Introduction

At Promindlift, we understand that trusting someone with your business data isn't something you take lightly. This privacy policy explains how we collect, use, and protect your information when you work with our cybersecurity services.

We're based in India and operate under Indian data protection laws, but we've written this policy in plain English because legal jargon shouldn't be a barrier to understanding your rights. If something here doesn't make sense, just ask us.

Information We Collect

The nature of our cybersecurity work means we need access to different types of information. Here's what we typically collect and why:

How We Use Your Information

We're not in the business of selling data or bombarding you with irrelevant marketing. Your information serves specific purposes related to protecting your business:

• Delivering cybersecurity services and system updates you've requested
• Monitoring and responding to security threats affecting your infrastructure
• Communicating about service status, security alerts, and system maintenance
• Improving our services based on real-world security challenges we encounter
• Meeting legal and compliance requirements under Indian cybersecurity regulations
• Providing technical support and troubleshooting assistance

Data Sharing and Third Parties

We don't share your information casually. When we do share data, it's for specific reasons that benefit your security:

We may share information with trusted security vendors when investigating threats, with legal authorities when required by Indian law, or with technical partners who help us deliver specific security services. These partners are bound by strict confidentiality agreements.

We never sell your data to marketers or unrelated third parties. Your business information stays focused on business security purposes.

Data Security Measures

Given our expertise in cybersecurity, we take protecting your data seriously. We use enterprise-grade encryption for data transmission and storage, maintain secure servers with regular security updates, and limit access to your information to team members who need it for your service.

We conduct regular security audits of our own systems and follow the same security standards we recommend to our clients. However, no system is completely immune to all threats, which is why we also maintain incident response procedures.

Your Rights and Control

Under Indian data protection laws, you have specific rights regarding your information. You can request access to the data we hold about you, ask for corrections to inaccurate information, or request deletion of data that's no longer needed for active services.

You can also object to certain types of data processing or request that we transfer your data to another provider. We'll handle these requests within reasonable timeframes, though some security-related data may need to be retained for compliance purposes.

Data Retention

We keep your information only as long as necessary for providing services and meeting legal requirements:

International Data Transfers

Most of your data stays within India, but some security monitoring services involve international threat intelligence networks. When data crosses borders, we ensure appropriate safeguards are in place and that receiving countries have adequate data protection standards.

We'll inform you if your specific security setup requires international data processing and explain the protections involved.

Policy Updates

Cybersecurity regulations and best practices evolve, so this policy may change occasionally. We'll notify you of significant updates via email or through our client portal. Minor clarifications might be updated here with revised dates.

Continued use of our services after policy changes indicates acceptance of the updated terms.