required under the DPDP Act 2023.

If you believe we have collected information from a minor without proper consent, please contact us immediately and we will promptly delete it.

09 Cross-Border Data Transfer

Primary data storage is in India (AWS Mumbai, Google Cloud Mumbai). Some processing may involve transfer to countries notified by the Indian Central Government as approved jurisdictions under Section 16 of the DPDP Act 2023.

For international clients (US, UK, Singapore, etc.), data may be processed in the client's jurisdiction with appropriate safeguards in place, including Standard Contractual Clauses where applicable.

10 Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or for other operational reasons.

  • Minor updates: We will update the "Last updated" date at the top of this page
  • Material changes: We will notify you via email (if you are a registered user) and display a banner on our homepage for at least 14 days before changes take effect

Your continued use of our services after such updates constitutes acceptance of the revised policy.

๐Ÿ“ฉ Have Questions? Contact Our Grievance Officer

As required under IT Rules 2021, we provide a dedicated grievance redressal mechanism. We respond to all queries within 15 working days.

info@webthropic.com +91 70119 06792 Contact Form

Ready to grow your business online?

Get a free consultation with our experts. No strings attached.

Get Free Quote +91 70119 06792