Privacy Policy | Blacksharq

1. Introduction

Welcome to Blacksharq Technologies Private Limited ("we", "us", "our", or "Blacksharq"). We are committed to protecting your personal data and respecting your privacy rights. This Privacy Policy explains how we collect, use, disclose, store, and protect your personal information when you visit our website, use our services, or interact with us.

This policy is designed to comply with applicable data protection laws, including the Digital Personal Data Protection Act (DPDPA) of India and the General Data Protection Regulation (GDPR) principles. By using our services, you acknowledge that you have read and understood this Privacy Policy.

If you have any questions about this policy or our data practices, please contact us using the information provided in the "Contact Us" section below.

2. Information We Collect

We collect information that you provide directly to us, information we obtain automatically when you use our services, and information from third-party sources (if applicable). The types of personal data we may collect include:

2.1. Information You Provide Directly

Identity Information: Your full name, username, and any other identifiers you choose to provide
Contact Information: Email address, phone number, postal address, and other contact details
Account Information: Account credentials, profile information, preferences, and settings
Payment Information: Billing address, payment card details, transaction history, and other financial information necessary for processing payments
Communication Data: Messages, inquiries, feedback, support requests, and any other communications you send to us
Content Data: Information, files, documents, or other content you upload, submit, or create through our services

2.2. Information We Collect Automatically

Device Information: Device type, operating system, browser type and version, device identifiers, and hardware information
Usage Data: Pages visited, features used, time spent on pages, clickstream data, search queries, and navigation patterns
Log Data: IP address, access times, error logs, and other system-generated information
Location Data: General location information derived from your IP address (we do not collect precise GPS location without your explicit consent)
Cookies and Tracking Technologies: Information collected through cookies, web beacons, pixel tags, and similar technologies (see "Cookies & Tracking Technologies" section below)

2.3. Information from Third Parties

Currently, we do not collect personal information from third-party sources. If this changes in the future, we will update this policy and obtain your consent where required.

3. How We Use Your Information

We use the information we collect for the following purposes:

3.1. Service Delivery and Operations

To provide, maintain, and improve our services
To process transactions, payments, and fulfill orders
To create and manage your account
To authenticate your identity and prevent fraud
To respond to your inquiries, requests, and support needs
To send you service-related communications (e.g., account updates, transaction confirmations)

3.2. Communication and Marketing

To send you marketing communications, newsletters, and promotional materials (only with your consent and where permitted by law)
To notify you about new features, updates, and changes to our services
To conduct surveys, research, and gather feedback
To personalize your experience and provide relevant content

3.3. Analytics and Improvement

To analyze usage patterns and trends
To understand how our services are used and identify areas for improvement
To develop new features and services
To conduct research and analytics

3.4. Legal and Compliance

To comply with applicable laws, regulations, and legal obligations
To respond to legal requests, court orders, and government inquiries
To enforce our terms of service and other agreements
To protect our rights, property, and safety, as well as that of our users and others
To detect, prevent, and address fraud, security issues, and other harmful activities

4. Legal Basis for Processing

We process your personal data based on the following legal grounds:

Consent: When you have given explicit consent for specific processing activities (e.g., marketing communications, cookies)
Contract Performance: When processing is necessary to fulfill our contractual obligations to you
Legal Obligation: When processing is required to comply with applicable laws and regulations
Legitimate Interests: When processing is necessary for our legitimate business interests, such as improving our services, preventing fraud, or ensuring security (we always balance these interests against your privacy rights)

You have the right to withdraw your consent at any time. However, withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

5. Data Sharing and Disclosure

We respect your privacy and do not sell, rent, or trade your personal information. We may share your information only in the following circumstances:

5.1. No Third-Party Sharing

Currently, we do not share your personal data with third parties, affiliates, vendors, or service providers. All data processing is conducted internally by Blacksharq Technologies Private Limited.

5.2. Future Third-Party Services

If we engage third-party service providers in the future (e.g., payment processors, cloud hosting providers, analytics services), we will:

Update this policy to disclose such sharing
Ensure third parties are contractually bound to protect your data
Only share the minimum information necessary for the service
Obtain your consent where required by law

5.3. Legal Requirements

We may disclose your information if required by law or in response to:

Valid legal requests, court orders, or subpoenas
Government or regulatory inquiries
Legal proceedings or disputes
Protection of rights, property, or safety

5.4. Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred to the acquiring entity. We will notify you of any such change in ownership or control of your personal information.

6. International Data Transfers

Currently, all your personal data is processed and stored within India. We do not transfer your personal data internationally. If this changes in the future, we will:

Update this policy to disclose such transfers
Ensure appropriate safeguards are in place (e.g., standard contractual clauses, adequacy decisions)
Comply with applicable data protection laws
Obtain your consent where required

7. Data Security

We implement comprehensive technical, administrative, and physical security measures to protect your personal data from unauthorized access, disclosure, alteration, and destruction. Our security measures include:

Encryption: We use industry-standard encryption (TLS/SSL) for data in transit and encryption at rest for sensitive data
Access Controls: We implement strict access controls, authentication mechanisms, and role-based permissions to ensure only authorized personnel can access your data
Security Monitoring: We continuously monitor our systems for security threats, vulnerabilities, and suspicious activities
Regular Security Assessments: We conduct regular security audits, penetration testing, and vulnerability assessments
Employee Training: Our staff receive regular training on data protection and security best practices
Incident Response: We have procedures in place to respond to security incidents promptly and effectively
Data Backup and Recovery: We maintain regular backups and disaster recovery procedures to ensure data availability

While we strive to protect your personal data, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security, but we are committed to maintaining industry-standard protections.

8. Cookies and Tracking Technologies

We use cookies, web beacons, pixel tags, and similar tracking technologies ("Cookies") to collect and store information about your interactions with our website and services.

8.1. Types of Cookies We Use

Essential Cookies: Required for the website to function properly (e.g., authentication, security, load balancing)
Analytics Cookies: Help us understand how visitors interact with our website (e.g., page views, bounce rates, user flows)
Functional Cookies: Remember your preferences and settings to enhance your experience
Marketing Cookies: Used to deliver relevant advertisements and track campaign effectiveness (only with your consent)

8.2. Cookie Consent

We obtain your consent before placing non-essential cookies on your device through our GDPR-compliant cookie consent banner. You can manage your cookie preferences at any time through your browser settings or our cookie preference center.

8.3. Third-Party Cookies

Currently, we do not use third-party cookies. If this changes, we will update this policy and provide you with information about the third parties and their privacy practices.

9. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required or permitted by law. Our retention periods are based on:

The purpose for which the data was collected
Legal, regulatory, and contractual requirements
The nature and sensitivity of the data
Potential risk of harm from unauthorized use or disclosure

9.1. Specific Retention Periods

Account Data: Retained for the duration of your account and for a reasonable period after account closure (typically 3-7 years) for legal and business purposes
Transaction Data: Retained for 7 years as required by financial and tax regulations
Marketing Data: Retained until you withdraw consent or opt out of marketing communications
Analytics Data: Retained in aggregated, anonymized form for up to 2 years
Support Communications: Retained for 3 years after the resolution of your inquiry

9.2. Data Deletion

When personal data is no longer needed, we securely delete or anonymize it. You may request deletion of your personal data at any time (see "Your Rights" section below), subject to legal and contractual obligations.

10. Your Rights and Choices

Depending on your location and applicable data protection laws, you may have the following rights regarding your personal data:

10.1. Right to Access

You have the right to request access to your personal data and receive a copy of the information we hold about you, including details about how we use it.

10.2. Right to Rectification

You have the right to request correction of inaccurate or incomplete personal data. You can also update your information directly through your account settings where available.

10.3. Right to Erasure ("Right to be Forgotten")

You have the right to request deletion of your personal data when it is no longer necessary, you withdraw consent, or the processing is unlawful, subject to legal and contractual obligations.

10.4. Right to Restrict Processing

You have the right to request that we limit how we use your personal data in certain circumstances (e.g., while we verify the accuracy of data you contest).

10.5. Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller where technically feasible.

10.6. Right to Object

You have the right to object to processing of your personal data based on legitimate interests or for direct marketing purposes. We will stop processing unless we have compelling legitimate grounds.

10.7. Right to Withdraw Consent

Where processing is based on consent, you have the right to withdraw your consent at any time. This does not affect the lawfulness of processing before withdrawal.

10.8. Right to Opt-Out of Marketing

You can opt out of marketing communications at any time by clicking the unsubscribe link in our emails or contacting us directly.

10.9. How to Exercise Your Rights

To exercise any of these rights, please contact us at:

Email: info@blacksharq.com
Subject line: "Privacy Rights Request" or "Data Protection Request"

We will respond to your request within 30 days (or as required by applicable law). We may need to verify your identity before processing your request. If your request is complex or we receive multiple requests, we may extend the response time and will inform you accordingly.

10.10. Right to Lodge a Complaint

If you believe we have not addressed your concerns adequately, you have the right to lodge a complaint with your local data protection authority or supervisory authority.

11. Automated Decision-Making and Profiling

We do not use automated decision-making or profiling that produces legal effects or significantly affects you. If this changes in the future, we will update this policy, obtain your consent where required, and provide you with information about the logic involved and the significance and consequences of such processing.

12. Children's Privacy

Our services are not intended for individuals under the age of 18 (or the age of majority in your jurisdiction). We do not knowingly collect, use, or disclose personal information from children without verifiable parental consent.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately. If we become aware that we have collected personal information from a child without parental consent, we will take steps to delete that information promptly.

13. Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we are committed to:

Notifying the relevant supervisory authority within 72 hours (where required by law)
Notifying affected individuals without undue delay if the breach is likely to result in a high risk to their rights and freedoms
Providing clear information about the nature of the breach, potential consequences, and measures we are taking
Implementing remedial measures to address the breach and prevent future occurrences

We maintain incident response procedures and regularly review and update our security measures to prevent data breaches.

14. Links to Third-Party Websites

Our website may contain links to third-party websites, services, or applications that are not operated by us. This Privacy Policy does not apply to such third-party sites. We encourage you to review the privacy policies of any third-party sites you visit. We are not responsible for the privacy practices or content of third-party sites.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, legal requirements, or for other operational, legal, or regulatory reasons. When we make changes, we will:

Update the "Last Updated" date at the top of this policy
Notify you of material changes via email or prominent notice on our website
Obtain your consent where required by law for significant changes

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information. Your continued use of our services after changes become effective constitutes acceptance of the updated policy.

16. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Data Protection Officer / Privacy Contact

Blacksharq Technologies Private Limited
Email: info@blacksharq.com
Address: C56/30, Phase 2, Sector 62, Noida, Uttar Pradesh 201309, India

For privacy-related inquiries, please use the subject line "Privacy Inquiry" or "Data Protection Request" to help us respond more efficiently.

17. Additional Information

This Privacy Policy should be read in conjunction with our Terms of Service and any other applicable policies or agreements. If there is a conflict between this Privacy Policy and other agreements, the terms of this Privacy Policy will govern with respect to data protection matters.

If any provision of this Privacy Policy is found to be unenforceable or invalid, the remaining provisions will continue in full force and effect.