Privacy Policy

At UpTech Consulting ("we," "us," or "our"), we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our services.

1. Information We Collect

1.1 Personal Information

We may collect personal information that you voluntarily provide to us when you:

• Fill out contact forms or request consultations
• Subscribe to our newsletters or updates
• Register for events or webinars
• Communicate with us via email, phone, or other channels
• Engage our consulting or staff augmentation services

This information may include:

• Name and contact information (email, phone number, address)
• Company name and job title
• Professional credentials and certifications
• Communication preferences
• Any other information you choose to provide

1.2 Automatically Collected Information

When you visit our website, we may automatically collect certain information about your device and browsing behavior, including:

• IP address and geographic location
• Browser type and version
• Operating system
• Pages visited and time spent on pages
• Referring website addresses
• Click patterns and website navigation

1.3 Cookies and Tracking Technologies

We use cookies, web beacons, and similar tracking technologies to enhance your experience on our website. You can control cookie preferences through your browser settings.

2. How We Use Your Information

We use the collected information for the following purposes:

• Service Delivery: To provide cybersecurity consulting, VAPT services, compliance advisory, and staff augmentation services
• Communication: To respond to inquiries, send service updates, and provide customer support
• Marketing: To send newsletters, promotional materials, and information about our services (with your consent)
• Website Improvement: To analyze usage patterns and improve our website functionality
• Compliance: To comply with legal obligations and industry standards
• Security: To detect, prevent, and address technical issues and security incidents
• Business Operations: To manage contracts, invoicing, and client relationships

3. Information Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following circumstances:

• Service Providers: With trusted third-party vendors who assist in operating our website and delivering services (e.g., hosting providers, email service providers)
• Legal Requirements: When required by law, regulation, legal process, or governmental request
• Business Transfers: In connection with mergers, acquisitions, or sale of business assets
• Protection of Rights: To protect our rights, property, safety, or that of our clients and the public
• With Your Consent: When you explicitly authorize us to share your information

4. Data Security

As a cybersecurity consulting firm, we take data security seriously. We implement industry-standard security measures to protect your personal information, including:

• Encryption of data in transit and at rest
• Access controls and authentication mechanisms
• Regular security assessments and vulnerability testing
• Employee training on data protection and confidentiality
• Incident response procedures

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

5. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Retention periods vary depending on:

• The nature of the information collected
• Legal and regulatory requirements (ISO 27001, SOC 2, RBI, CERT-In, DPDP Act)
• Contractual obligations
• Business and operational needs

6. Your Rights and Choices

Depending on your location and applicable laws (including India's Digital Personal Data Protection Act), you may have the following rights:

• Access: Request access to the personal information we hold about you
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal information (subject to legal obligations)
• Opt-Out: Unsubscribe from marketing communications
• Data Portability: Request a copy of your data in a structured, machine-readable format
• Withdraw Consent: Withdraw consent for data processing where consent is the legal basis
• Object: Object to certain types of data processing

To exercise these rights, please contact us using the information provided below.

7. International Data Transfers

As we serve clients across India, the Middle East, and global markets, your information may be transferred to and processed in countries outside your jurisdiction. We ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy and applicable data protection laws.

8. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected information from a child without parental consent, we will take steps to delete such information.

9. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of these external sites. We encourage you to review the privacy policies of any third-party sites you visit.

10. Compliance with Regulations

UpTech Consulting complies with applicable data protection laws and regulations, including:

• India's Digital Personal Data Protection Act (DPDP Act)
• Information Technology Act, 2000 and IT Rules
• RBI guidelines for financial sector clients
• CERT-In cybersecurity directions
• ISO 27001 information security standards
• SOC 2 compliance requirements

11. Updates to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal requirements. We will notify you of material changes by:

• Posting the updated policy on our website with a new "Last Updated" date
• Sending email notifications to registered users
• Displaying prominent notices on our website

We encourage you to review this Privacy Policy periodically.