Privacy Policy

1. Introduction and Scope

This Privacy Policy ("Policy") describes how SEVASYNC DIGITAL SOLUTIONS PRIVATE LIMITED ("sevaSYNC", "we", "us", or "our") collects, uses, discloses, and protects personal information when you access or use our services, including the sevaSYNC platform and its survey management product surveySYNC (collectively, the "Services").

This Policy applies to all users of our Services, including:

• Account holders and administrators
• Team members and field surveyors
• Survey respondents
• Website visitors
• Mobile application users

By using our Services, you consent to the data practices described in this Policy. If you do not agree with this Policy, please do not use our Services.

2. Information We Collect

2.1 Information You Provide

We collect information that you provide directly to us, including:

• Account Information: Name, email address, phone number, organization name, job title, and password
• Profile Information: Profile picture, preferences, and settings
• Survey Data: Questions, responses, and all data collected through surveys
• Location Data: GPS coordinates, addresses, and geographical information
• Communication Data: Messages, support tickets, feedback, and correspondence with us
• Payment Information: Billing details, transaction history (payment card details are handled by third-party payment processors)
• Custom Fields: Any additional information you choose to provide

2.2 Information Collected Automatically

When you use our Services, we automatically collect certain information:

• Device Information: Device type, operating system, browser type, unique device identifiers
• Usage Data: Features accessed, pages viewed, time spent, clickstream data, search queries
• Log Data: IP address, access times, error logs, performance data
• Location Information: IP-based location, GPS data (with your permission)
• Cookies and Similar Technologies: Session data, preferences, analytics information

2.3 Information from Third Parties

We may receive information about you from third-party sources, such as authentication providers, payment processors, analytics services, and publicly available sources. This information is used to supplement the information we collect directly.

3. How We Collect Information

We collect information through various methods:

• Direct Interactions: When you create an account, use our Services, fill out forms, or contact us
• Automated Technologies: Through cookies, web beacons, and similar tracking technologies
• Mobile Applications: When you use our mobile apps, including location data and device information
• Survey Responses: Data collected through surveys created and distributed using our platform
• Third-Party Sources: Information from authentication providers, analytics services, and business partners

4. How We Use Your Information

We use the information we collect for the following purposes:

4.1 Service Provision

• Provide, maintain, and improve our Services
• Process surveys and collect responses
• Enable location-based features and GPS tracking
• Facilitate team collaboration and assignment management
• Generate analytics, reports, and dashboards
• Provide customer support and respond to inquiries

4.2 Business Operations

• Process payments and manage subscriptions
• Send transactional communications (confirmations, receipts, updates)
• Detect, prevent, and address fraud, security issues, and technical problems
• Monitor and analyze usage patterns and trends
• Conduct research and development

4.3 Marketing and Communications

• Send marketing communications about new features and updates (with your consent)
• Conduct surveys and gather feedback
• Personalize your experience and provide relevant content

4.4 Legal and Compliance

• Comply with legal obligations and regulatory requirements
• Enforce our Terms and Conditions
• Protect our rights, property, and safety, and that of our users
• Respond to legal requests and prevent harm

5. Legal Bases for Processing (GDPR)

For users in the European Economic Area (EEA) and other jurisdictions with similar data protection laws, we process your personal data based on the following legal grounds:

• Contractual Necessity: Processing necessary to perform our contract with you (providing Services)
• Consent: You have given explicit consent for specific processing activities
• Legitimate Interests: Processing necessary for our legitimate business interests (improving Services, fraud prevention)
• Legal Obligation: Processing required to comply with applicable laws and regulations
• Vital Interests: Processing necessary to protect someone's life or physical safety

6. Data Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

6.1 Service Providers

We share information with third-party service providers who perform services on our behalf, including:

• Cloud hosting and infrastructure providers
• Payment processors
• Analytics and monitoring services
• Customer support tools
• Email and communication platforms

6.2 Business Transfers

If we are involved in a merger, acquisition, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will provide notice before your information is transferred and becomes subject to a different privacy policy.

6.3 Legal Requirements

We may disclose your information if required by law or in response to:

• Legal process (subpoenas, court orders)
• Government or regulatory requests
• Protection of rights, property, or safety
• Investigation of fraud or security issues
• Enforcement of our Terms and Conditions

6.4 With Your Consent

We may share your information with third parties when you explicitly consent to such sharing.

7. Data Security and Protection

Our security measures include:

• Encryption: Data encryption in transit (TLS/SSL) and at rest
• Access Controls: Role-based access control (RBAC) and multi-factor authentication
• Security Monitoring: Continuous monitoring and logging of system activity
• Regular Audits: Periodic security assessments and penetration testing
• Employee Training: Regular security awareness training for all staff
• Secure Infrastructure: Use of reputable cloud providers with strong security certifications
• Incident Response: Established procedures for handling security incidents

Important: While we implement reasonable security measures, no system is completely secure. We cannot guarantee the absolute security of your information.

8. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

Retention Periods:

• Account Data: Retained while your account is active and for a reasonable period after termination
• Survey Data: Retained according to your settings and organizational requirements
• Transaction Records: Retained for at least 7 years for accounting and tax purposes
• Log Data: Typically retained for 12-24 months for security and troubleshooting
• Marketing Data: Retained until you withdraw consent or request deletion

When we no longer need your information, we will securely delete or anonymize it in accordance with our data retention policies and applicable laws.

9. Your Rights and Choices

Depending on your location and applicable laws, you may have the following rights regarding your personal information:

9.1 Access and Portability

You have the right to access your personal information and receive a copy in a structured, commonly used, machine-readable format.

9.2 Correction and Update

You can update or correct inaccurate or incomplete personal information through your account settings or by contacting us.

9.3 Deletion (Right to be Forgotten)

You may request deletion of your personal information, subject to certain exceptions (legal obligations, ongoing disputes, etc.).

9.4 Restriction and Objection

You can request restriction of processing or object to certain processing activities, such as direct marketing.

9.5 Withdraw Consent

Where processing is based on consent, you have the right to withdraw consent at any time.

9.6 Lodge a Complaint

You have the right to lodge a complaint with your local data protection authority if you believe your rights have been violated.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that are different from the laws of your country.

When we transfer personal data internationally, we ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses (SCCs) approved by regulatory authorities
• Data processing agreements with service providers
• Compliance with applicable data transfer frameworks
• Ensuring adequate levels of data protection

11. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect information about your browsing activities and improve your experience.

Types of Cookies We Use:

• Essential Cookies: Required for basic site functionality
• Performance Cookies: Help us understand how visitors use our Services
• Functional Cookies: Remember your preferences and settings
• Analytics Cookies: Collect aggregated information about site usage

You can control cookies through your browser settings. However, disabling cookies may affect the functionality of our Services.

12. Children's Privacy

Our Services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you are a parent or guardian and believe we have collected information from your child, please contact us immediately, and we will take steps to delete such information.

13. Third-Party Links and Services

Our Services may contain links to third-party websites, applications, or services. We are not responsible for the privacy practices of these third parties. We encourage you to read the privacy policies of any third-party services you access.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by:

• Posting the updated Policy on our website
• Updating the "Last Updated" date
• Sending an email notification to your registered email address (for significant changes)
• Displaying a prominent notice in the Services

Your continued use of the Services after the effective date of the revised Privacy Policy constitutes your acceptance of the changes.

15. Compliance and Certifications

sevaSYNC is committed to compliance with applicable data protection laws and regulations, including:

• Information Technology Act, 2000 and related rules (India)
• General Data Protection Regulation (GDPR) for EEA users
• California Consumer Privacy Act (CCPA) for California residents
• Industry best practices and security standards

We regularly review and update our data protection practices to ensure ongoing compliance with evolving regulations.

16. Contact and Data Protection Officer

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: