Privacy Policy

🔒 PRIVACY POLICY

Effective Date: July 5, 2025
Company Name: Prodat IT Solutions
Website: https://prodatit.com/
Location: Bangalore, India
Contact: reach@prodatit.com

1. INTRODUCTION

Prodat (“we”, “our”, or “us”) is committed to protecting your personal data and your privacy. This Privacy Policy outlines how we collect, use, process, store, share, and protect information when you interact with our website, services, applications, and team members.

This policy applies to all individuals who access our site or use our services—including clients, partners, vendors, job applicants, and users located in India, the European Union (EU), the United States (under CCPA), and elsewhere globally.

We adhere to the highest standards of data protection as mandated by the Digital Personal Data Protection Act, 2023 (DPDP), Information Technology Act, 2000 (IT Act), General Data Protection Regulation (GDPR), and California Consumer Privacy Act (CCPA).

2. TYPES OF INFORMATION WE COLLECT

We may collect and process the following categories of information:

a. Personally Identifiable Information (PII):

• Full name, phone number, email address, company name, designation

• Billing and mailing address

• Government-issued IDs (if required for regulatory compliance)

b. Professional or Business Data:

• Documents shared for financial, RCM, HR, or automation services

• User account credentials (for client portals or access to reports)

c. Technical & Usage Data:

• IP address, device information, browser type, session duration

• Pages visited, user interactions, referring URLs

• Cookies and web beacons for analytics and personalization

d. Sensitive Personal Data (if applicable):

• Financial documents

• Employee data for HR/payroll

• Healthcare billing data (for RCM services), governed under strict confidentiality

3. HOW WE USE YOUR INFORMATION

Your information is used for the following purposes:

• To provide requested services (accounting, HR, RCM, support)

• To establish and maintain client relationships

• To improve our products, services, and platform features

• To respond to inquiries, troubleshoot issues, or follow up on conversations

• To send service-related messages and, where permitted, marketing content

• To comply with legal obligations, audits, and regulations

• To detect, investigate, and prevent security breaches or fraud

4. LEGAL BASES FOR PROCESSING

Under GDPR, we rely on the following lawful bases:

• Consent (for marketing or optional data collection)

• Contractual necessity (to fulfill service agreements)

• Legal obligations (tax, compliance, regulatory requirements)

• Legitimate interest (service optimization, business development)

You may withdraw consent at any time by contacting us at reach@prodatit.com.

5. COOKIES & TRACKING TECHNOLOGIES

We use cookies and similar technologies for:

• Site navigation and session management

• Analytics (Google Analytics, Hotjar, etc.)

• Personalization and content delivery

• Security and spam prevention

You can manage cookies via your browser settings or opt-out using any cookie banners we deploy.

6. DATA SHARING & THIRD PARTIES

We do not sell your personal data.

We may share data with trusted third parties for:

• Cloud hosting and data storage (e.g., AWS, Google Cloud)

• Payment processors (for invoicing, where applicable)

• Compliance and audit firms

• Communication tools (CRM, email platforms)

• Legal or regulatory authorities (if required by law)

All third parties are contractually bound to confidentiality and security obligations.

7. DATA RETENTION

We retain personal data only for as long as necessary to fulfill the purposes outlined in this Policy, including:

• The duration of our contractual relationship

• Legal, tax, and compliance record-keeping (typically 7 years)

• As required by DPDP, GDPR, or local data retention laws

8. YOUR RIGHTS

Depending on your jurisdiction, you have the following rights:

• Access your data and receive a copy

• Correct inaccurate or outdated information

• Delete your data (“Right to be forgotten”)

• Object to specific types of processing (e.g., profiling or direct marketing)

• Restrict or limit use of your data

• Port your data to another provider (EU only)

• File a complaint with a supervisory authority

9. CROSS-BORDER DATA TRANSFERS

If you are located outside India, your data may be transferred to our servers in India or other countries where we or our partners operate.

We ensure adequate data protection safeguards such as:

• Standard Contractual Clauses (GDPR)

• DPDP cross-border transfer mechanisms

• Encryption and pseudonymization where required

10. SECURITY MEASURES

We employ industry-standard security practices including:

• SSL/TLS encryption

• Role-based access control

• Data backup and recovery systems

• Secure user authentication

• Regular audits and penetration tests

11. GRIEVANCE REDRESSAL

For concerns, complaints, or rights requests under Indian or international laws:

Grievance Officer: [To Be Updated]
📧 Email: reach@prodatit.com
📍 Location: Bangalore, India
🕒 We respond to all data protection queries within 7 business days

12. CHANGES TO THIS POLICY

We may update this Privacy Policy to reflect changes in our practices or regulations. Updates will be posted at:
👉 https://prodatit.com/privacy-policy/