Privacy Policy

Your data privacy and security are our highest priority.

1 Introduction and Scope

UltraCorr IT Private Limited ("we," "us," or "our") is committed to protecting your privacy in compliance with Indian data protection laws. This Privacy Policy explains how we collect, use, disclose, and protect your personal data when you use our website (https://www.ultracorrit.com) and services.

This policy is formulated in accordance with the Information Technology Act, 2000 and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 ("SPDI Rules"). It also incorporates requirements under the Digital Personal Data Protection Act, 2023 ("DPDP Act"). The policy applies to all personal data collected in digital format or non-digitized data subsequently digitized.

By using our Site or services, you consent to the practices described herein. For the purpose of this policy, "Data Principal" refers to the individual to whom the personal data relates, and "Data Fiduciary" refers to our role in determining the purpose and means of processing personal data.

2 Information We Collect

2.1 Categories of Personal Data Collected

We collect the following types of personal information in compliance with the data minimization principle under the DPDP Act:

  • Personal Identifiers: Name, email address, phone number, postal address, organization name, job title
  • Professional Information: Employment history, educational background, professional certifications
  • Technical Data: IP address, browser type, device identifier, operating system, pages visited, time stamps, referring URLs
  • Sensitive Personal Data (as defined under SPDI Rules): Passwords, financial information, but only when absolutely necessary for service delivery
  • Communications Records: Records of your communications with us including email, chat, and support requests

2.2 Methods of Collection

Collection Method Type of Data Collected Legal Basis
Contact forms Name, email, organization, phone Explicit consent
Newsletter sign-ups Email address, preferences Explicit consent
Technical automated collection IP address, browser data, cookies Legitimate interest
Service communications Support requests, inquiry details Contract performance

3 How We Use Your Information (Purpose and Legal Basis)

We use your personal data for the following purposes, adhering to the principle that personal data can only be processed for the purpose specified at the time of collection:

  • Service Provision: To provide, maintain, and improve our services and the Site, including processing transactions and delivering requested services
  • Customer Support: To respond to your inquiries, questions, or requests, and provide technical support
  • Marketing Communications: To send you information, newsletters, or marketing communications only with your explicit consent, with clear opt-out options in every communication
  • Analytics and Improvement: To monitor usage patterns, analyze trends, and enhance user experience through data analysis
  • Security and Compliance: To detect, prevent, or address technical issues, security breaches, and comply with legal obligations under Indian laws

We ensure that processing is limited to only those items of personal data that are required for attaining a specific purpose as mandated by the DPDP Act.

4 How We Share Your Information

We may disclose your personal data in the following circumstances, always ensuring appropriate safeguards:

  • Service Providers: With vendors, contractors, or agents who help us operate our Site or provide services (e.g., hosting, analytics, email delivery), under strict confidentiality agreements
  • Legal Compliance: When required to comply with applicable laws, regulations, legal processes, or governmental requests, including to the Data Protection Board of India once established
  • Business Transfers: In connection with any merger, sale of company assets, financing, or acquisition of all or a portion of our business, with notice to affected users
  • With Your Consent: For any other purpose disclosed to you with your prior explicit consent

Under the SPDI Rules, disclosure of sensitive personal data to third parties requires prior permission from the provider of such information.

5 Your Rights Under Indian Laws

5.1 Specific Rights Under DPDP Act and IT Act

As a Data Principal, you have the following rights under Indian laws:

  • Right to Access: You can request information about what personal data we hold about you and how it is being processed
  • Right to Correction and Erasure: You may ask that your personal data be corrected, updated, or deleted when it is no longer necessary for the purpose collected
  • Right to Consent Management: You have the right to give, withdraw, or modify consent for data processing at any time
  • Right to Grievance Redressal: You may approach our Grievance Officer (details in Section 12) or the Data Protection Board for complaint resolution
  • Right to Nomination: You can nominate another individual to exercise your rights in the event of death or incapacity

5.2 Procedures for Exercising Your Rights

To exercise any of these rights, please contact our Grievance Officer using the details provided in Section 12. We will respond to legitimate requests within 30 days as required by Indian regulations, after verifying your identity to prevent unauthorized access.

6 Data Security Measures

We implement reasonable security practices and procedures as required under Section 43A of the IT Act, including:

  • Administrative Safeguards: Privacy training for employees, access controls, and security policies
  • Technical Safeguards: Encryption, firewalls, secure network infrastructure, and regular security assessments
  • Physical Safeguards: Secure access to our facilities and storage systems

In accordance with the IT Act, we maintain documented information security programs and implement IS/ISO/IEC 27001 standard security practices or other standards approved by the government. However, no method of transmission over the Internet or electronic storage is 100% secure.

7 Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required or permitted by law. Our retention practices follow the storage limitation principle of the DPDP Act, ensuring data is kept only for the duration necessary for the stated purpose.

Specific retention periods are based on:

  • The purpose for which we collected and process the data
  • Legal obligations under Indian laws (e.g., tax requirements requiring retention for 5-7 years)
  • Operational requirements such as ongoing customer relationships

Upon expiration of the retention period, we securely delete or anonymize your data so it can no longer identify you.

8 International Data Transfers

If your data is transferred outside India, we ensure that such transfers comply with the cross-border data transfer restrictions under the DPDP Act. We will only transfer data to countries or entities that provide adequate levels of protection or under approved contractual arrangements that ensure comparable security standards.

For international transfers, we implement appropriate safeguards such as:

  • Standard contractual clauses approved by Indian authorities
  • Technical and organizational measures to secure data during transfer
  • Due diligence on recipients' security practices

9 Specific Legal Compliance for Indian Jurisdiction

9.1 Compliance with SPDI Rules

In accordance with the SPDI Rules, we:

  • Provide a clear privacy policy that is easily accessible on our website (https://www.ultracorrit.com/privacy-policy)
  • Obtain explicit consent in writing or through electronic means before collecting sensitive personal data
  • Offer an option to opt-out of providing data and allow withdrawal of consent
  • Designate a Grievance Officer whose contact details are published on our website

9.2 Compliance with DPDP Act

Under the DPDP Act, we adhere to the following principles:

  • Lawful, Fair, and Transparent Processing: We process data lawfully and transparently
  • Purpose Limitation: We use data only for the specified purpose at collection
  • Data Minimization: We collect only necessary data for the stated purpose
  • Data Accuracy: We make reasonable efforts to ensure data accuracy
  • Storage Limitation: We retain data only as long as necessary
  • Accountability: We are accountable for compliance with these principles

9.3 Telangana Government Considerations

While India has a federal data protection framework with the DPDP Act as the overarching law, we also comply with any specific requirements under Telangana state laws that may apply to our operations. Currently, there are no specific data protection bylaws in Telangana that override the national framework, but we monitor for any regional developments.

10 Cookies and Tracking Technologies

We use cookies and similar technologies to enhance user experience, analyze site usage, and deliver personalized content. Our practices comply with the consent requirements under Indian laws.

  • Types of Cookies Used: Essential (necessary for site functionality), analytical (site usage analysis), and preference cookies (remembering your settings)
  • Consent Mechanism: We obtain consent through a clear cookie banner when you first visit our site
  • Control Options: You can manage cookie preferences through your browser settings or our cookie preference center (https://www.ultracorrit.com/cookie-preferences)

11 Children's Privacy

Our services are not directed to children under the age of 18. We do not knowingly collect personal data from minors without verified parental consent in accordance with the DPDP Act. If we discover that a minor has provided us with personal data without appropriate consent, we will take steps to delete such information promptly.

12 Grievance Officer and Contact Information

In compliance with the SPDI Rules, we have designated a Grievance Officer to address your privacy-related concerns. For any questions, requests, or complaints regarding this Privacy Policy or your personal data, please contact:

Grievance Officer
UltraCorr IT Private Limited

Email: info@ultracorrit.com with subject "Attention: Grievance Officer"

Phone: +91 7674094179

Response Time: Within 30 days as required under Indian regulations

You also have the right to approach the Data Protection Board of India once established under the DPDP Act for redressal of complaints.

13 Policy Updates and Amendments

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. The "Last updated" date at the top indicates when the latest revisions were made. We will notify users of material changes through prominent notices on our website (https://www.ultracorrit.com) or direct communication.

In accordance with the principle of transparency, we will indicate the version history of this policy, and users will be able to access previous versions upon request by contacting our Grievance Officer. Continued use of our services after changes constitutes acceptance of the updated policy.