Privacy Policy

1. Introduction

Spartan Labs Software Private Limited ("Spartan Labs," "we," "us," or "our"), a company incorporated under the laws of India, is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website spartanlabs.in or use our services, in compliance with the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and the Digital Personal Data Protection Act, 2023 (DPDP Act).

2. Information We Collect

2.1 Personal Data

We may collect the following personal information when you interact with our services:

• Name and contact details (email address, phone number)
• Company name and designation
• Website/product URL
• Communication preferences
• Payment information (processed securely via third-party payment gateways)
• Any other information you voluntarily provide

2.2 Automatically Collected Information

• IP address and device information
• Browser type and version
• Pages visited and time spent on our website
• Referring website addresses
• Cookies and similar tracking technologies

3. Purpose of Data Collection

We collect and process your data for the following lawful purposes:

• To provide and maintain our services
• To process transactions and send related information
• To respond to your inquiries and provide customer support
• To send promotional communications (with your consent)
• To improve our website and services
• To comply with legal obligations under Indian law
• To protect our rights and prevent fraud

4. Legal Basis for Processing (DPDP Act Compliance)

Under the Digital Personal Data Protection Act, 2023, we process your personal data based on:

• Consent: You have given clear consent for processing your personal data for specific purposes
• Contractual Necessity: Processing is necessary to fulfill a contract with you
• Legal Obligation: Processing is necessary to comply with Indian law
• Legitimate Interest: Processing is in our legitimate business interests, balanced against your rights

5. Data Sharing and Disclosure

We do not sell your personal data. We may share your information with:

• Service Providers: Third-party vendors who assist in our operations (payment processors, email services, analytics)
• Legal Requirements: When required by Indian law, court order, or government authorities
• Business Transfers: In connection with any merger, acquisition, or sale of assets
• With Your Consent: For any other purpose with your explicit consent

6. Data Security

We implement reasonable security practices and procedures as mandated under the IT (Reasonable Security Practices and Procedures) Rules, 2011. This includes:

• Encryption of sensitive data in transit and at rest
• Secure access controls and authentication mechanisms
• Regular security assessments and audits
• Employee training on data protection practices
• Incident response procedures for data breaches

7. Your Rights Under Indian Law

Under the DPDP Act, 2023, you have the following rights:

• Right to Access: Request information about what personal data we hold about you
• Right to Correction: Request correction of inaccurate or incomplete data
• Right to Erasure: Request deletion of your personal data (subject to legal obligations)
• Right to Withdraw Consent: Withdraw consent at any time for consent-based processing
• Right to Grievance Redressal: Lodge complaints with our Grievance Officer or the Data Protection Board of India
• Right to Nominate: Nominate another person to exercise your rights in case of death or incapacity

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable Indian laws. When data is no longer needed, we securely delete or anonymize it.

9. Cross-Border Data Transfers

If we transfer your personal data outside India, we ensure appropriate safeguards are in place as per the DPDP Act, 2023, and any notifications issued by the Central Government regarding permitted jurisdictions for data transfer.

10. Cookies Policy

We use cookies and similar tracking technologies to enhance your browsing experience. You can control cookie preferences through your browser settings. Essential cookies are necessary for website functionality, while analytics and marketing cookies require your consent.

11. Children's Privacy

Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal data from children. If we become aware of such collection, we will take steps to delete the information as required under the DPDP Act.

12. Grievance Officer

In accordance with the Information Technology Act, 2000 and DPDP Act, 2023, we have appointed a Grievance Officer to address your concerns:

13. Updates to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. We encourage you to review this policy periodically.