Privacy Policy

Our Commitment to Your Privacy

Effective Date: July 22, 2025

At Protriden Technologies, we are committed to protecting your privacy and ensuring transparency in how your data is handled. This policy outlines what data we collect, how it's used, and your rights.

1. INTRODUCTION

This Privacy Policy describes how Protriden Technologies ("Company," "we," "us," or "our") collects, uses, discloses, and safeguards personal information when you use our mobile applications, websites, and cloud infrastructure services (collectively, the "Services"). It complies with the General Data Protection Regulation (GDPR), California Consumer Privacy Act/Privacy Rights Act (CCPA/CPRA), Virginia Consumer Data Protection Act (VCDPA), Lei Geral de Proteção de Dados (LGPD), Personal Information Protection and Electronic Documents Act (PIPEDA), and Google Play Store Developer Policies.

1.1 Glossary & Key Definitions

2. INFORMATION WE COLLECT

2.1 Personal & Sensitive Data

• Identification Data: Name, username, email, phone number, postal address
• Financial Data: Billing address, last four digits of payment card (processed by third-party gateway; we never store full card numbers)
• Biometric Data (opt-in): Fingerprint, face geometry, or voiceprint for authentication purposes
• Precise Geolocation (opt-in): GPS coordinates when a location-based feature is enabled
• Children's Data: Only with verified parental consent

2.2 Device & Usage Data

Device model, OS version, IP address, unique device identifiers, crash logs, interaction events, and session duration.

2.3 Cookies & Similar Technolgies

See the dedicated Cookie Policy for full details.

2.4 Data from Third Parties

Cloud hosting providers, analytics platforms (Firebase, Google Analytics), authentication services (OAuth), marketing partners, and app stores.

3. LEGAL BASES FOR PROCESSING (GDPR Art. 6 & LGPD Art. 7)

4. HOW WE USE INFORMATION

1. Operate, maintain, and improve our apps, websites, and cloud services.
2. Personalize content, features, and user experience.
3. Authenticate log-ins (including biometric unlock where enabled).
4. Detect, prevent, and investigate fraud, spam, abuse, and security threats.
5. Comply with legal requests, court orders, and regulatory obligations.
6. Conduct marketing (with opt-in consent) and measure campaign effectiveness.
7. Perform Automated Decision-Making & Profiling as described in §10.

5. INFORMATION SHARING

We never sell personal data. We share it only:

• With vetted service providers acting as data processors under Data Processing Agreements (DPAs) that include Standard Contractual Clauses where required.
• Within corporate affiliates under equivalent safeguards.
• For legal or safety reasons (court orders, to protect rights or prevent harm).
• In connection with mergers, acquisitions, or asset transfers (notice will be provided).
• With third parties when you expressly consent.

6. COOKIE & TRACKING POLICY

6.1 Types of Cookies

6.2 Consent Management

Non-essential cookies are blocked until you grant opt-in consent via our CMP banner. You may revoke consent or adjust granular preferences at any time under Settings > Privacy > Cookie Preferences.

6.3 Do Not Track & Global Privacy Control

We honor browser Do Not Track signals and recognized Global Privacy Control (GPC) headers by disabling non-essential cookies.

7. INTERNATIONAL DATA TRANSFERS

Where data is transferred outside your jurisdiction (e.g., from EU to US servers), we rely on:

• Adequacy decisions (e.g., EU–US Data Privacy Framework)
• Standard Contractual Clauses (SCCs)
• Binding Corporate Rules where applicable Copies of transfer mechanisms are available on request.

8. SECURITY MEASURES

• TLS 1.3 encryption in transit; AES-256 at rest
• Zero-trust network architecture
• Role-based access controls & MFA for staff
• Annual ISO 27001-aligned security audits
• Continuous vulnerability scanning & penetration testing
• Secure software development lifecycle (SSDLC)

9. DATA RETENTION

10. AUTOMATED DECISION-MAKING & PROFILING (ADM)

We use limited ADM in fraud detection and dynamic resource allocation. No decision producing legal or similarly significant effects is made without human review.

• Users may:
  
  • Request human intervention.
  • Express their viewpoint.
  • Contest a decision.

We do not use ADM for creditworthiness, employment, or health diagnostics.

11. BIOMETRIC DATA POLICY

• Biometric collection is opt-in and used solely for on-device authentication.
• Templates are stored in secure enclave hardware or encrypted at rest; raw images are deleted immediately.
• Templates are deleted within 24 hours after account deletion or opt-out.
• We obtain separate, explicit written consent before processing biometrics for any new purpose.
• We do not share biometric data with third parties except our authentication provider, acting as a processor under a DPA.

12. DATA BREACH RESPONSE & NOTIFICATION

• Detection: 24 × 7 security monitoring with automated alerts.
• Containment: Immediate isolation of affected systems.
• Assessment: Determine scope, affected records, and risk.
• Notification: Notify supervisory authorities within 72 hours and affected users without undue delay where required.
• Remediation: Apply fixes, rotate keys, and update controls.
• Documentation: Record full incident details for regulatory review.

13. CHILDREN'S PRIVACY

Our Services are not directed to children under 13 (U.S.) or under 16 (EU) unless parental consent is obtained. We delete any data collected from a child without verified consent.

14. USER RIGHTS & REQUESTS

We respond within 30 days (45 days for CCPA). Appeals process available where mandated.

15. THIRD-PARTY SERVICES LIST (Illustrative)

Full list and DPAs available on request.

16. UPDATES

We will post any changes on this page, update the "Last Updated" date, and notify users via email or in-app alert 7 days before changes take effect when the revisions are material.

17. CONTACT & DATA PROTECTION OFFICER

Protriden Technologies
Attn: Data Protection Officer (DPO)
Srinivas Sulochana Complex,
Chikkensal Road, Kundapur Taluk,
Udupi District Pin: 576201
Email: info@protridentechnologies.com
Phone: +91 9108237814

EU residents may also lodge complaints with their local supervisory authority.

18. COMPLAINT ESCALATION

If you believe we have not addressed your concern, you may escalate to:

• EU: Data Protection Authority in your member state
• UK: Information Commissioner's Office (ICO)
• Brazil: National Data Protection Authority (ANPD)
• U.S.: Federal Trade Commission (FTC)

19. GOVERNING LAW, LIMITATION OF LIABILITY & INDEMNIFICATION

• Governing Law: This Policy is governed by the laws of India. Disputes fall under the jurisdiction of the courts in Kundapur, Karnataka, without prejudice to your rights under applicable data protection laws in your jurisdiction.
• Limitation of Liability: To the fullest extent permitted by law, Protriden Technologies and its affiliates, officers, directors, employees, agents, and service providers shall not be liable for any indirect, incidental, special, consequential, punitive, or exemplary damages arising out of or in connection with this Privacy Policy or your use of the Services. Our maximum aggregate liability shall not exceed the total fees paid by you in the preceding 12 months for the applicable Service.
• No Warranty: ALL INFORMATION AND SERVICES ARE PROVIDED “AS IS” AND “AS AVAILABLE” WITHOUT WARRANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED, OR STATUTORY.
• Indemnification: You agree to indemnify, defend, and hold harmless Protriden Technologies and its affiliates, officers, directors, employees, agents, and service providers from any claims, liabilities, damages, losses, or expenses (including reasonable legal fees) arising out of or in connection with:
  1. Your breach of this Policy or applicable law
  2. Your misuse of the Services
  3. Your violation of any third-party rights

20. ACCESSIBILITY

We are committed to accessibility. If you need this Policy in an alternative format or have accessibility concerns, contact us at info@protridentechnologies.com.