Legal

Privacy Policy

Effective date: 1 January 2025

This policy explains what personal data we collect, why we collect it, and how we protect it. We are committed to being transparent about our data practices.

Table of Contents

1. Information We Collect
2. How We Use Your Information
3. Legal Basis for Processing
4. Data Storage and Security
5. Cookies
6. Third-Party Service Providers
7. Data Retention
8. Your Rights
9. Children's Privacy
10. Changes to This Policy
11. Contact Our Data Protection Officer

1. Information We Collect

We collect information that you provide directly to us when you register an account, place an order, or contact us for support. This includes:

• Personal Identification: Full name, email address, phone number, billing address.

• Account Credentials: Username and hashed password (we never store plain-text passwords).

• Payment Information: We do not store card details. Payments are processed by Cashfree (PCI-DSS Level 1 compliant). We store only transaction reference IDs.

• Technical Data: IP address, browser type, device information, and access logs collected automatically when you use our services.

• Communications: Emails, support tickets, and chat messages you send us.

2. How We Use Your Information

We use the information we collect to:

• Provision, operate, and maintain your hosting, VPS, and domain services.

• Process payments and issue invoices.

• Send transactional emails: account creation, invoice receipts, service expiry reminders, and support ticket updates.

• Respond to your inquiries and provide customer support.

• Monitor server performance and detect/prevent abuse or fraud.

• Comply with applicable Indian laws and regulations.

• Improve our services based on aggregated, anonymised usage analysis.

We do not sell, rent, or share your personal information with third parties for marketing purposes.

3. Legal Basis for Processing

Under the Information Technology Act, 2000 and the Digital Personal Data Protection Act, 2023 (DPDP Act), we process your data on the following lawful bases:

• Contractual Necessity: Processing required to deliver the services you have subscribed to.

• Legal Obligation: Compliance with GST, income tax, and other applicable Indian laws.

• Legitimate Interests: Preventing fraud, ensuring platform security, and improving service quality.

• Consent: For marketing communications (you may withdraw consent at any time).

4. Data Storage and Security

Your data is stored on servers located within India. We implement industry-standard security measures including:

• AES-256 encryption for data at rest.

• TLS 1.2+ encryption for all data in transit.

• Regular security audits and vulnerability assessments.

• Role-based access controls — only authorised staff can access customer data.

• Firewall protection and DDoS mitigation at the network level.

Despite these measures, no security system is impenetrable. In the event of a data breach affecting your personal information, we will notify you within 72 hours as required by applicable law.

5. Cookies

We use essential cookies to operate our website and portal (session management, CSRF protection). We also use analytics cookies to understand how users interact with our website. No third-party advertising cookies are used.

You can control cookies through your browser settings. Disabling essential cookies may impact the functionality of the customer portal.

6. Third-Party Service Providers

We share data with trusted third parties solely to operate our services:

• Cashfree — Payment processing (PCI-DSS Level 1 compliant).

• Mailpit / SMTP Provider — Transactional email delivery.

• Cloudflare — DNS and CDN services.

• HestiaCP — Hosting control panel (self-hosted on our servers).

All third-party providers are contractually obligated to protect your data and use it only for the purposes we specify.

7. Data Retention

We retain your personal data for as long as your account is active or as needed to provide services. After account closure:

• Billing records are retained for 7 years as required by Indian GST regulations.

• Support tickets are retained for 2 years.

• Server logs are retained for 90 days.

• All other personal data is deleted within 30 days of account closure unless legally required to retain it.

8. Your Rights

Under the DPDP Act 2023 and other applicable laws, you have the right to:

• Access: Request a copy of the personal data we hold about you.

• Correction: Request correction of inaccurate or incomplete data.

• Deletion: Request deletion of your personal data (subject to legal retention requirements).

• Withdraw Consent: Opt out of marketing communications at any time via the unsubscribe link in emails.

• Grievance Redressal: Lodge a complaint with our data protection contact.

To exercise any of these rights, email us at [email protected].

9. Children's Privacy

Our services are not directed at individuals under 18 years of age. We do not knowingly collect personal information from minors. If you believe we have inadvertently collected data from a minor, please contact us immediately and we will delete it.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated effective date. For material changes, we will notify registered customers via email at least 14 days before the changes take effect. Continued use of our services after the effective date constitutes acceptance of the updated policy.

11. Contact Our Data Protection Officer

For privacy-related questions, data access requests, or complaints, contact:

Tricknowtech Web Solution

Email: [email protected]

Address: Tricknowtech, Pratik Greens, Near C. Lodha Memorial School, Nilje, Thane, Maharashtra 421204

We will respond to all privacy requests within 30 days.

Questions about this policy? [email protected]