Privacy Policy

Decimal Point Analytics Pvt. Ltd. (“DPA”, “we”, “our”, or “us”) respects your privacy and is committed to protecting the personal information you share with us. This Privacy Policy explains how we collect, receive, use, store, disclose, and safeguard personal information when you visit our website www.decimalpointanalytics.com or use our services in accordance with applicable data-protection laws, including the Digital Personal Data Protection Act, 2023 and other relevant Indian regulations.

By using our website, you agree to the terms of this Privacy Policy.

The purpose of this policy is to inform individuals about the types of personal data DPA collects, the reasons for collection, how such data is used and to demonstrate DPA’s commitment to privacy compliance, build trust with users, clients, and stakeholders.

Scope

• This Privacy Policy shall be governed by and construed in accordance with the laws of India. Any dispute arising from this Policy or the processing of personal information shall fall under the exclusive jurisdiction of the competent courts in Mumbai, Maharashtra, India.

• "Personal Information" means any data that can identify, relate to, describe, or be associated directly or indirectly with a specific individual.

• "Processing" means any operation or set of operations performed on personal information, including but not limited to collection, recording, organisation, storage, adaptation, retrieval, use, disclosure, transmission, or protection of such information.

Personal Information We Collect

We may collect or receive personal information through:

• Directly from you: when you voluntarily provide data via online forms, emails, surveys, inquiries, job applications, or other direct interactions with us.

• Automatically through our digital platforms: when you access or use our websites, portals, or online services, certain information (such as IP address, browser type, device identifiers, and usage behaviour) may be collected automatically using cookies or similar technologies to improve user experience and system security.

• Third-party information: if you interact with us through social media, or if we receive information from trusted partners (with your consent where required).

Examples of data collected: name, job title, organisation, email, country, phone, address, gender, date of birth, education, work experience, geolocation, photographs, video or audio recordings, and interaction data (such as links clicked or pages visited).

DPA does not generally collect sensitive / special-category data (e.g. race, religion, health, sexual orientation) except where required for employment or legal purposes and only with explicit consent or lawful necessity.

Consent when you have expressly agreed to the processing; such consent may be withdrawn at any time by contacting us. Even after consent is withdrawn, DPA may continue processing where required by law or contractual necessity. If you choose not to provide certain information, disable cookies or withdraw consent, we may be unable to deliver specific services or features that depend on that data, though we will strive to maintain access to other available services.

DPA does not knowingly collect information about children.

How we use your information

DPA processes personal data only for legitimate, specific, and transparent purposes, including:

• Service Delivery: to provide, operate, maintain, and improve our products and services, including account management, technical support, and functionality enhancements.

• Communication: to respond to enquiries and send service-related notifications, updates, or important announcements.

• Billing and Payments: to process transactions, manage subscriptions, and issue invoices.

• Security and Fraud Prevention: to meet obligations under applicable laws, regulations, legal processes, or governmental requirements.

• Compliance with Legal or Regulatory Obligations: to process transactions, manage subscriptions, and issue invoices.

• Internal Operations and Analytics: to monitor performance, analyse usage trends, conduct research, and develop new features (often using aggregated or anonymised data).

• Marketing and Business Development:to send promotional communications about our services, offers, or events (only where consent or legitimate interest applies, with clear opt-out options) in order to maintain relationships through newsletters, invitations, feedback requests, and permitted marketing.

• Personalisation: to verify identity, manage accounts, tailor content and enhance your experience with our website and services.

• Contractual Necessity: to fulfil obligations under client, vendor, or employment agreements to support employment, recruitment, vendor, and alumni relations.

Disclosure and Sharing

DPA may share personal information with:

• Service providers and business partners who assist in operations under contractual confidentiality obligations.

• Government authorities or courts, when required by law or legal process.

• Cross-border transfers: Personal data may be transferred across national borders, including to countries with different data-protection standards. In such cases, DPA implements appropriate contractual, organisational, and technical safeguards to ensure a level of protection consistent with Indian law.

• All cross-border transfers occur only for lawful purposes and with adequate protection of the individual’s rights.

DPA confirms that it does not sell personal information received through any channel.

Information / Data Security

• DPA employs reasonable administrative, physical, and technical controls to protect personal data against unauthorised access, alteration, disclosure, or destruction..

• While DPA maintains robust security practices, no electronic system is completely secure, and absolute protection of data cannot be guaranteed.

• In the event of a data breach, DPA will act in accordance with applicable legal requirements and notify affected parties as required by the DPDP Act.

Information / Data Retention

DPA retains personal data for the longest of the following:

• The period necessary to fulfil the relevant activity or service (typically seven years).

• Any longer period required by law or professional obligation.

• The duration of potential litigation or investigations plus a reasonable subsequent period. After expiry, information is securely deleted or anonymised.

Data Subject Rights

In line with applicable data-protection principles, individuals have the following rights:

• Right to Know: to request details about personal data collected, its sources, disclosures, and purpose of use.

• Right to Consent: to give or withdraw explicit consent for collection and processing.

• Right of Access: to request access to personal data held by DPA.

• Right to Correction: to have inaccurate or incomplete data updated.

• Right to Erasure: to request deletion of data no longer required or lawful to retain.

• Right to Restrict Processing: to limit processing in certain circumstances (e.g. data accuracy dispute or unlawful processing).

• Right to Data Portability: to receive data in a structured, machine-readable format.

• Right to Object: to object to processing based on legitimate interests or direct marketing.

• Right against Automated Decisions: to not be subject to decisions made solely through automated processing.

• Right to Nominate: to nominate an authorised person to exercise rights on the individual’s behalf.

• Right to Non-Retaliation: to ensure no discrimination for exercising any data-privacy rights.

Review and Update

• This Privacy Policy is reviewed periodically to maintain compliance with evolving laws, industry standards, and DPA’s internal security practices.

• Any updates will be published on our website with the revised effective date, and material changes will be communicated when appropriate.