Privacy Policy
Effective Date: Jan 2nd, 2022
Last Updated: March 1st, 2025
Sanstark Technologies (“Company,” “we,” “us,” or “our”) respects your privacy and is committed to protecting your personal data. This Privacy Policy outlines how we collect, use, store, disclose, and safeguard your information when you visit our website, www.sanstark.ai, or engage with our services. This policy complies with the General Data Protection Regulation (GDPR) of the European Union and the Digital Personal Data Protection (DPDP) Act, 2023 of India.
1. Scope of This Policy
This Privacy Policy applies to:
- Visitors and users of our website
- Individuals who contact us via forms, email, or social media
- Clients, partners, and subscribers to our services
2. Personal Data We Collect
We may collect the following categories of personal data:
a) Data You Provide
- Full name, email address, phone number
- Job title, company name, business sector
- Inquiry messages, form responses, feedback
b) Data Collected Automatically
- IP address, device ID, browser type, OS
- Pages viewed, referral sources, time spent
- Cookies and similar tracking technologies
c) Sensitive Personal Data
We do not collect sensitive personal data (e.g., financial, biometric, or health data) unless explicitly required with consent and only for lawful purposes.
3. Purpose of Data Processing
We process your data to:
- Respond to inquiries and service requests
- Provide and improve our cybersecurity services
- Conduct research, analytics, and website optimization
- Send updates, newsletters, and service-related notices
- Fulfill legal or regulatory obligations
4. Legal Basis for Processing (GDPR & DPDP)
We process your personal data under the following legal grounds:
| Basis | Description |
| Consent | Where you voluntarily provide information or subscribe to updates |
| Contractual necessity |
To provide services requested by you or your organization |
| Legal obligation | Where processing is required by law (e.g., tax or regulatory authorities) |
| Legitimate interests | For business efficiency, fraud prevention, and security monitoring |
Under DPDP, you have the right to access, correct, delete, withdraw consent, and nominate a data fiduciary.
5. Cookies & Tracking Technologies
We use cookies to:
- Enhance user experience
- Monitor traffic and website performance
- Retarget ads (if applicable)
You may opt out of non-essential cookies via your browser or banner preferences. For full details, see our [Cookie Policy].
6. Data Sharing & Disclosures
We do not sell or trade your personal data. However, we may share data with:
- Cloud service providers, CRM, and analytics platforms
- Legal or regulatory authorities as required
- Partners or subcontractors under confidentiality agreements
- In the event of a merger, acquisition, or restructuring
We ensure all vendors adhere to strict confidentiality and data protection standards.
7. Cross-Border Data Transfers
Your data may be transferred to and processed outside your country, including in the European Union, India, or other jurisdictions. We implement safeguards such as:
- Standard Contractual Clauses (SCCs) for EU transfers
- Government-notified safeguards under India’s DPDP Act
- Data Minimization and Purpose Limitation
8. Data Retention
We retain your data only as long as necessary to:
- Fulfill the purposes outlined in this policy
- Meet contractual, legal, or regulatory obligations
- Support auditing, dispute resolution, or fraud prevention
Once no longer needed, data is securely deleted or anonymized.
9. Data Security Measures
We implement organizational and technical security practices:
- SSL encryption for data in transit
- Firewalls, DDoS protection, and secure servers
- Role-based access control (RBAC)
- Employee confidentiality agreements and training
Despite our efforts, no system is 100% secure. We encourage you to protect your login credentials and report any suspected misuse.
10. Your Rights (EU & India)
You have the right to:
| Right | Description |
| Access | Request a copy of your personal data |
| Rectification | Correct inaccurate or outdated information |
| Erasure | Request deletion of your data (“Right to be Forgotten”) |
| Consent Withdrawal | Revoke any previously given consent |
| Data Portability | Request data in a structured, machine-readable format (GDPR) |
| Nominate Data Fiduciary |
Appoint a nominee under DPDP in case of incapacitation |
| File Complaints | With the Data Protection Board of India or your EU supervisory authority |
To exercise any of the above rights, contact us at [email protected]
11. Children’s Privacy
Our services are not directed to individuals under 16 years of age. If you believe a child has submitted personal data to us, please contact us to remove it.
12. Third-Party Links
Our website may link to other platforms. We are not responsible for their privacy practices. Please review third-party privacy policies before interacting with their content or services.
13. Policy Updates
We may update this Privacy Policy to reflect changes in laws, technologies, or our services. Updates will be posted here with a new “Last Updated” date. Significant changes may be communicated via email or on the Website.
14. Contact Information
Data Protection Officer (DPO)
Sanstark Technologies
Email: [email protected]
Website: https://www.sanstark.ai
If you’re located in the EU, you may also contact our EU Representative (if applicable) or your local supervisory authority.