Privacy Policy

1. Introduction

CHINTAMANIKRUPA SOLUTIONS PRIVATE LIMITED, operating under the brand name Pentasynth ("we," "us," "our," or "Company"), is committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our services, or interact with us.

This policy is published in compliance with the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 ("SPDI Rules"), and other applicable laws of India.

By accessing our website or using our services, you consent to the collection, use, and disclosure of your information as described in this Privacy Policy.

2. Information We Collect

2.1 Personal Information

We may collect the following types of personal information when you interact with us:

• Identity Information: Name, job title, company name
• Contact Information: Email address, phone number, mailing address
• Account Information: Username, password (encrypted), and account preferences
• Billing Information: Payment details, billing address, GST/tax identification numbers
• Communication Data: Emails, messages, and feedback you send to us

2.2 Sensitive Personal Data or Information (SPDI)

As defined under the SPDI Rules, we may collect the following sensitive information only with your explicit consent and when necessary for providing our services:

• Financial information such as bank account details and payment card information
• Passwords and authentication credentials (stored in encrypted form)

2.3 Automatically Collected Information

When you visit our website, we automatically collect certain information, including:

• Device Information: Browser type, operating system, device type
• Usage Data: Pages visited, time spent on pages, click patterns
• Log Data: IP address, access times, referring website addresses
• Location Data: General geographic location based on IP address

3. Purpose of Data Collection

We collect and use your information for the following purposes:

• Service Delivery: To provide, maintain, and improve our software, SaaS, and IT services
• Communication: To respond to inquiries, send service updates, and provide customer support
• Billing and Payments: To process transactions and send invoices
• Legal Compliance: To comply with applicable laws, regulations, and legal processes
• Security: To protect against fraud, unauthorized access, and security threats
• Analytics: To understand how our services are used and improve user experience
• Marketing: To send promotional communications (only with your consent)

4. Cookies and Analytics

4.1 What Are Cookies?

Cookies are small text files stored on your device when you visit our website. They help us provide a better user experience and understand how our website is used.

4.2 Types of Cookies We Use

• Essential Cookies: Required for basic website functionality
• Analytics Cookies: Help us understand how visitors interact with our website
• Preference Cookies: Remember your settings and preferences
• Marketing Cookies: Used to deliver relevant advertisements (if applicable)

4.3 Third-Party Analytics

We may use third-party analytics services (such as Google Analytics) to collect and analyze usage information. These services may use cookies and similar technologies to collect information about your use of our website.

4.4 Managing Cookies

You can control cookies through your browser settings. Most browsers allow you to refuse or delete cookies. However, disabling cookies may affect the functionality of our website.

5. Data Storage and Security

5.1 Data Storage

Your personal data may be stored on servers located in India or with reputable cloud service providers. We ensure that any international data transfers comply with applicable data protection laws.

5.2 Security Measures

We implement reasonable security practices and procedures as required under the SPDI Rules, including:

• Encryption of sensitive data in transit (SSL/TLS) and at rest
• Secure access controls and authentication mechanisms
• Regular security assessments and vulnerability testing
• Employee training on data protection and security
• Incident response procedures for data breaches

5.3 Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by law. Once the data is no longer needed, we securely delete or anonymize it.

6. Disclosure of Information

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following circumstances:

• Service Providers: With trusted third-party vendors who assist us in operating our business (e.g., payment processors, hosting providers)
• Legal Requirements: When required by law, court order, or government authority
• Business Transfers: In connection with a merger, acquisition, or sale of assets
• Protection of Rights: To protect our rights, privacy, safety, or property
• With Your Consent: When you have explicitly consented to the disclosure

7. Your Rights

Under applicable Indian laws, you have the following rights regarding your personal data:

• Right to Access: Request a copy of the personal information we hold about you
• Right to Correction: Request correction of inaccurate or incomplete information
• Right to Withdraw Consent: Withdraw consent for processing at any time (where processing is based on consent)
• Right to Deletion: Request deletion of your personal information (subject to legal requirements)
• Right to Data Portability: Receive your data in a structured, commonly used format

To exercise any of these rights, please contact us at contact@pentasynth.com. We will respond to your request within a reasonable timeframe.

8. Third-Party Links

Our website may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to read the privacy policies of any third-party websites you visit.

9. Children's Privacy

Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us immediately.

10. Grievance Officer

In accordance with the Information Technology Act, 2000 and the SPDI Rules, we have appointed a Grievance Officer to address any concerns or complaints regarding the processing of your personal information:

The Grievance Officer shall acknowledge your complaint within 48 hours and resolve it within 30 days from the date of receipt.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated "Last Updated" date. We encourage you to review this policy periodically. Continued use of our services after changes constitutes acceptance of the updated policy.