Privacy Policy

Cryptoxy ("we", "our", or "us") is an IT and software development company providing web development, AI integration, UI/UX design, cloud infrastructure, and DevOps services. We are committed to protecting your personal data and respecting your privacy.

This Privacy Policy explains what data we collect, why we collect it, how we use and protect it, and your rights with respect to it.

We collect information in the following ways:

Information you provide directly

• Name, email address, and phone number (via contact forms or booking calls)
• Company name, job title, and project details
• Billing information and payment details (processed via secure third-party providers)
• Any documents, briefs, or materials you share during project onboarding

Information collected automatically

• IP address, browser type, device type, and operating system
• Pages visited, time on site, and navigation paths
• Referral URLs and search terms
• Cookie data and session identifiers

We use the information we collect to:

• Respond to enquiries and provide quotes or proposals
• Deliver, manage, and improve our services
• Process payments and issue invoices
• Communicate project updates, timelines, and deliverables
• Send relevant service-related notifications
• Analyse website performance and improve user experience
• Comply with legal obligations and resolve disputes

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

Our website uses cookies and similar tracking technologies to enhance your browsing experience. Cookies help us:

• Remember your preferences and session state
• Understand how visitors use our site (analytics)
• Measure the effectiveness of our content and calls-to-action

You can control or disable cookies through your browser settings. Please note that disabling certain cookies may affect the functionality of parts of our website.

We may use third-party analytics tools (e.g., Google Analytics, Vercel Analytics) that collect anonymised usage data to help us understand site performance.

We implement industry-standard technical and organisational measures to protect your data, including:

• HTTPS encryption for all data in transit
• Access controls limiting data access to authorised personnel only
• Secure cloud infrastructure hosted on reputable providers (AWS, GCP, Vercel)
• Regular security reviews and dependency updates

While we take every reasonable precaution, no system is completely immune to risk. In the event of a data breach that affects your personal information, we will notify you in accordance with applicable law.

We may share your data with trusted third-party service providers who assist us in operating our business, including:

• Payment processors (e.g., Razorpay, Stripe) — for billing and invoicing
• Communication tools (e.g., Slack, email providers) — for project communication
• Cloud platforms (e.g., AWS, GCP, Vercel) — for hosting and infrastructure
• Analytics platforms — for understanding website usage
• CRM and project management tools — for managing client engagements

These providers are contractually obligated to handle your data securely and only for the purposes specified. We do not authorise them to use your data for their own marketing.

We retain your personal data only for as long as necessary to fulfil the purposes outlined in this policy, or as required by law. Specifically:

• Project-related data is retained for the duration of the engagement and up to 3 years thereafter for legal and accounting purposes
• Contact form submissions are retained for up to 12 months
• Invoices and financial records are retained for 7 years to comply with tax regulations
• Analytics data is anonymised and aggregated after 26 months

Depending on your jurisdiction, you may have the following rights regarding your personal data:

• Right to access — request a copy of the personal data we hold about you
• Right to rectification — request correction of inaccurate or incomplete data
• Right to erasure — request deletion of your data where we no longer have a lawful basis to retain it
• Right to restrict processing — ask us to pause processing of your data in certain circumstances
• Right to data portability — receive your data in a structured, machine-readable format
• Right to object — object to processing based on legitimate interests or direct marketing

To exercise any of these rights, please contact us at [email protected]. We will respond within 30 days.

Our services are not directed at individuals under the age of 18. We do not knowingly collect personal data from minors. If you believe a minor has provided us with personal data, please contact us and we will promptly delete it.

Your data may be processed and stored outside your country of residence, including in countries where our cloud infrastructure partners operate. We ensure that any such transfers are protected by appropriate safeguards, including contractual clauses consistent with applicable data protection law.

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. When we make significant changes, we will update the "Last updated" date at the top of this page and, where appropriate, notify you by email.

We encourage you to review this policy periodically.

If you have questions, concerns, or requests related to your privacy or this policy, please contact our Data Privacy team:

• Email: [email protected]
• Website: cryptoxy.in/contact