Privacy Policy
1. Introduction
Mindteck (the "Company", "we", "us", or "our") is committed to protecting the privacy and personal data of individuals who visit or interact with www.mindteck.com (the "Website").
This Privacy Policy explains how we collect, use, store, disclose, and protect personal data in accordance with applicable data protection and privacy laws worldwide, including but not limited to:
- The Digital Personal Data Protection Act, 2023 and the Information Technology Act, 2000 (India)
- The General Data Protection Regulation (EU) 2016/679 ("GDPR")
- Applicable United States federal and state privacy laws, including the CCPA/CPRA
- UK Data Protection Act 2018 and other national, regional, and local data protection laws in jurisdictions where Mindteck operates or where personal data is processed
Under applicable law, personal data belongs to the individual (the "Data Principal" or "Data Subject"), and Mindteck acts as a Data Fiduciary, Data Controller, or Business, as applicable.
By using this Website, you acknowledge that your personal data will be processed in accordance with this Privacy Policy.
2. Personal Data We Collect
We may collect the following categories of personal data through the Website:
- Identity and contact information: name, email address, phone number, company name, designation
- Professional information: organization details, job role, business interests
- Technical and usage data: IP address, browser type, device information, pages visited, access times
- Communication data: information shared through contact forms, emails, or subscription requests
We do not knowingly collect personal data of children under 16 (or the age specified by applicable law, such as 13 under COPPA).
3. Purpose of Processing
Personal data is collected and processed only for lawful and legitimate purposes, including:
- Responding to enquiries and requests
- Providing information about our services, events, and offerings
- Managing subscriptions to email communications
- Improving Website functionality, performance, and user experience
- Maintaining internal business records
- Meeting legal, regulatory, contractual, and compliance obligations
Personal data will not be processed for purposes incompatible with those stated above unless permitted by law or with appropriate consent.
4. Legal Basis for Processing
Depending on the applicable jurisdiction and context, Mindteck processes personal data on one or more of the following legal bases:
- Consent of the individual
- Performance of a contract or pre-contractual steps
- Compliance with legal obligations
- Legitimate business interests, where such interests are not overridden by individual rights
5. Consent
Where required by applicable law, personal data is processed only with free, specific, informed, and unambiguous consent.
Consent may be withdrawn at any time. Withdrawal will not affect the lawfulness of processing carried out prior to such withdrawal.
6. Individual Rights
Subject to applicable law and jurisdiction, individuals may have the right to:
- Access personal data processed by us
- Request correction or updating of inaccurate or incomplete data
- Request deletion or erasure of personal data
- Withdraw consent where processing is based on consent
- Object to or restrict certain processing activities
- Request data portability where applicable
- Lodge a complaint with a competent supervisory or regulatory authority
- Exercise additional rights granted under local laws, including nomination rights where applicable
Requests may be submitted as described in Section 11 and will be responded to within applicable timelines (e.g., 30 days under GDPR, 45 days under CCPA).
7. Disclosure to Third Parties
We may disclose personal data to trusted third-party service providers (including IT, analytics, hosting, or marketing support providers) solely for legitimate business purposes and subject to contractual confidentiality and security obligations.
Mindteck does not sell or "share" (as defined under CCPA/CPRA) personal data and does not engage in unlawful or unauthorized data sharing practices.
8. International Data Transfers
As a global organization, Mindteck may transfer personal data across borders, including to jurisdictions with different data protection standards.
Where required by law, appropriate safeguards are implemented, such as:
- Standard contractual clauses
- Intra-group data protection agreements
- EU-US Data Privacy Framework (where applicable) and other lawful transfer mechanisms recognized under applicable law
9. Data Security
Mindteck implements reasonable technical and organizational measures to protect personal data from unauthorized access, loss, misuse, alteration, or disclosure.
Access to personal data is limited to authorized personnel on a need-to-know basis and governed by internal policies and controls.
10. Data Retention
Personal data is retained only for as long as necessary to fulfill the purposes for which it was collected or to meet legal or contractual requirements.
Unless a longer retention period is mandated by law, personal data will generally be retained for periods tied to specific purposes (e.g., enquiry responses: 1 year; marketing subscriptions: until withdrawal), not exceeding 3 years unless required by law, up to three (3) years, after which it will be securely deleted or anonymized.
11. Contact Information and Grievance Redressal
For privacy-related enquiries, requests, or grievances, please contact:
- Grievance/Privacy Contact Email: info@mindteck.com
- India Data Protection Officer and EU Representative: Mr. Ravi Ramaiah [dpo@mindteck.com]
Requests will be addressed within timelines prescribed under applicable law (e.g., 72 hours for significant data fiduciary verification under DPDP India, 30 days under GDPR, 45 days under CCPA).
12. Cookies and Tracking Technologies
The Website may use cookies or similar technologies to enhance functionality and analyze usage. Where required by law, users will be provided with appropriate notice and choice mechanisms.
13. Do Not Track Signals
The Website does not currently respond to browser "Do Not Track" signals. Data collection is limited to what is necessary for legitimate business purposes. We monitor evolving standards and may update this practice.
14. Updates to This Policy
Mindteck reserves the right to update this Privacy Policy to reflect changes in applicable laws, regulatory requirements, technology, or business practices. Updates will be posted on this page, and continued use of the Website constitutes acceptance of the revised policy.