Krivishkar LogoKrivishkar
Privacy Policy

Privacy Policy

1. Scope and Applicability

This Policy applies to:

  • All data processed through our corporate website, client portals, SaaS products, or mobile applications.
  • All personal data processed on behalf of our clients as part of our service engagements.
  • All internal processing of employee, vendor, and third-party data.

2. Categories of Data We Collect

Depending on the nature of the interaction, we may collect the following data:

2.1. Client and End-User Data

  • Full Name, Email, Phone Number, Designation
  • Company Name, Address, Industry
  • Authentication credentials (usernames, encrypted passwords)
  • Device identifiers, browser/user agent info
  • IP address, location, and usage logs

2.2. Website Usage & Tracking

  • Cookies and tracking pixels
  • Time spent, pages visited, referral sources

2.3. Technical and System Data

  • Application logs
  • Debugging information
  • Performance monitoring metrics

3. Legal Basis for Processing

We process personal data based on:

  • Consent – where required under applicable law
  • Contractual necessity – for delivering agreed-upon services
  • Legitimate interest – in operating and improving our offerings
  • Legal obligations – such as tax or compliance requirements

4. Use of Information

We use the data we collect for the following purposes:

  • Delivering and maintaining our services
  • Managing customer relationships and support
  • Personalizing user experiences and interface
  • Billing and transactional communication
  • Analyzing usage trends and improving products
  • Ensuring security and detecting fraud
  • Meeting regulatory and legal obligations

5. Disclosure and Sharing

We do not sell personal information. We may share it with:

  • Authorized Employees – bound by confidentiality obligations
  • Third-party Service Providers – such as cloud platforms, analytics providers, payment processors (under Data Processing Agreements)
  • Regulatory Authorities – if legally required
  • Subcontractors or Freelancers – engaged under strict NDA and DPA terms

6. Cookies and Tracking Technologies

Our websites and applications may use:

  • Essential cookies – for navigation and login
  • Analytics cookies – e.g., Google Analytics for performance tracking
  • Marketing pixels – only if consented by the user

You may control or disable cookies through your browser settings at any time.

7. Data Security and Protection

We implement industry-standard security measures, including but not limited to:

  • Data encryption at rest and in transit
  • Secure coding practices and regular vulnerability assessments
  • Firewalls, anti-malware, and intrusion detection systems
  • Access control, role-based authentication, and audit logging

We follow ISO/IEC 27001:2013-aligned security practices.

8. International Data Transfers

We may transfer and store data in jurisdictions outside your home country. In such cases, we ensure:

  • Appropriate safeguards such as Standard Contractual Clauses (SCCs) or Data Processing Agreements (DPAs)
  • Hosting data in secure, compliant data centers (e.g., AWS, Azure)

9. Data Retention

We retain personal data for the duration necessary to:

  • Fulfill the purpose for which it was collected
  • Comply with legal and regulatory obligations
  • Support audit, dispute resolution, and business continuity

Data is securely deleted or anonymized after the retention period.

10. Your Rights (GDPR, CCPA, etc.)

Depending on your jurisdiction, you may have the right to:

  • Access your personal data
  • Request correction or deletion
  • Object to or restrict processing
  • Request data portability
  • Withdraw previously granted consent
  • Lodge complaints with a supervisory authority

11. Data Breach Notification

In the event of a data breach involving personal data:

  • We will assess the impact immediately
  • Notify affected individuals and authorities (within 72 hours, as required by GDPR)
  • Take remedial and corrective actions

12. Children’s Privacy

We do not knowingly collect or process data from individuals under the age of 16 without verified parental consent, unless permitted by law.

13. Policy Updates

We reserve the right to update this Privacy Policy from time to time to reflect legal, regulatory, or operational changes.

All changes will be published with a revised “Effective Date.” Clients will be notified of material changes via email or system notifications.

14. Annexures (If Required for Enterprise Clients)

  • Data Processing Agreement (DPA)
  • Information Security Policy Summary
  • Third-party Subprocessor List
  • Cookie Policy Document

Grow Your Business with Software & Automation

Stop worrying about lost registers or damaged records. Use our software to see daily, weekly, and monthly reports and analyze how your business is doing and where you should focus more.

Explore Our Portfolio

30%

Cost Saving

50%

Growth

2x

Scaling