Legal & Compliance
Privacy Policy
Your privacy matters. Transparent policies aligned with Indian and global standards.
📋 Plain Language Summary: This Privacy Policy explains how RAYSolute Consultants collects, uses, stores, and protects your personal data. We are committed to transparency and compliance with India's Digital Personal Data Protection Act, 2023 (DPDP Act), the Information Technology Act, 2000, and where applicable, the EU/UK GDPR. You have rights over your data, including access, correction, and deletion.
🏢 1. Data Controller
For the purposes of the Digital Personal Data Protection Act, 2023 (DPDP Act) and applicable data protection laws, the Data Fiduciary (controller) is:
RAYSolute Consultants
Proprietor: Aurobindo Saxena
Address: HSR Layout, Bengaluru, Karnataka, India
Email: aurobindo@raysolute.com
Phone: +91 98913 21279
Proprietor: Aurobindo Saxena
Address: HSR Layout, Bengaluru, Karnataka, India
Email: aurobindo@raysolute.com
Phone: +91 98913 21279
🎯 2. Scope
This Privacy Policy applies to:
- Visitors to our website at www.raysolute.com
- Prospects, clients, and vendors interacting with our services
- Individuals who submit forms, inquiries, or communications
- Users accessing content via our Resources Hub or service pages
- Job applicants and candidates for consulting roles
This policy covers personal data processed in digital form, or data collected offline and subsequently digitized, in accordance with the DPDP Act, 2023.
🗄️ 3. Data We Collect
We collect the following categories of personal data:
3.1 Information You Provide Directly
- Contact & Business Details: Name, email address, phone number, company/institution name, designation, and project brief
- Communications: Content of emails, messages, and inquiries you send us
- Recruitment Data: CVs, resumes, professional profiles, and qualifications
- Feedback & Surveys: Responses voluntarily shared for research or event registration
3.2 Information Collected Automatically
- Usage Data: Pages viewed, links clicked, time spent on pages, referrer URL
- Device Information: Browser type, operating system, device type (aggregated)
- Location Data: Approximate geographic location based on IP address (city/country level)
- Cookies & Similar Technologies: As described in Section 8
3.3 Information from Third Parties
- Publicly available business information from LinkedIn, company websites
- Referrals from existing clients or partners (with their consent)
Note: We do not collect Sensitive Personal Data such as passwords, financial information, health data, biometric data, sexual orientation, political opinions, or religious beliefs, unless strictly necessary and with explicit consent.
⚙️ 4. How We Use Your Data
We process your personal data for the following purposes:
| Purpose | Description |
|---|---|
| Service Delivery | Respond to inquiries, prepare proposals, deliver consulting services |
| Website Operation | Operate, maintain, and improve website functionality |
| Communication | Send service-related communications and respond to queries |
| Marketing | Send industry insights and event invitations (with consent) |
| Analytics | Understand aggregate usage patterns to improve services |
| Recruitment | Evaluate applications and manage hiring process |
| Security | Maintain security and prevent fraud |
| Legal Compliance | Comply with applicable laws and regulations |
📜 5. Lawful Basis for Processing
Under DPDP Act, 2023 (India)
- Consent: Where you have given free, specific, informed, and unambiguous consent
- Legitimate Uses: As specified under Schedule 1 of the DPDP Act, including compliance with legal obligations, employment purposes, and public interest
Under GDPR/UK GDPR (EU/UK Residents)
- Consent: When you submit forms, sign up, or accept cookies
- Performance of Contract: To deliver proposals and consulting services
- Legitimate Interests: To improve services and maintain security
- Legal Obligation: To meet compliance and record-keeping requirements
✅ 6. Consent
In accordance with the DPDP Act, 2023, consent must be:
- Free: Given voluntarily without coercion
- Specific: Related to particular processing purposes
- Informed: Based on clear information about data processing
- Unambiguous: Given through clear affirmative action
- Unconditional: Not bundled with unrelated terms
6.1 Withdrawal of Consent
You may withdraw consent at any time:
- Email us at aurobindo@raysolute.com with your request
- Use the unsubscribe link in marketing emails
- Adjust cookie preferences through browser settings
Withdrawal does not affect the lawfulness of processing conducted prior to withdrawal.
🔗 7. Data Sharing & Disclosure
We do not sell your personal data. We may share data with:
7.1 Service Providers
- Hosting Providers: Website hosting and cloud infrastructure
- Analytics Services: Privacy-respecting website analytics
- Communication Tools: Email delivery and CRM systems
- Professional Services: Accountants, legal advisors (under confidentiality)
7.2 Legal Requirements
We may disclose data if required by court orders, government requests, or to protect our legal rights.
🍪 8. Cookies & Analytics
8.1 Types of Cookies We Use
| Cookie Type | Purpose | Duration |
|---|---|---|
| Essential | Required for website functionality | Session |
| Analytics | Understand aggregate usage (Google Analytics) | Up to 2 years |
| Preference | Remember your settings | Up to 1 year |
8.2 Managing Cookies
You can control cookies through browser settings or cookie consent banners.
⏱️ 9. Data Retention
| Data Category | Retention Period |
|---|---|
| General inquiries | 2 years from last contact |
| Client engagement records | 7 years (compliance requirements) |
| Marketing communications | Until consent withdrawn |
| Job applications (unsuccessful) | 1 year |
| Website analytics | 26 months (anonymized) |
After the retention period, data is securely deleted or anonymized.
🔐 10. Security Measures
10.1 Technical Measures
- SSL/TLS encryption for data in transit
- Secure hosting infrastructure
- Regular security updates and patches
- Access controls and authentication
10.2 Organizational Measures
- Least-privilege access principles
- Confidentiality obligations for personnel
- Regular review of security practices
- Incident response procedures
Important: While we implement robust security measures, no method of transmission or storage is 100% secure. We continuously work to improve our controls.
🌍 11. International Transfers
We may process data using service providers located outside India. Where data is transferred internationally:
- We implement appropriate safeguards (contractual clauses, adequacy decisions)
- We ensure recipient countries provide adequate data protection
- Under the DPDP Act, 2023, transfers are permitted to countries not restricted by the Central Government
👶 12. Children's Data
Our services are intended for business audiences. We do not:
- Knowingly collect personal data from individuals under 18 years of age
- Target our services or marketing to children
- Process children's data without verifiable parental consent
If you believe a child has provided us with personal data, please contact us immediately at aurobindo@raysolute.com.
👤 13. Your Rights
13.1 Rights Under DPDP Act, 2023 (India)
| Right | Description |
|---|---|
| Right to Access | Obtain a summary of your personal data being processed |
| Right to Correction | Request correction of inaccurate or incomplete data |
| Right to Erasure | Request deletion of your personal data |
| Right to Grievance Redressal | Lodge complaints regarding data processing |
| Right to Nominate | Nominate an individual to exercise rights in case of death/incapacity |
13.2 Additional Rights Under GDPR (EU/UK Residents)
- Right to Restriction: Request restriction of processing
- Right to Portability: Receive data in machine-readable format
- Right to Object: Object to processing based on legitimate interests
- Right to Lodge Complaint: File complaints with supervisory authority
13.3 How to Exercise Your Rights
Email us at aurobindo@raysolute.com. We will respond within 30 days.
📢 14. Grievance Redressal
In accordance with the DPDP Act, 2023, we have appointed a Grievance Officer:
Grievance Officer / Data Protection Officer
Name: Aurobindo Saxena
Email: aurobindo@raysolute.com
Phone: +91 98913 21279
Address: HSR Layout, Bengaluru, Karnataka, India
Name: Aurobindo Saxena
Email: aurobindo@raysolute.com
Phone: +91 98913 21279
Address: HSR Layout, Bengaluru, Karnataka, India
14.1 Grievance Process
- Submit your grievance via email with details
- We will acknowledge receipt within 48 hours
- We will investigate and respond within 30 days
- If unsatisfied, escalate to the Data Protection Board of India
⚠️ 15. Data Breach Notification
In the event of a personal data breach:
- We will notify the Data Protection Board of India as required
- We will notify affected individuals without undue delay
- We will document the breach and remediation steps
- We maintain incident response procedures for timely detection
🔄 16. Changes to This Policy
We may update this Privacy Policy from time to time.
16.1 Notification of Changes
- Material Changes: We will provide at least 15 days' notice
- Minor Changes: May take effect immediately upon posting
16.2 Version History
- Version 2.1: December 14, 2025 – Template update
- Version 2.0: November 29, 2025 – DPDP Act 2023 compliance
- Version 1.0: September 11, 2025 – Initial policy
📧 17. Contact Us
For any questions regarding this Privacy Policy or your personal data:
RAYSolute Consultants
📍 HSR Layout, Bengaluru, Karnataka, India
✉️ Email: aurobindo@raysolute.com
📞 Phone: +91 98913 21279
🌐 Website: www.raysolute.com
Data Protection Officer: Aurobindo Saxena
Grievance Officer: Aurobindo Saxena
Document Version: 2.1 | Effective Date: November 29, 2025
Related Documents: Terms of Service | Contact Us
Related Documents: Terms of Service | Contact Us