Privacy Policy

Legal

Privacy Policy

Effective Date: August 1, 2025
Last Modified: None.

Sitabience IP Private Limited ("Company", "we", "our", or "us") values the trust you place in us to handle your personal information responsibly and in compliance with applicable laws, including the Digital Personal Data Protection Act, 2023 (India), the General Data Protection Regulation (GDPR – EU/EEA), and the California Consumer Privacy Act (CCPA – USA), along with other applicable data protection laws.

This Privacy Policy explains how we collect, use, store, and protect personal information, and the rights you have in relation to that information.


1. Scope

This Privacy Policy applies to:

  • Visitors to our website;
  • Clients and prospective clients;
  • Candidates applying for roles with us; and
  • Business partners and suppliers.

It does not apply to employee data, which is governed by internal policies.


2. Important Note

  • You may browse our website without providing personal information.
  • By using this website and our services, you consent to the collection, use, and processing of personal data in accordance with this Privacy Policy.
  • We may update this policy from time to time, and the date of the most recent modification will be indicated at the top of this page. Continued use of our website constitutes acceptance of the revised policy.

3. Categories of Personal Information Collected

We may collect and process the following types of personal information (depending on the nature of your interaction with us):

  • Identity and Contact Information: Name, email, phone number, business address, designation, organization details.
  • Professional/Commercial Information: Records of services requested or provided, communications with us, payment history.
  • Technical and Usage Data: IP address, browser type, device identifiers, pages visited, date and time of access, cookies and similar technologies.
  • Application Data (Careers): CVs, qualifications, employment history, professional references (if you apply for roles at our firm).
  • Audio-Visual Material: CCTV/security recordings if you visit our premises, or recordings of webinars/events (with your consent).

We do not request or collect sensitive personal information (e.g., biometrics, health data, and political beliefs) unless required by law.


4. How We Collect Information

We may collect data through:

  • Direct Interactions: Information provided via our contact forms, service requests, job applications, emails, or contractual documents.
  • Website Usage: Data collected automatically through cookies, server logs, and tracking technologies.
  • Third Parties and Public Sources: Business directories, professional networks (e.g., LinkedIn), background check providers (for recruitment), and publicly available databases.

5. Purpose and Legal Basis for Processing

Purpose Legal Basis
To provide IP-related services (patents, trademarks, copyright, advisory) Performance of contract
To comply with legal/regulatory obligations (RBI, tax, data protection laws) Legal obligation
To respond to queries, requests, or complaints Legitimate interest / consent
To process payments and issue invoices Performance of contract
To improve website functionality, security, and user experience Legitimate interest
Recruitment and HR management Legitimate interest / consent
To detect and prevent fraud, misuse, or unlawful activity Legal obligation / legitimate interest

We do not use your data for direct advertising, profiling, or unrelated marketing campaigns.


6. Use of Personal Information

Your data may be used for the following:

  • Delivering and personalizing our services.
  • Responding to inquiries and providing customer support.
  • Processing payments through Stripe.
  • Complying with contractual and legal obligations.
  • Securing our website and IT systems.
  • Recruitment purposes (if you apply for positions).
  • Conducting audits, compliance checks, and risk management.

7. Data Retention

We retain personal data only as long as necessary for the purposes for which it was collected:

  • Client records: up to 7 years after engagement ends (to comply with legal obligations).
  • Recruitment data: up to 2 years unless consented to longer retention.
  • Marketing data: until opt-out/withdrawal of consent.
  • Website logs: up to 12 months.

Data will be securely deleted or anonymized once it is no longer required.


8. Disclosure of Personal Information

We may share data with:

  • Service Providers: IT, hosting, and payment processors (e.g., Stripe) with limited access as necessary.
  • Professional Advisors: Auditors, consultants, or legal advisors assisting us.
  • Authorities: Regulatory bodies, courts, or enforcement agencies where disclosure is required by law.
  • Group Entities (if any): Within our corporate structure for operational purposes.

We do not sell or share personal information for monetary or cross-context advertising purposes.


9. International Transfers

As we serve clients globally, personal data may be transferred across jurisdictions. Where transfers occur outside India, the EU, or other regulated territories, we ensure appropriate safeguards such as Standard Contractual Clauses (SCCs) or equivalent legal mechanisms.


10. Security Measures

We maintain organizational, technical, and administrative safeguards to protect personal data against unauthorized access, disclosure, alteration, or destruction. While we use encryption, firewalls, and secure protocols (HTTPS), no system is completely immune from breaches.

We implement appropriate technical and organizational measures to safeguard personal data, including:

  • Encryption (HTTPS, secure servers);
  • Access controls;
  • Regular monitoring for vulnerabilities.

While we take reasonable precautions, no method of transmission or storage is 100% secure.


11. Your Rights

Depending on your jurisdiction, you may have the following rights:

Under GDPR / DPDP:

  • Right of access, correction, deletion, and portability;
  • Right to restrict or object to processing;
  • Right to withdraw consent;
  • Right to lodge a complaint with a supervisory authority.

Under CCPA/CPRA (California Residents):

  • Right to know what personal data we collect and how we use it;
  • Right to access and receive a copy of your data;
  • Right to deletion (subject to exceptions);
  • Right to correct inaccurate data;
  • Right to opt-out of the sale or sharing of personal data (not applicable as we do not sell/share data);
  • Right to non-discrimination for exercising rights.

How to Exercise Rights:

Please email us at mail@sitabienceip.com with your request.

  • We may require verification of your identity before fulfilling your request.
  • GDPR requests will be processed within 30 days; CPRA requests within 45 days.

12. Cookies

We use cookies and similar technologies to:

  • Analyze traffic and improve website performance.
  • Remember user preferences.
  • Secure sessions and prevent fraud.

Users can manage cookie preferences via browser settings. Some features of the website may not function correctly if cookies are disabled. Users in the EU/UK will be presented with a cookie consent banner. Users in California may opt-out of cross-context behavioural advertising.


13. Children's Privacy

Our website and services are not directed at individuals under 18 years of age. We do not knowingly collect personal information from minors.


14. Business Transfers

In the event of a merger, acquisition, restructuring, or sale of assets, personal data may be transferred to the acquiring entity, subject to the terms of this Privacy Policy.


15. Updates to This Policy

We may update this Privacy Policy from time to time. Any material changes will be communicated through our website.


16. Contact Information

If you have questions, concerns, or wish to exercise your data rights, please contact:

Bikash Kumar Lohia
Data Protection & Grievance Officer
bikash@sitabienceip.com
Sitabience IP Private Limited
TR-257, AltF, Plot No A100, Sector 58, Noida, India
+91 9211 5654 66