Discover – How customer communication is driving brands to achieve their sales goals in 2025. Read More
Your Privacy Matters

Privacy Policy

Learn how Mindserv collects, uses, and protects your information in compliance with Indian data protection laws

Last Updated: March 15, 2025

1. Introduction

Mindserv Analytics Pvt. Ltd. ("Mindserv", "we", "us", or "our") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our CPaaS (Communications Platform as a Service) solutions, including our messaging, voice, email, and contact centre services.

We operate in compliance with the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and the Digital Personal Data Protection Act, 2023 (DPDP Act) of India. By accessing or using our services, you consent to the practices described in this policy.

2. Information We Collect

We collect several types of information from and about users of our services, including:

2.1 Personal Information

  • Contact Information: Name, email address, phone number, company name, job title, and billing address.
  • Account Credentials: Username, password, and other authentication details.
  • Payment Information: Billing details, GST numbers, and transaction history (processed through secure payment gateways).
  • Communication Data: Message content, call logs, IVR interactions, and delivery reports as part of our CPaaS services.

2.2 Technical Information

  • Usage Data: IP addresses, browser type, device information, operating system, and pages visited.
  • Cookies and Tracking Technologies: We use cookies, web beacons, and similar technologies to enhance user experience and analyze service usage.
  • API Integration Data: Information collected through our APIs when you integrate our services with your applications.

Note: As a CPaaS provider, we act as a "data processor" for our business customers. The content of messages, calls, and communications sent through our platform is processed on behalf of our customers, who are responsible for ensuring compliance with applicable privacy laws.

3. How We Use Your Information

We use the information we collect for various purposes, including:

  • Providing Services: To deliver our CPaaS solutions, process transactions, and manage your account.
  • Service Improvement: To analyze usage patterns, troubleshoot issues, and enhance platform performance.
  • Customer Support: To respond to inquiries, resolve issues, and provide technical assistance.
  • Communication: To send service updates, billing information, and marketing communications (with your consent).
  • Security and Compliance: To detect fraud, ensure data security, and comply with legal obligations under Indian laws.
  • DLT Registration: To assist with Distributed Ledger Technology (DLT) registration as required by TRAI for SMS and voice services.

4. Legal Basis for Processing (DPDP Act Compliance)

Under the Digital Personal Data Protection Act, 2023, we process your personal data based on the following legal grounds:

  • Consent: Where you have provided explicit consent for specific processing activities.
  • Contractual Necessity: To fulfill our obligations under the Terms of Service.
  • Legal Obligation: To comply with applicable Indian laws and regulatory requirements.
  • Legitimate Interests: For purposes such as fraud prevention, network security, and service improvement, provided your interests do not override these interests.

5. Information Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share information in the following circumstances:

  • Service Providers: With trusted third-party vendors who assist in operating our platform (e.g., cloud hosting, payment processing, analytics) under strict confidentiality agreements.
  • Telecom Operators: With telecommunications service providers to enable message and call delivery as part of our CPaaS services.
  • Regulatory Authorities: When required by law, court order, or government agency (e.g., TRAI, DoT, law enforcement).
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, with notice to affected users.
  • With Your Consent: When you have given explicit consent for specific sharing purposes.

6. Data Retention

We retain your personal information only as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required or permitted by law. Specific retention periods include:

  • Account Information: Retained until account closure, plus a reasonable period for legal and audit purposes.
  • Communication Logs: Message and call logs are retained in accordance with TRAI and DoT regulations (typically 6-12 months).
  • Transaction Records: Retained for 8 years as required under Indian tax laws.
  • Usage Analytics: Anonymized data may be retained indefinitely for analytical purposes.

7. Data Security

We implement robust security measures to protect your information, including:

  • End-to-end encryption for sensitive data transmission
  • Secure data centers with 24/7 monitoring and access controls
  • Regular security audits and penetration testing
  • ISO 27001 certified information security management system
  • Employee training on data protection and confidentiality
  • Multi-factor authentication for account access

While we strive to protect your data, no method of transmission over the Internet or electronic storage is 100% secure. We encourage you to take precautions to protect your account credentials.

8. Your Rights Under DPDP Act

Under the Digital Personal Data Protection Act, 2023, you have the following rights:

  • Right to Access: Request a summary of your personal data we hold.
  • Right to Correction: Update or correct inaccurate information.
  • Right to Erasure: Request deletion of your data, subject to legal obligations.
  • Right to Grievance Redressal: Lodge complaints about data processing.
  • Right to Withdraw Consent: Withdraw consent for specific processing activities.
  • Right to Nominate: Nominate an individual to exercise rights in case of death or incapacity.

To exercise these rights, please contact our Data Protection Officer at [email protected]. We will respond within 30 days as mandated by law.

9. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience on our website. These include:

  • Essential Cookies: Required for website functionality and security.
  • Analytics Cookies: To understand how visitors interact with our site (Google Analytics).
  • Preference Cookies: To remember your settings and preferences.
  • Marketing Cookies: To deliver relevant advertisements (with your consent).

You can control cookie preferences through your browser settings. Disabling certain cookies may affect website functionality.

10. Third-Party Links and Services

Our website and services may contain links to third-party websites, plugins, and applications. Clicking on those links may allow third parties to collect or share data about you. We do not control these third-party sites and are not responsible for their privacy practices. We encourage you to read the privacy policies of any site you visit.

11. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal data, please contact us immediately, and we will take steps to delete such information.

12. International Data Transfers

Your information may be transferred to and processed in countries other than India where our servers and service providers are located. When we transfer data internationally, we ensure appropriate safeguards are in place, including standard contractual clauses and compliance with applicable data protection laws.

13. Grievance Redressal Mechanism

In compliance with Indian IT Rules, 2021 and DPDP Act, 2023, we have appointed a Grievance Officer to address any concerns regarding your personal data:

Grievance Officer: [Name of Officer]

Email: [email protected]

Phone: 011-3540-2000 (Ext. 123)

Address: D-15, Second Floor, Okhla Phase-1, New Delhi-110020

We acknowledge complaints within 24 hours and resolve them within 30 days as per regulatory requirements.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or operational needs. We will notify you of material changes by posting the updated policy on our website with a revised "Last Updated" date. We encourage you to review this policy periodically.

Questions About Our Privacy Policy?

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us:

[email protected]

011-3540-2000

D-15, Second Floor, Okhla Phase-1, New Delhi-110020