Legal Document

Privacy Policy

At RDK Global Technologies, your privacy is not an afterthought — it's a foundational principle. This policy explains exactly what data we collect, why we collect it, and how we protect it.

📅 Effective: 1 January 2025
🔄 Last Updated: 15 March 2025
🏢 Jurisdiction: India (IT Act 2000)
📧 Contact: contact@rdktechnologies.com
ℹ️ This Privacy Policy was last updated on 15 March 2025. We encourage you to review it periodically.
01

Information We Collect

When you visit our website, fill out a contact form, engage with our services, or communicate with our team, we may collect the following categories of information:

Information You Provide Directly

  • Full name, email address, phone number, and company name when you submit our contact or quote form.
  • Project details, budget range, and description you voluntarily share in messages.
  • Communication records when you email or call us.
  • Testimonials or feedback you submit publicly or via survey.

Information Collected Automatically

  • IP address, browser type, operating system, and device identifiers.
  • Pages visited, time spent, scroll depth, and click interactions via analytics tools.
  • Referring URLs and exit pages.
  • Cookie identifiers and session tokens (see Section 4).
We do not collect: sensitive personal data such as Aadhaar numbers, financial account details, biometric data, or health information through our website. Any such data shared in the course of a client engagement is governed by a separate Data Processing Agreement (DPA).
02

How We Use Your Data

We use the information we collect for the following purposes:

Purpose Data Used Basis
Respond to enquiries Name, email, phone, project brief Legitimate interest / Contract
Provide and manage services Contact details, communication records Contract performance
Send service updates Email address Legitimate interest
Marketing communications Email address Consent
Website analytics & improvement Usage data, cookies Legitimate interest
Legal & compliance obligations All applicable data Legal obligation
No spam, ever. We will never sell your personal data to advertisers or third-party marketing companies. You can unsubscribe from any marketing email at any time using the link in the footer of that email.
03

Legal Basis for Processing

We process your personal data only when we have a valid legal basis. Under the Information Technology (Amendment) Act 2008, the IT Rules 2011, and applicable global privacy frameworks, our legal bases are:

  • Consent — where you have expressly opted in to receive marketing or submitted a form voluntarily.
  • Contract — where processing is necessary to deliver the services you've engaged us for.
  • Legitimate Interest — where we have a genuine business reason (e.g., fraud prevention, improving our website) that doesn't override your rights.
  • Legal Obligation — where we are required by law to retain or disclose data (e.g., tax records, court orders).
04

Cookies & Tracking

Our website uses cookies and similar tracking technologies to enhance your experience and understand how visitors use our site. A cookie is a small text file stored on your device.

Cookie Type Purpose Duration
Essential Enables core site functionality (navigation, form submission) Session
Analytics Google Analytics — page views, session duration, referral source 2 years
Preference Remembers your consent choices and display preferences 1 year
Marketing Retargeting via Google Ads & Meta Pixel (only with consent) 90 days

You can manage or withdraw cookie consent at any time through your browser settings. Blocking essential cookies may affect site functionality. For Google Analytics opt-out, visit tools.google.com/dlpage/gaoptout.

05

Data Sharing & Third Parties

We do not sell your personal data. We may share it with trusted service providers who process it on our behalf under strict contractual obligations:

  • Email & CRM: We use email platforms to manage enquiries and client communications.
  • Analytics: Google Analytics (Google LLC, USA) — data is pseudonymised and processed under the Google Analytics Data Processing Amendment.
  • Cloud Hosting: Our website is hosted on secure cloud infrastructure (AWS/GCP) in data centres with appropriate safeguards.
  • Payment Processors: If applicable during service delivery, payments are handled by PCI-DSS compliant processors. We never store raw card data.
  • Legal Authorities: We may disclose data when required by a valid legal order, court order, or regulatory requirement.
Important: All third-party service providers are vetted to ensure they maintain appropriate security standards and are contractually prohibited from using your data for their own purposes.
06

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes described in this policy, or as required by law. Our standard retention periods are:

  • Website enquiry data — 3 years from date of last contact.
  • Active client data — Duration of the engagement plus 5 years for contractual and audit purposes.
  • Marketing opt-in records — Until consent is withdrawn, plus 1 year thereafter.
  • Financial / invoicing records — 7 years as required by Indian tax law.
  • Website analytics — 26 months (Google Analytics default).

When data is no longer needed, it is securely deleted or anonymised so it can no longer be linked to an individual.

07

Your Rights

Depending on your location and applicable law, you may have the following rights regarding your personal data. We will respond to all valid requests within 30 days.

👁️
Right to Access
Request a copy of all personal data we hold about you.
✏️
Right to Rectification
Ask us to correct inaccurate or incomplete data about you.
🗑️
Right to Erasure
Request deletion of your personal data where no legitimate reason for retention exists.
⏸️
Right to Restrict
Ask us to temporarily pause processing your data in certain circumstances.
📦
Right to Portability
Receive your data in a structured, machine-readable format to transfer elsewhere.
🚫
Right to Object
Object to processing based on legitimate interests, including direct marketing.

To exercise any of these rights, email us at privacy@rdktechnologies.com with subject line "Data Rights Request" and proof of identity. We will never charge a fee for legitimate requests.

08

Data Security

We implement industry-standard technical and organisational measures to protect your personal data against unauthorised access, loss, alteration, or disclosure:

  • All data transmitted via our website is encrypted using TLS 1.2+ (HTTPS).
  • Access to personal data is restricted on a need-to-know basis with role-based access controls.
  • Our servers are hosted in ISO 27001-certified data centres with 24/7 monitoring.
  • We conduct regular security audits and vulnerability assessments.
  • Employees handling personal data undergo mandatory privacy and security training.
  • In the event of a data breach, we will notify affected individuals within 72 hours where required by law.
Important reminder: No method of electronic transmission or storage is 100% secure. While we strive to protect your data using best practices, we cannot guarantee absolute security. Please use strong, unique passwords and report any suspicious activity to us immediately.
09

International Data Transfers

RDK Global Technologies is headquartered in Bhilai, Chhattisgarh, India. We may transfer your data to countries outside India for service delivery (e.g., cloud infrastructure in the US or EU). Where such transfers occur:

  • We ensure the recipient country offers an adequate level of protection, or
  • We implement appropriate safeguards such as Standard Contractual Clauses (SCCs), or
  • We obtain your explicit consent where required.

We primarily use AWS and GCP infrastructure, both of which maintain comprehensive data protection certifications including ISO 27001, SOC 2, and GDPR compliance programmes.

10

Children's Privacy

Our website and services are not directed to individuals under the age of 18. We do not knowingly collect personal data from minors. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at privacy@rdktechnologies.com and we will promptly delete such data.

11

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

  • Update the "Last Updated" date at the top of this page.
  • Post a prominent notice on our website.
  • Send an email notification to existing clients and subscribers where the changes are significant.

We encourage you to review this policy periodically. Continued use of our website or services after changes are posted constitutes your acceptance of the updated policy.

12

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please reach out to us:

📧
Data Privacy Team
privacy@rdktechnologies.com
We respond within 48 hours.
📍
Registered Office
RDK Global Technologies
Bhilai, Chhattisgarh — 490023
India
Grievance Officer: As required under the IT (Intermediary Guidelines and Digital Media Ethics Code) Rules 2021, our designated Grievance Officer can be reached at contact@rdktechnologies.com. We acknowledge complaints within 24 hours and resolve them within 15 days.