Privacy Policy
Last updated: 03 May 2026 · Effective Date: 03 May 2026
Data Fiduciary: VENSYAM Business Systems (OPC) Private Limited
CIN U62090TS2026OPC209682 · GSTIN 36AALCV7757R1Z2
Registered Office: 5th Floor, Flat No. 509, Giridhari Ishta Apartment, Don Bosco Nagar, Rajendranagar, Kismatpur, Rangareddy District, Hyderabad – 500086, Telangana, India.
This Privacy Policy describes how VENSYAM Business Systems (OPC) Private Limited ("VENSYAM", "we", "us", or "our") collects, uses, shares, and protects personal data when you visit vensyam.com, engage us for software services, or interact with our platforms. We are committed to processing your personal data lawfully under the Digital Personal Data Protection Act, 2023 ("DPDP Act") and applicable Indian law.
1. Information We Collect
We collect personal data that you provide to us directly and limited technical data automatically through our website. Specifically:
- Identity & Contact Data: name, email address, phone number, company name, GSTIN, billing address, shipping address.
- Engagement Data: project requirements, scope documents, signed contracts, payment records, invoices, support tickets, communications.
- Account Data: usernames, hashed passwords, authentication tokens, role/permission assignments for our hosted platforms.
- Technical Data: IP address, browser type, device type, operating system, referring URL, pages visited, session duration, and similar telemetry collected via standard server logs and cookies.
- Marketing Data: your preferences for receiving newsletters or product updates, with the option to opt out at any time.
2. How We Use Your Information
We process personal data for the following lawful purposes:
- To deliver software development, hosting, integration, and support services you have engaged us for.
- To create and manage your account, authenticate access, and personalise dashboards.
- To raise invoices, process payments, and meet GST and tax compliance obligations.
- To respond to enquiries, provide technical support, and communicate service changes.
- To monitor, secure, and improve our website and platforms (including detection of fraud, abuse, and unauthorised access).
- To comply with applicable law, regulatory orders, court orders, or law-enforcement requests.
- To send marketing communications where you have given consent — you may withdraw consent at any time.
3. Sharing & Disclosure
We do not sell your personal data. We share personal data only with:
- Service providers who help us operate our business (e.g., cloud hosting, email delivery, payment gateways, accounting), bound by written contracts and confidentiality obligations.
- Legal and regulatory authorities when required by law, regulation, court order, or to protect our or others' rights, property, or safety.
- Successor entities in connection with a merger, acquisition, restructuring, or sale of business assets, subject to continuing protection of your data.
4. Cookies & Tracking
We use a minimum set of cookies for session management, security (CSRF protection), and basic analytics. You can control cookies through your browser settings, although disabling them may affect site functionality.
5. Data Retention
We retain personal data only as long as necessary to fulfil the purposes for which it was collected, to satisfy our legal, tax, and accounting obligations (typically 8 years for financial records under Indian law), and to defend or pursue legal claims. After retention periods expire, data is securely deleted or anonymised.
6. Your Rights Under the DPDP Act
Subject to applicable conditions, you have the right to:
- Obtain a summary of personal data we hold about you and how we process it.
- Request correction of inaccurate or incomplete personal data.
- Request erasure of personal data that is no longer required for the purpose it was collected.
- Withdraw any consent you have given, where processing is based on consent.
- Nominate another individual to exercise your rights in the event of death or incapacity.
- Lodge a grievance with our Grievance Officer (see Section 11) and, if unresolved, with the Data Protection Board of India.
7. Security
We implement reasonable technical and organisational measures aligned with ISO 27001 principles, including TLS encryption in transit, role-based access controls, hashed credentials, periodic backups, and security patching. No system is 100% secure; we will notify you and the appropriate authority of personal data breaches within statutory timelines.
8. International Transfers
Where your personal data is processed outside India (for example, via cloud regions operated by AWS or other providers), we ensure equivalent safeguards through contractual commitments and only transfer to jurisdictions not restricted by the Government of India.
9. Children
Our services are intended for businesses and adults. We do not knowingly collect personal data from children under 18 years of age. If you believe a child has shared personal data with us, please contact us and we will delete it promptly.
10. Changes to This Policy
We may update this Privacy Policy from time to time. The "Last updated" date at the top of this page indicates when changes took effect. Material changes will be highlighted on our website or notified by email where appropriate.
11. Grievance Officer
In accordance with the DPDP Act, 2023 and the Information Technology Act, 2000:
Mr. Mallavarapu Venkatarami Reddy · Director & Grievance Officer
Email:
[email protected]
Address: 5th Floor, Flat No. 509, Giridhari Ishta Apartment, Don Bosco Nagar, Rajendranagar, Kismatpur, Rangareddy District, Hyderabad – 500086, Telangana, India.
Response time: within 30 days of a written request.
12. Contact Us
For any other privacy-related question, write to us at [email protected] or use the Contact Us form on our website.
