Privacy Policy

Infoneeti Technologies Private Limited ("Infoneeti", "we", "our", "us") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you: • Visit our website at www.infoneeti.com and its subdomains • Use any of our technology services, software products, or platforms • Communicate with us via phone, email, contact forms, or social media • Engage us as a client for IT services or consulting This Privacy Policy is in compliance with India's Digital Personal Data Protection Act, 2023 (DPDPA), applicable provisions of the Information Technology Act, 2000, and internationally recognized privacy standards including GDPR principles. By using our Services, you consent to the collection and use of your personal data as described in this Privacy Policy. If you do not agree with this policy, please discontinue use of our Services. Data Controller: Infoneeti Technologies Private Limited Address: Office No B12, Ground Floor, Bhumi Allium Society, Prassana Colony, Pimple Saudagar, Pimpri-Chinchwad, Pune 411017, Maharashtra, India Contact: privacy@infoneeti.com | +91 9171772727

We collect several types of information to provide and improve our Services: 2.1 Information You Provide Directly • Identity Information: Full name, designation, company name • Contact Information: Email address, phone number, mailing address • Account Information: Username, password (encrypted), profile preferences • Project Information: Project requirements, specifications, and related business data • Financial Information: Payment details (processed securely via PCI-DSS compliant payment gateways — we do not store full card numbers) • Communications: Messages, emails, feedback, and support requests 2.2 Information Collected Automatically When you visit our website, we automatically collect: • Device Information: Browser type, operating system, device type • Usage Data: Pages visited, time spent, click patterns, referral URLs • Technical Data: IP address, cookies, session identifiers • Analytics: Aggregated website performance metrics 2.3 Information from Third Parties • LinkedIn and other professional networks (when you connect via OAuth) • Business data platforms and publicly available business directories • Partner referrals and lead generation platforms 2.4 Special Categories We do not intentionally collect sensitive personal data such as biometric data, health information, or financial account credentials.

We use collected information for the following purposes, each grounded in a lawful basis: 3.1 Service Delivery (Contractual Necessity) • Providing and fulfilling contracted IT services • Project management, communication, and collaboration • Technical support and customer assistance • Sending project-related updates and notifications 3.2 Business Operations (Legitimate Interest) • Billing, invoicing, and financial record-keeping • Internal analytics and service improvement • Research and development of new services • Security incident investigation and fraud prevention 3.3 Marketing Communications (Consent) • Sending newsletters, product updates, and promotional content • Conducting surveys and market research • Personalized recommendations based on service history You may withdraw marketing consent at any time. 3.4 Legal Compliance • Complying with applicable laws and regulatory requirements • Responding to legal requests from government authorities • Resolving disputes and enforcing our agreements 3.5 What We Don't Do • We do not sell your personal data to third parties • We do not use your data for automated decision-making that significantly affects you without transparency • We do not share your data with advertisers for targeted advertising

We share your information only in the following circumstances: 4.1 Service Providers and Sub-processors We work with trusted third-party vendors who process data on our behalf, bound by data processing agreements: • Cloud Infrastructure: Amazon Web Services (AWS), Google Cloud Platform • Communication: SendGrid (transactional email), Twilio (SMS) • Analytics: Google Analytics (with IP anonymization enabled) • CRM: HubSpot (customer relationship management) • Payment Processing: Razorpay, Stripe (PCI-DSS compliant) 4.2 Professional Advisors We may share data with lawyers, accountants, auditors, and insurers under confidentiality obligations. 4.3 Business Transfers If Infoneeti is involved in a merger, acquisition, or asset sale, your data may be transferred as part of that transaction. We will notify you via email or website notice. 4.4 Legal Requirements We may disclose your information if required by law, court order, regulatory authority, or to protect the rights, property, or safety of Infoneeti, our clients, or others. 4.5 Aggregated/Anonymized Data We may share aggregated, non-personally identifiable data for industry research, benchmarking, and marketing purposes.

Our website uses cookies and similar tracking technologies to enhance your experience and gather usage analytics. 5.1 Types of Cookies We Use: • Strictly Necessary Cookies: Required for basic website functionality and security. Cannot be disabled. • Performance Cookies: Collect anonymized data on how visitors use our site (Google Analytics). • Functional Cookies: Remember your preferences and settings for a better experience. • Marketing Cookies: Track visits across websites to display relevant content. Used only with your consent. 5.2 Cookie Consent: On your first visit, you will be presented with a cookie consent banner. You may accept all cookies or customize your preferences. You can change your cookie preferences at any time via the Cookie Settings link in our footer. 5.3 Browser Controls: Most browsers allow you to block or delete cookies through your settings. Note that blocking essential cookies may impact website functionality. 5.4 Third-Party Tracking: We use Google Analytics with IP anonymization. Google's use of data collected by our website is governed by Google's privacy policy.

We implement industry-standard technical, administrative, and physical safeguards to protect your personal information: 6.1 Technical Measures: • Encryption in transit: All data transmitted via HTTPS/TLS 1.3 • Encryption at rest: AES-256 encryption for sensitive stored data • Access controls: Role-based access with multi-factor authentication • Regular penetration testing and security audits • Web Application Firewall (WAF) and DDoS protection • Automated vulnerability scanning 6.2 Organizational Measures: • Employee privacy and security training programs • Strict need-to-know access policies for personal data • Non-disclosure agreements for all staff and contractors • ISO 27001-compliant information security management 6.3 Incident Response: In the event of a data breach that poses significant risk to your rights and freedoms, we will notify affected individuals and relevant authorities within 72 hours of discovery, in accordance with applicable law. Despite these measures, no internet transmission is 100% secure. We encourage you to use strong passwords and protect your account credentials.

Under India's DPDPA and applicable privacy laws, you have the following rights: 7.1 Right to Access: Request a copy of personal data we hold about you. 7.2 Right to Correction: Request correction of inaccurate or incomplete personal data. 7.3 Right to Erasure: Request deletion of your personal data, subject to certain legal limitations (e.g., data we must retain for accounting or legal compliance purposes). 7.4 Right to Grievance Redressal: Lodge a complaint with our Data Protection Officer if you believe your rights have been violated. 7.5 Right to Withdrawal of Consent: Withdraw consent for data processing activities based on consent (such as marketing emails) at any time without affecting processing carried out prior to withdrawal. 7.6 Right to Data Portability: Receive your data in a structured, machine-readable format. 7.7 Nominee: Under the DPDPA, you may designate a nominee to exercise your rights on your behalf in the event of your death or incapacity. To exercise any of these rights, please contact our Data Protection Officer at privacy@infoneeti.com or call +91 9171772727. We will respond within 30 days. We may need to verify your identity before processing requests.

We retain personal data for as long as necessary to fulfill the purposes described in this Policy, or as required by law: • Client/Project Data: Retained for 7 years after project completion (for accounting and legal compliance under Companies Act, 2013) • Website Analytics: Aggregated data retained for 26 months; raw data deleted after 14 months • Marketing Communications: Retained until you unsubscribe or request deletion • Legal Records: As required by applicable law (up to 10 years for certain financial records) • Job Applications: 6 months if unsuccessful; duration of employment if hired When your data is no longer needed, we securely delete or anonymize it using industry-standard procedures. Backup copies are purged within 90 days of routine deletion.

Our Services are intended for adults (18 years and older). We do not knowingly collect personal information from children under 18 years of age. If you are a parent or guardian and believe your child has provided us with personal information without your consent, please contact us immediately at privacy@infoneeti.com. We will take prompt steps to delete such information from our systems. Our website may contain links to third-party websites. We are not responsible for the privacy practices of those sites and encourage you to review their privacy policies.

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes: • We will update the "Last Updated" date at the top of this page • For significant changes, we will notify registered users via email • Where required by law, we will seek your fresh consent We encourage you to review this Privacy Policy regularly. Your continued use of our Services after the effective date of any changes constitutes acceptance of the updated Policy. If you have questions, concerns, or complaints about this Privacy Policy or our data practices, please contact: Data Protection Officer Infoneeti Technologies Private Limited Office No B12, Ground Floor, Bhumi Allium Society Prassana Colony, Pimple Saudagar, Pimpri-Chinchwad Pune, Maharashtra 411017, India Email: privacy@infoneeti.com Phone: +91 9171772727