Privacy Policy

Effective Date: 01-Feb-2026

Last Updated: 31-Jan-2026

1. Introduction & Data Fiduciary Details.

Idyaite Technology Solutions Private Limited, a company incorporated under the Companies Act, 2013, having its registered office at 324, Royal Lakefront Residency, J.P. Nagar, Bangalore South, Karnataka – 560078, India (hereinafter referred to as “Idyaite”, “Company”, “We”, “Us” or “Our”), acts as a Data Fiduciary within the meaning of the Digital Personal Data Protection Act, 2023 (“DPDP Act”).

This Privacy Policy explains how We collect, use, disclose, store, protect, and otherwise process personal data of individuals (“Data Principals”) who access or use Our website www.idyaite.ai and any mobile application(s) made available by Us on the Google Play Store or Apple App Store (collectively, the “Platform”).

This Privacy Policy forms an integral and binding part of the Terms of Use and shall be read together with them.

2. Applicability & Territorial Scope.

This Privacy Policy applies exclusively to the collection, use, processing, storage, disclosure, transfer, and protection of personal data of individuals who are located within the territory of the Republic of India at the time such personal data is collected or otherwise processed by the Company. The Company’s Platform and Services are intended solely for use within India, and all personal data processing activities undertaken in connection with the Platform are governed by and construed in accordance with the laws in force in India.

While the Platform may be technically accessible from locations outside India, such access does not alter or expand the territorial applicability of this Privacy Policy. Any personal data collected or processed in connection with access to the Platform shall, irrespective of the location from which the Platform is accessed, be subject exclusively to Indian law, including without limitation the Digital Personal Data Protection Act, 2023, the Information Technology Act, 2000, and the rules and regulations issued thereunder. The Company makes no representation that the Platform or its data processing practices comply with the data protection or privacy laws of any jurisdiction outside India, and any access from outside India shall be at the user’s sole risk and responsibility.

3. Definitions (DPDP-Aligned).

Unless the context otherwise requires, capitalised terms used but not otherwise defined in this Privacy Policy shall have the meanings assigned to them in the Terms of Use. In addition, for the purposes of this Privacy Policy, the following terms shall have the meanings set forth below:

a. “Personal Data” means any data about an individual who is identifiable by or in relation to such data, whether directly or indirectly, and includes any information that, alone or in combination with other information available with the Company, is capable of identifying such individual, as defined under the Digital Personal Data Protection Act, 2023, and any rules or regulations issued thereunder.

b. “Processing” means any operation or set of operations performed on Personal Data, whether or not by automated means, including without limitation collection, recording, organisation, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure by transmission, dissemination, alignment, combination, restriction, erasure, or destruction of Personal Data, in accordance with the meaning assigned under the Digital Personal Data Protection Act, 2023.

c. “Consent” means the freely given, specific, informed, unconditional, and unambiguous indication of the Data Principal’s agreement to the processing of Personal Data for a specified purpose, expressed through a clear affirmative action or such other mechanism as may be recognised under the Digital Personal Data Protection Act, 2023, and any rules or guidelines issued thereunder.

d. “Data Processor” means any person, entity, or body that processes Personal Data on behalf of the Company as a Data Fiduciary, pursuant to a valid contractual or other lawful arrangement, and does not include any person who processes Personal Data for its own purposes.

4. Categories Of Personal Data Collected.

a. Information You Provide Directly.

In the course of Your access to and use of the Platform, We may collect and process certain categories of Personal Data that You voluntarily and knowingly provide to Us. Such Personal Data may include, without limitation, Your full name, professional designation or title, the name of the company, organisation, or entity with which You are associated, and other professional identifiers that You choose to disclose. We may also collect Your contact details, including Your email address and telephone number, for the purpose of communicating with You, responding to Your requests, and providing information relating to the Platform and the Services.

Additionally, where You elect to share professional or business-related profile information, We may collect details such as links to Your professional profiles or publicly available professional identifiers, including but not limited to LinkedIn profile URLs or similar professional networking references. We may further collect and process the content of any communications initiated by You, including enquiries, messages, comments, feedback, suggestions, and other correspondence submitted through the Platform, via electronic mail, or through any other communication channels made available by Us. All such Personal Data is collected and processed strictly in accordance with this Privacy Policy and applicable law.

b. Information Collected Automatically.

In addition to the Personal Data that You voluntarily provide, We may automatically collect and process certain technical and usage-related information when You access, browse, or otherwise interact with the Platform. Such information may include, without limitation, Your Internet Protocol (IP) address, browser type and version, language preferences, device identifiers, and other unique identifiers associated with the device used to access the Platform. This information is collected to enable proper functioning of the Platform, ensure network and information security, diagnose technical issues, and improve overall performance and user experience.

We may further collect log data and usage data generated by Your interaction with the Platform, including details of access times, dates and duration of visits, pages or features accessed, interactions with content, referring and exit URLs, and timestamps associated with such activities. Additionally, We may collect information relating to the device and operating system used by You, such as device model, operating system name and version, hardware settings, and similar technical characteristics. Such automatically collected information is processed in accordance with this Privacy Policy and applicable law, and is used primarily for analytics, security, troubleshooting, and optimisation of the Platform and the Services.

c. Cookies & Similar Technologies.

We use cookies and similar tracking technologies, including web beacons, pixel tags, local storage objects, device identifiers, and comparable technologies (collectively, “Cookies”), to facilitate the operation, security, and functionality of the Platform and to enhance Your overall user experience. Cookies are small data files that are placed on Your device when You access or use the Platform and enable Us to recognise Your device, remember certain information about Your preferences, and understand how the Platform is accessed and used.

The Cookies used on the Platform may include essential cookies, which are strictly necessary for the operation of the Platform and enable core functionalities such as page navigation, security, and access to secure areas; analytics and performance cookies, which allow Us to collect information about how Users interact with the Platform, including usage patterns and performance metrics, in order to analyse, evaluate, and improve the Platform and the Services; and functional and preference cookies, which enable the Platform to remember choices You make, such as language preferences or other settings, in order to provide a more personalised and efficient user experience.

Where required under applicable law, We shall obtain Your consent prior to deploying non-essential Cookies, and You may manage or withdraw Your cookie preferences at any time through Your browser or device settings. Please note that disabling or deleting certain Cookies may impact the availability or functionality of certain features of the Platform. Further details regarding the types of Cookies used, their purposes, and the manner in which You may manage Your preferences are set out in Section 10 (Cookies & Tracking Technologies) of this Privacy Policy.

5. Purposes Of Processing (DPDP Compliant).

The Company processes Personal Data strictly for clear, specific, lawful, and legitimate purposes, and only to the extent necessary for such purposes, in accordance with Section 5 of the Digital Personal Data Protection Act, 2023. Personal Data shall not be processed in a manner that is incompatible with the purposes set out herein, unless otherwise permitted or required under applicable law.

In particular, the Company may process Personal Data for the following purposes: (i) to provide, operate, administer, manage, and maintain the Platform and the Services, including enabling access to features, functionalities, and content, ensuring continuity of service, and facilitating user interactions; (ii) to communicate with You, including responding to Your enquiries, requests, feedback, or communications, and providing customer support or assistance as requested by You; (iii) to monitor, analyse, improve, and optimise the functionality, performance, security, and reliability of the Platform and the Services, including identifying and resolving technical issues and enhancing user experience; and (iv) to conduct analytics, statistical analysis, and internal research for business planning, service improvement, and development of new features or offerings.

The Company may also process Personal Data, where permitted by applicable law or based on valid consent, (v) to send service-related notifications, updates, informational messages, marketing communications, invitations to events, seminars, or similar initiatives, and other promotional communications, subject to Your preferences and applicable opt-out or consent requirements; (vi) to detect, prevent, investigate, and respond to fraud, unauthorised access, misuse of the Platform, security incidents, or other unlawful or harmful activities, and to protect the integrity, security, and lawful use of the Platform, the Services, and the Company’s systems; and (vii) to comply with applicable legal obligations, regulatory requirements, lawful requests from governmental or judicial authorities, and to establish, exercise, or defend the Company’s legal rights, claims, or interests.

Where processing of Personal Data is based on Consent, You retain the right to withdraw such Consent at any time in accordance with this Privacy Policy, without affecting the lawfulness of processing carried out prior to such withdrawal, subject to applicable law.

6. Lawful Basis of Processing.

The Company processes Personal Data strictly in accordance with the lawful bases recognised under the Digital Personal Data Protection Act, 2023, and only to the extent necessary for the specific purposes described in this Privacy Policy. Depending on the nature of the interaction and the purpose of processing, Personal Data may be processed on one or more of the following lawful grounds.

a. Personal Data may be processed on the basis of the Consent of the Data Principal, where such Consent has been obtained in a manner that is free, specific, informed, unconditional, and unambiguous, through a clear affirmative action, and for clearly defined purposes. Where processing is based on Consent, the Data Principal shall have the right to withdraw such Consent at any time in accordance with the procedure set out in this Privacy Policy, without affecting the lawfulness of processing carried out prior to such withdrawal, subject to applicable law.

b. Personal Data may be processed where such processing is necessary for the performance of obligations to which the Data Principal is a party, or for taking steps at the request of the Data Principal prior to responding to such requests, including for the purpose of providing access to the Platform, responding to enquiries, furnishing information requested by the Data Principal, or otherwise facilitating interactions initiated by the Data Principal.

c. The Company may process Personal Data where such processing is necessary for compliance with applicable legal obligations, including obligations imposed under any law, regulation, court order, or direction issued by a competent governmental or judicial authority, or for the establishment, exercise, or defence of legal rights.

d. Personal Data may be processed for legitimate uses as recognised under the Digital Personal Data Protection Act, 2023, including, without limitation, purposes such as ensuring network and information security, preventing fraud, detecting and investigating misuse or unauthorised access to the Platform, conducting internal analytics and performance monitoring, maintaining audit trails, and carrying out internal business operations, provided that such processing is carried out in a manner that does not override the rights of the Data Principal under applicable law.

7. Disclosure & Data Sharing.

The Company may disclose or share Personal Data only to the extent necessary to fulfil the lawful purposes described in this Privacy Policy and strictly in accordance with applicable law. Such disclosure shall be limited to the minimum Personal Data required and shall be undertaken subject to appropriate safeguards.

Personal Data may be disclosed to the Company’s employees, officers, and authorised personnel who have a legitimate need to access such data for the purpose of performing their duties in connection with the operation, administration, maintenance, and improvement of the Platform and the Services, and who are bound by confidentiality and data protection obligations. The Company may also disclose Personal Data to third-party data processors, vendors, and service providers, including providers of hosting infrastructure, cloud services, analytics, communication tools, customer support, and information technology services, solely for the purpose of enabling such parties to perform services on behalf of the Company.

In addition, the Company may disclose Personal Data to professional advisors, auditors, consultants, or regulatory and governmental authorities where such disclosure is required to comply with applicable law, regulation, court order, or lawful request, or where necessary to establish, exercise, or defend the Company’s legal rights. Further, in the event of any merger, acquisition, reorganisation, restructuring, sale of assets, or other business transfer involving the Company, Personal Data may be disclosed or transferred to the relevant successor entity or acquirer, subject to applicable law and appropriate safeguards, and solely for the purposes of evaluating or completing such transaction.

All third-party data processors engaged by the Company are contractually bound by written agreements to implement appropriate technical and organisational measures to protect Personal Data, to process such data only in accordance with the Company’s documented instructions, and to comply with applicable data protection laws. The Company remains responsible, as a Data Fiduciary, for ensuring that such processing is carried out in a lawful and secure manner.

8. Cross-Border Transfers.

Where it becomes necessary for the Company to transfer or permit access to Personal Data outside the territory of the Republic of India, including transfers to cloud service providers, technology vendors, affiliates, or other Data Processors located outside India, such cross-border transfers shall be undertaken strictly in accordance with Section 16 of the Digital Personal Data Protection Act, 2023, and any rules, notifications, directions, or restrictions issued by the Government of India or the Data Protection Board of India from time to time.

The Company shall ensure that any cross-border transfer of Personal Data is carried out only for lawful purposes and subject to the implementation of appropriate technical and organisational safeguards designed to protect Personal Data against unauthorised access, disclosure, alteration, loss, or misuse. Such safeguards may include, without limitation, contractual obligations requiring recipients to adhere to data protection standards consistent with applicable Indian law, access controls, encryption, confidentiality commitments, and security audits, as may be appropriate to the nature of the Personal Data and the risks involved.

The Company shall not transfer Personal Data to any country, territory, or recipient that has been expressly restricted or prohibited by the Government of India under applicable law. Notwithstanding any such transfers, the Company shall remain responsible, as a Data Fiduciary, for ensuring that the processing of Personal Data continues to comply with the requirements of the Digital Personal Data Protection Act, 2023 and this Privacy Policy.

9. Data Principal Rights. 

Subject to and in accordance with the provisions of the Digital Personal Data Protection Act, 2023, You, as a Data Principal, are entitled to exercise certain rights in relation to the Personal Data processed by the Company. These rights include the right to request access to and obtain a summary of the Personal Data that is being processed by or on behalf of the Company, together with information regarding the purposes of such processing and the categories of Personal Data involved.

You further have the right to request the correction, completion, or updating of any Personal Data that is inaccurate, incomplete, or out of date, and the Company shall take reasonable steps to ensure that such Personal Data is corrected or updated in accordance with applicable law. Where the processing of Personal Data is based on Your Consent, You have the right to withdraw such Consent at any time, without affecting the lawfulness of any processing carried out prior to such withdrawal, subject to the requirements and limitations prescribed under applicable law.

In addition, You may request the erasure or deletion of Your Personal Data where such data is no longer necessary for the purposes for which it was collected or processed, or where erasure is otherwise required under applicable law, subject to any legal, regulatory, or contractual obligations that may require the Company to retain such data. You also have the right to seek grievance redressal in respect of any act or omission relating to the processing of Your Personal Data, including any perceived non-compliance with this Privacy Policy or applicable data protection laws.

Further, in accordance with the Digital Personal Data Protection Act, 2023, You have the right to nominate another individual to exercise Your rights as a Data Principal in the event of Your death or incapacity, in such manner as may be prescribed under applicable law. Requests to exercise any of the foregoing rights may be submitted using the contact details provided in Section 13 (Contact Details) of this Privacy Policy, and the Company shall respond to such requests within the timelines prescribed under applicable law.

10. Cookies & Tracking Technologies.

The Company uses cookies and similar tracking technologies, including web beacons, pixel tags, local storage objects, and comparable technologies (collectively, “Cookies”), to support the secure and effective operation of the Platform and to enhance the overall user experience. Such Cookies may be deployed for essential operational purposes, including enabling core website functionalities, ensuring system security, facilitating navigation, and maintaining session continuity; for analytics and performance measurement, including collecting aggregated and statistical information regarding usage patterns, traffic trends, and interaction metrics in order to evaluate and improve the performance, reliability, and functionality of the Platform; and for personalisation and preference management, including remembering user settings, language preferences, and other choices made during prior interactions with the Platform to provide a more customised experience.

You may control or manage the use of Cookies through Your browser or device settings, including the ability to accept, reject, or delete Cookies, subject to the capabilities of Your browser or device. Please note that disabling or restricting certain Cookies, particularly essential Cookies, may impair the availability, functionality, or performance of the Platform or certain features thereof, and may result in a less optimal user experience. Further details regarding the types of Cookies used and the manner in which You may manage Your preferences are provided elsewhere in this Privacy Policy.

11. Data Retention.

The Company shall retain Personal Data only for such period as is reasonably necessary to fulfil the specific purposes for which such Personal Data was collected and processed, as set out in this Privacy Policy, and in accordance with the principles of purpose limitation and data minimisation prescribed under the Digital Personal Data Protection Act, 2023. Personal Data shall also be retained for such longer periods as may be required to comply with applicable laws, regulations, court orders, or governmental directions, or where retention is necessary for the establishment, exercise, or defence of the Company’s legal rights.

Unless a longer retention period is expressly mandated or permitted by applicable law, the Company shall not retain Personal Data beyond a period of three (3) years from the date of the Data Principal’s last interaction with the Platform or the completion of the purpose for which such Personal Data was collected, whichever occurs later. Upon expiry of the applicable retention period, or upon determination that Personal Data is no longer necessary for the purposes described herein, the Company shall take reasonable steps to securely delete, anonymise, or irreversibly de-identify such Personal Data, in accordance with applicable law and its internal data retention and destruction policies, subject to any technical or legal limitations.

12. Data Security & Breach Response.

The Company implements and maintains reasonable and appropriate technical, organisational, and administrative measures to safeguard Personal Data against unauthorised access, accidental or unlawful destruction, loss, alteration, disclosure, or misuse, having regard to the nature of the Personal Data, the purposes of processing, and the risks involved. Such measures may include, without limitation, access controls, role-based authorisations, encryption, secure storage, network security controls, monitoring and logging mechanisms, regular security assessments, and internal policies and procedures designed to ensure confidentiality, integrity, and availability of Personal Data. While the Company endeavours to protect Personal Data using commercially reasonable safeguards, You acknowledge that no method of transmission over the internet or method of electronic storage is completely secure, and absolute security cannot be guaranteed.

In the event of a personal data breach, including any unauthorised or accidental disclosure, acquisition, access, alteration, loss, or destruction of Personal Data that is likely to cause harm to Data Principals, the Company shall take reasonable steps to promptly assess, contain, and remediate the breach. Where required under the Digital Personal Data Protection Act, 2023, the Company shall notify the Data Protection Board of India and the affected Data Principals in such manner and within such timeframes as may be prescribed under applicable law, and shall take appropriate remedial actions to mitigate any potential harm arising from such breach.

13. Children’s Data.

The Platform and the Services are not directed to, intended for, or designed to be accessed or used by individuals below the age of eighteen (18) years. The Company does not knowingly solicit, collect, process, or store Personal Data relating to children or minors. By accessing or using the Platform, You represent and warrant that You are at least eighteen (18) years of age and are legally competent to provide Personal Data in accordance with this Privacy Policy and applicable law.

In the event that the Company becomes aware that Personal Data relating to a child has been inadvertently collected or processed without appropriate legal authority or consent, the Company shall take reasonable and prompt steps to delete or irreversibly anonymise such Personal Data, unless retention is required by applicable law for the protection of the child or for compliance with a legal obligation. If You are a parent or legal guardian and believe that a child has provided Personal Data to the Company through the Platform, You are encouraged to contact the Company using the details provided in this Privacy Policy so that appropriate corrective action may be taken.

14. Grievance Redressal.

Grievance Officer: Rajasimha Karanam, Chief Executive Officer

Email: grievance@idyaite.ai

Address: 324, Royal Lakefront Residency, J.P. Nagar, Bangalore South, Karnataka – 560078

Grievances shall be resolved within timelines prescribed under applicable law.

15. Updates To This Policy.

We may update this Privacy Policy from time to time. Material changes will be notified via the Platform or other appropriate means.

16. CONTACT DETAILS

For privacy-related queries or to exercise rights:

Email: privacy@idyaite.ai

Office Address: 324, Royal Lakefront Residency, J.P. Nagar, Bangalore South, Karnataka – 560078

We are Idyaite.ai,  an emerging AI-native digital engineering firm that emphasizes a problem-focused approach rather than a product-centric mindset. We prioritize understanding our clients’ unique challenges and work collaboratively through ideation and consultative processes to develop tailored solutions. Instead of presenting predefined products, we strive to deliver AI-driven solutions that genuinely impact key KPIs, ensuring measurable business outcomes. Our integrated services spanning digital engineering, workforce solutions, and consulting, are built around this philosophy of impactful, customer-centric innovation.

Linkedin