Wesoftek Solutions Pvt. Ltd. (“Wesoftek”, “we”, “our”, or “us”) is committed to protecting the privacy, confidentiality, and security of all users of our website https://www.wesoftek.com . We do not sell, rent, or disclose personal information except as stated in this Privacy Policy or as required by law. This Policy explains how we collect, use, store, safeguard, retain, and delete personal data in accordance with the Digital Personal Data Protection Act, 2023 (DPDP Act), the Information Technology Act, 2000, and globally aligned standards such as the GDPR. As a tailored software development and technology solutions company, we follow industry-standard practices to ensure secure and reliable services across web, mobile, cloud, DevOps, and enterprise solutions.

This Privacy Policy explains how we collect, process, store, safeguard, retain, and delete personal information when you visit or interact with wesoftek.com. By accessing or using our website, you acknowledge and consent to the practices described in this Policy. This Policy also reflects our obligations under the Digital Personal Data Protection Act, 2023 (DPDP Act), the Information Technology Act, 2000, including the Information Technology Rules, 2011, and benchmark standards inspired by the General Data Protection Regulation (GDPR) for global clients.

We may update this Privacy Policy periodically, and recommend reviewing it regularly.

1. Information We Collect

1.1 Personal Information

We may collect certain personal information that can be used to identify you individually, including but not limited to your name, contact number, email address, IP address, service preferences, and any other details you voluntarily provide. Such information may be collected when you interact with us in various ways, including when you communicate with us as an existing or potential customer, when you browse or engage with features on our website, when you subscribe to or register for any of our services, or when you submit inquiries or reach out to us through our “Contact Us” form. This information helps us respond to your requests, understand your needs, and deliver a more personalized and efficient service experience.

1.2 Non-Personal Information

In addition to personal data, we may also collect non-personal, technical, or aggregated information that does not directly identify you. This includes details about your device, browser type, operating system, internet service provider, browsing patterns, the pages you visit, time spent on different sections of the website, and general usage behaviour. Such information is typically gathered automatically through analytics tools such as Google Analytics and is used to enhance website performance, improve user experience, and analyse overall traffic trends without identifying individual visitors.

2. Cookies

2.1 Use of Cookies

To provide a secure, efficient, and personalized browsing experience, our website uses cookies and similar tracking technologies that store certain information on your device when you access or interact with our platform. Cookies enable us to recognize your device, record your preferences, analyse website performance, and facilitate seamless navigation. We use two primary categories of cookies:

Session Cookies, which remain active only for the duration of your browsing session and are automatically deleted once you close your browser; and

Persistent Cookies, which remain stored on your device for a defined period or until manually deleted. Persistent cookies assist us in understanding returning visitor behaviour, improving loading efficiency, enhancing website functionality, and delivering a more consistent and tailored user experience.

2.2 Managing or Disabling Cookies

You retain full control over the use of cookies and may choose to restrict, block, or disable them through your browser’s privacy settings. Most web browsers provide options to refuse cookies, delete existing cookies, or receive a notification before cookies are placed on your device. However, disabling or restricting cookies may limit your ability to utilize certain functionalities or features of the website, and may adversely affect the overall performance, user experience, and operational effectiveness of specific services that rely on cookies to function properly.

3. Use of Personal Information

3.1 Purpose of Processing

In strict compliance with the Digital Personal Data Protection Act, 2023 (DPDP Act), and all other applicable data protection and cybersecurity laws, we process personal information solely for lawful, explicit, and legitimate purposes. The information we collect is used to respond to your inquiries, provide the services you request, and establish effective communication with you. It also enables us to analyse and enhance our website’s performance, improve user experience, and refine the overall quality of our services. Where applicable, and only with your prior consent, we may send you service-related communications, newsletters, updates, or promotional information that may be of interest. We further rely on collected data to maintain accurate internal records, conduct analytics, and support operational and administrative functions within our organization. Additionally, your information may be processed to protect our legal rights, fulfil statutory and regulatory obligations, enforce compliance requirements, detect and prevent fraudulent activities, address security threats, and curb misuse or unauthorized access to our systems, services, or digital assets. Each processing activity is carried out with utmost care, ensuring transparency, lawful purpose, and proportionality.

3.2 Legal Basis for Processing

We process personal information strictly in accordance with the legal bases permitted under applicable laws, including but not limited to: your explicit consent, where required; our legitimate business interests, such as service improvement, security enhancement, and operational efficiency; and legal or contractual obligations, where the processing of personal data is necessary for compliance or performance of an agreement. No personal data is processed beyond what is necessary for achieving the intended purpose, and all processing activities are conducted in a fair, transparent, and accountable manner.

4. Data Security

We employ a comprehensive framework of technical, administrative, and physical safeguards to protect all personal and non-personal information entrusted to us from unauthorized access, misuse, alteration, disclosure, loss, or destruction. These safeguards are designed in accordance with industry best practices, statutory requirements, and globally recognized information security standards. Our security infrastructure includes the use of SSL encryption and secure communication protocols to protect data transmitted between your device and our servers; firewalls and intrusion detection/prevention systems to monitor, detect, and mitigate suspicious activities or unauthorized attempts to access our systems; and role-based access controls and strong authentication mechanisms to ensure that only authorized personnel can access specific categories of data based strictly on operational necessity. In addition, we conduct periodic security audits, compliance assessments, penetration testing, and vulnerability evaluations to identify and remediate potential weaknesses in our systems. These ongoing measures help us maintain a secure digital environment and uphold the integrity, confidentiality, and availability of your data.

While we are committed to maintaining the highest possible level of data protection and employ industry-standard security technologies and protocols, it is important to acknowledge that no digital platform, system, or electronic transmission can guarantee absolute security. The evolving nature of cyber threats means that despite our diligent efforts and robust safeguards, we cannot ensure complete immunity from potential breaches, attacks, or unauthorized incidents. However, we remain vigilant and proactive in strengthening our security posture and will take all appropriate steps to respond swiftly and effectively in the event of any security concern.

5. Data Retention and Data Deletion

5.1 Data Retention Practices

We retain personal information only for the duration necessary to achieve the specific and legitimate purposes for which it was initially collected, or as required to fulfil legal, regulatory, operational, or contractual obligations. Our retention periods are determined based on the nature of the information, the context in which it was collected, and the statutory timelines mandated under applicable laws, including the Digital Personal Data Protection Act, 2023 (DPDP Act). Once the retention period expires, or when the information is no longer required for business or legal purposes, we take appropriate measures to ensure that such data is securely deleted, permanently anonymized, or archived in accordance with our internal data lifecycle and retention policies. These processes are designed to ensure that outdated or unnecessary information does not remain accessible or pose any security risk.

5.2 Data Deletion Rights and Process

As a Data Principal, you have the right to request the deletion of your personal information at any time. Upon receiving a valid and verifiable deletion request, we assess whether the data can be deleted immediately or whether retention is still required for lawful grounds such as compliance with statutory record-keeping obligations, ongoing dispute resolution, fraud detection and prevention, enforcement of contractual rights, or other legitimate business interests. If the data is eligible for deletion, we will securely erase it using industry-standard destruction techniques designed to ensure that the deleted information cannot be restored, reconstructed, or misused in any manner. Where immediate deletion is not legally permissible, the data will be restricted from further processing and retained only to the extent required by law. We maintain transparent procedures to ensure timely and secure fulfilment of all valid deletion requests.

6. Disclosing Your Information

6.1 Conditions for Disclosure

We uphold strict confidentiality standards and do not disclose your personal information to any third party except under limited and clearly defined circumstances. Personal data may be shared only when such disclosure is lawful, necessary, and aligned with the purposes for which the information was collected. Disclosure may occur if our business, or any substantial part of it, is sold, merged, transferred, or acquired by another entity, in which case the personal data we hold may form part of the transferred assets, subject to the acquiring entity’s adherence to privacy obligations consistent with this Policy. We may also disclose personal information when mandated by applicable laws, governmental authorities, regulatory bodies, or pursuant to valid legal processes such as subpoenas, court orders, or statutory requests, ensuring strict compliance with legal obligations.

6.2 Fraud and Security-Related Disclosure

Additionally, disclosure may be necessary to detect, prevent, or mitigate fraudulent activities, cybersecurity incidents, potential threats, or unlawful conduct, where sharing information with law enforcement or security partners becomes essential for protecting our rights, systems, users, and the public interest. We may also share aggregated, anonymized, or non-personally identifiable data with trusted partners, affiliates, analytics providers, or advertisers strictly for statistical, research, or service enhancement purposes; such data cannot be used to identify any individual user. We affirm that we do not sell, trade, or commercially exploit personal information under any circumstances, and any data sharing we undertake is conducted responsibly, securely, and in compliance with applicable data protection laws.

7. Your Rights

As a Data Principal under the Digital Personal Data Protection Act, 2023 (DPDP Act), you are granted a comprehensive set of rights designed to provide you with full transparency, control, and autonomy over your personal data. These rights ensure that your information is processed responsibly, lawfully, and in a manner that respects your privacy and personal preferences.

7.1 Right to Access

You have the Right to Access your personal data, which entitles you to request confirmation of whether we are processing your information and to receive a copy of the data we hold. This includes understanding the nature of the information collected, the purpose of processing, categories of third parties (if any) with whom the data has been shared, and the duration for which it will be retained. This right allows you to remain informed about how your data is being used and protected.

7.2 Right to Correction

You have the Right to Correction, allowing you to request rectification or updating of any inaccurate, incomplete, misleading, or outdated personal information. This ensures that the data we process is accurate, relevant, and reflective of your current details. Upon receiving a valid correction request, we will take appropriate steps to update our records in a timely manner.

7.3 Right to Deletion

You have the Right to Deletion (Erasure) of your personal data. This empowers you to request the permanent removal of your information from our systems. While this right is subject to certain lawful exceptions—such as ongoing legal obligations, compliance with statutory retention requirements, fraud detection and prevention, or resolution of legal disputes—we will delete or anonymize your data wherever permissible. If full deletion is not legally possible, we will restrict further processing until the data is eligible for removal.

7.4 Right to Withdraw Consent

You have the Right to Withdraw Consent at any point for processing activities that rely on your explicit consent. Withdrawal of consent will take effect on a forward-going basis and will not affect the lawfulness of processing carried out before the withdrawal. Once consent is withdrawn, we will discontinue processing activities based solely on consent.

7.5 Right to Grievance Redressal

You have the Right to Grievance Redressal, enabling you to raise complaints or concerns regarding our handling of your personal data. Our designated Data Protection Officer (DPO) is responsible for addressing such grievances in a fair, transparent, and timely manner, in accordance with the statutory timelines prescribed under the DPDP Act. You may also escalate the matter to the Data Protection Board of India if you are dissatisfied with the resolution.

7.6 Right to Nominate

You also hold the Right to Nominate another individual who may act on your behalf in the event of your incapacity or death. This nomination ensures continuity in the management and protection of your data and allows your nominee to exercise your rights without interruption.

To exercise any of the rights outlined above, you may contact us using the details provided in the “Contact Us / Grievance Redressal” section. Upon receiving your request, we will verify your identity to safeguard your data against unauthorized access and will process your request in accordance with applicable legal requirements.

8. Third-Party Links

8.1 External Websites

Our website may contain hyperlinks or references to third-party websites, applications, or online services that are provided solely for your convenience, informational purposes, or to enhance your browsing experience. These external platforms operate independently and are not owned, controlled, or managed by Wesoftek Solutions Pvt. Ltd. As such, we do not endorse, monitor, or assume responsibility for the accuracy, relevance, legality, security, or completeness of any content, products, services, or information made available on these third-party websites.

8.2 Independent Policies

Please be aware that third-party platforms have their own privacy policies, data handling practices, terms of use, and security standards that may differ significantly from those of Wesoftek. We do not have control over how these third parties collect, store, use, share, or protect your personal information. Therefore, we strongly encourage all users to independently review the privacy policies, terms and conditions, and data protection practices of any external website or service before accessing, interacting with, or sharing personal information on such platforms.

8.3 User Responsibility

Your interaction with third-party websites is entirely at your own discretion and risk. Wesoftek disclaims any liability arising from your use of or reliance on third-party content, and we shall not be held responsible for any loss, damage, or consequences resulting from the actions, omissions, or policies of such external platforms.

9. International Data Transfers

Your personal data may, at times, be transferred to or processed in countries outside India. When such cross-border transfers occur, Wesoftek Solutions Pvt. Ltd. ensures that your information remains protected through appropriate legal, contractual, and technical safeguards. These measures may include data protection agreements, standard contractual clauses, and ensuring that the receiving entity upholds privacy and security standards comparable to those required under the DPDP Act and other applicable laws. Regardless of the destination country, we remain responsible for ensuring that your data is handled securely, lawfully, and with the same level of protection expected under Indian and internationally recognized data protection frameworks.

10. Changes to This Privacy Policy

Wesoftek Solutions Pvt. Ltd. reserves the right to revise, modify, or amend this Privacy Policy at any time to reflect changes in our business practices, technological advancements, legal requirements, or regulatory updates. Any modifications made to this Policy will be posted directly on this page, along with an updated “Last Revised” date to ensure full transparency. We encourage you to review this Privacy Policy periodically so that you remain informed about how your personal information is being handled. Your continued access to or use of our website following the posting of any changes will constitute your acknowledgment and acceptance of the updated Policy. If any material changes significantly affect the manner in which your personal data is processed, we may take additional steps to notify you as required under applicable laws.

11. Contact Us / Grievance Redressal

If you have questions or complaints regarding this Privacy Policy, contact:

Wesoftek Solutions Pvt. Ltd.

Grievance Officer / Data Protection Officer (DPO): Rishabh Ranjan Pathak

Email: hello@wesoftek.com

Phone: +91-9717146330

Registered Address: Unit No 105, First Floor, Iris Tech Park, Sector 48, Sohna Road, Gurgaon, Haryana, India, 122018.