🔒 Your Privacy Matters

Privacy Policy

We are committed to protecting your privacy and personal information. This policy explains how we collect, use, store, and safeguard your data in full compliance with GDPR and Indian data protection laws.

📅 Last Updated: April 07, 2026
🛡️ GDPR & IT Act Compliant
SSL Encrypted

Quick Summary — Your Privacy Rights

We believe in transparency. Here's what you need to know at a glance:

We Collect Minimal Data
Only essential information needed to provide our services
🔒
Your Data is Secure
Industry-standard encryption and security measures
🚫
No Data Selling
We never sell your personal information to third parties
👤
You Control Your Data
Access, modify, or delete your information anytime

📋 Table of Contents

1 Introduction

Welcome to the Privacy Policy of Debasis Bhattacharjee (hereinafter referred to as "we," "us," or "our"). This Privacy Policy governs the collection, use, storage, and protection of personal information obtained through our website debasisbhattacharjee.com and all related services.

We are committed to protecting your privacy and ensuring the security of your personal information in accordance with:

  • The General Data Protection Regulation (GDPR) - EU Regulation 2016/679
  • The Information Technology Act, 2000 and its amendments
  • The Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011
  • All applicable Indian data protection laws and regulations

By using our website and services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with this policy, please do not use our services.

📢 Important Notice

This Privacy Policy is a legally binding agreement. Your continued use of our services after any changes to this policy constitutes your acceptance of such changes.

2 Information We Collect

We collect different types of information to provide and improve our services. The information we collect includes:

2.1 Information You Provide Directly

This includes information you voluntarily provide when you:

  • Create an account: Name, email address, password, phone number
  • Make a purchase: Billing information, payment details, shipping address
  • Contact us: Name, email, phone number, message content
  • Subscribe to newsletters: Email address, preferences
  • Use our services: Project details, requirements, specifications
  • Leave reviews or feedback: Name, ratings, comments

2.2 Information Collected Automatically

When you visit our website, we automatically collect certain information:

Data TypeDescriptionPurpose
Device InformationIP address, browser type, operating system, device IDSecurity, analytics, optimization
Usage DataPages visited, time spent, clicks, scrolling behaviorImprove user experience
Location DataApproximate geographic location based on IPContent personalization
Cookies & SimilarSession data, preferences, authentication tokensFunctionality, personalization
Referral InformationSource of traffic, referring websitesMarketing analytics

2.3 Information from Third Parties

  • Payment Processors: Transaction confirmations, payment status
  • Social Media Platforms: Public profile information (if you connect via social login)
  • Analytics Providers: Aggregated usage statistics
  • Marketing Partners: Campaign performance data (anonymized)

2.4 Sensitive Personal Data

Under the Indian IT Act, certain types of data are classified as "Sensitive Personal Data or Information" (SPDI). We collect SPDI only when necessary and with your explicit consent:

  • Financial information (bank account, credit/debit card details) - Only through secure payment gateways
  • Biometric information - We do NOT collect this
  • Physical, physiological, and mental health condition - Only if relevant to services
  • Sexual orientation - We do NOT collect this
  • Medical records - Only if you share them for project purposes
🔐 Data Minimization Principle

We follow the principle of data minimization and collect only the information that is strictly necessary to provide our services. We do not collect excessive or irrelevant personal data.

3 How We Use Your Information

We use the collected information for the following purposes:

3.1 Service Provision & Improvement

  • To create and manage your account
  • To process orders, transactions, and payments
  • To deliver products and services you've requested
  • To provide customer support and respond to inquiries
  • To improve and optimize our website functionality
  • To develop new features and services
  • To personalize your experience

3.2 Communication

  • To send transactional emails (order confirmations, invoices, receipts)
  • To send service-related notifications and updates
  • To respond to your questions and requests
  • To send newsletters and marketing communications (with your consent)
  • To inform you about new products, services, and offers
  • To conduct surveys and gather feedback

3.3 Security & Fraud Prevention

  • To verify your identity and prevent unauthorized access
  • To detect and prevent fraudulent activities
  • To protect against security threats and cyber attacks
  • To ensure compliance with our Terms of Service
  • To investigate and resolve disputes

3.4 Analytics & Research

  • To analyze usage patterns and trends
  • To measure the effectiveness of our marketing campaigns
  • To conduct market research and competitive analysis
  • To generate statistical reports (anonymized data)
  • To improve our business operations

3.5 Legal & Compliance

  • To comply with applicable laws and regulations
  • To respond to legal requests and court orders
  • To enforce our Terms of Service and other agreements
  • To protect our rights, property, and safety
  • To maintain necessary business records

3.6 Legal Basis for Processing (GDPR)

Under GDPR, we process your personal data based on the following legal grounds:

  • Consent: You have given explicit consent for specific purposes
  • Contract Performance: Processing is necessary to fulfill our contractual obligations
  • Legal Obligation: We must comply with legal requirements
  • Legitimate Interest: Processing is necessary for our legitimate business interests
  • Vital Interest: Processing is necessary to protect someone's life (rare cases)

4 Data Sharing & Disclosure

We do not sell, rent, or trade your personal information to third parties. However, we may share your data in the following circumstances:

4.1 Service Providers

We may share information with trusted third-party service providers who assist us in operating our business:

  • Payment Processors: To process transactions (Razorpay, PayPal, Stripe, etc.)
  • Email Service Providers: To send emails and newsletters
  • Cloud Storage Providers: To store data securely
  • Analytics Services: To analyze website performance (Google Analytics, etc.)
  • Customer Support Tools: To provide better support
  • Marketing Platforms: To manage campaigns (with your consent)

All third-party service providers are contractually bound to protect your data and use it only for the specified purposes.

4.2 Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, your personal information may be transferred to the acquiring entity. We will notify you of any such change.

4.3 Legal Requirements

We may disclose your information if required by law or in response to:

  • Court orders, subpoenas, or legal processes
  • Government or law enforcement requests
  • Investigations related to fraud or illegal activities
  • Protection of our legal rights and safety
  • Emergency situations involving threats to life or safety

4.4 With Your Consent

We may share your information with third parties if you have given explicit consent for specific purposes.

4.5 Aggregated & Anonymized Data

We may share aggregated, anonymized, or de-identified data that cannot be used to identify you personally for industry research, marketing, and statistical analysis.

🚫 No Data Selling

We do NOT sell your personal information to third parties for marketing purposes. Your trust is our priority, and we will never monetize your personal data.

5 Data Security

We implement industry-standard security measures to protect your personal information from unauthorized access, alteration, disclosure, or destruction.

5.1 Technical Security Measures

  • SSL/TLS Encryption: All data transmitted between your browser and our servers is encrypted using 256-bit SSL/TLS
  • Secure Data Storage: Personal data is stored on secure servers with restricted access
  • Firewall Protection: Network-level firewalls prevent unauthorized access
  • Regular Security Audits: We conduct periodic security assessments and vulnerability scans
  • Intrusion Detection Systems: Automated monitoring for suspicious activities
  • Data Backup: Regular backups to prevent data loss
  • Access Controls: Role-based access restrictions for internal team members

5.2 Organizational Security Measures

  • Employee Training: Regular training on data protection and security best practices
  • Confidentiality Agreements: All employees sign NDAs and confidentiality agreements
  • Access Logging: All access to personal data is logged and monitored
  • Incident Response Plan: Procedures in place to handle data breaches
  • Third-Party Audits: Regular assessments by external security experts

5.3 Password Security

  • Passwords are stored using strong cryptographic hashing (bcrypt/Argon2)
  • We enforce strong password policies
  • Multi-factor authentication (MFA) available for enhanced security
  • Password reset procedures with email verification

5.4 Payment Security

We do not store complete credit/debit card information on our servers. All payment processing is handled by PCI DSS compliant payment gateways (Razorpay, PayPal, Stripe). Card details are tokenized and encrypted during transmission.

5.5 Data Breach Notification

In the unlikely event of a data breach that affects your personal information:

  • We will notify affected users within 72 hours of discovery (GDPR requirement)
  • We will inform relevant authorities as required by law
  • We will provide details about the breach and steps we're taking
  • We will offer guidance on protecting yourself
⚠️ Your Responsibility

While we implement robust security measures, no method of transmission over the internet is 100% secure. You are responsible for keeping your password confidential, logging out after using shared computers, notifying us immediately of any unauthorized access, and using secure networks when accessing our services.

6 Cookies & Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our website.

6.1 What Are Cookies?

Cookies are small text files stored on your device when you visit a website. They help websites remember your preferences and improve functionality.

6.2 Types of Cookies We Use

Cookie TypePurposeDuration
Essential CookiesRequired for basic website functionality, authentication, securitySession / Persistent
Performance CookiesCollect anonymous usage data to improve site performanceUp to 2 years
Functionality CookiesRemember your preferences (language, region, settings)Up to 1 year
Marketing CookiesTrack your browsing for personalized advertising (with consent)Up to 1 year
Analytics CookiesAnalyze how visitors use the website (Google Analytics, etc.)Up to 2 years

6.3 Third-Party Cookies

  • Google Analytics: Website traffic analysis
  • Facebook Pixel: Ad targeting and conversion tracking
  • YouTube: Embedded video content
  • Social Media Plugins: Share buttons and widgets

6.4 Managing Cookies

  • Browser Settings: Most browsers allow you to refuse or delete cookies
  • Cookie Consent Banner: Manage preferences when you first visit our site
  • Opt-Out Tools: Use browser extensions like Privacy Badger or Ghostery
  • Google Analytics Opt-Out: Install the Google Analytics Opt-out Browser Add-on

Please note that disabling certain cookies may affect website functionality.

6.5 Other Tracking Technologies

  • Web Beacons (Pixels): Small invisible images used to track email opens and user behavior
  • Local Storage: HTML5 local storage for saving preferences
  • Session Storage: Temporary data storage during your browsing session
  • Device Fingerprinting: Collecting device characteristics for fraud prevention (minimal use)

6.6 Do Not Track (DNT)

Some browsers have a "Do Not Track" feature. Currently, there is no industry standard for responding to DNT signals. We continue to monitor developments and may implement DNT support in the future.

7 Your Privacy Rights

You have important rights regarding your personal data. We respect and facilitate these rights in accordance with GDPR and Indian data protection laws.

👁️
Right to Access
You have the right to request a copy of all personal data we hold about you. We will provide this information within 30 days.
✏️
Right to Rectification
You can request correction of inaccurate or incomplete personal information at any time.
🗑️
Right to Erasure
You can request deletion of your personal data ("right to be forgotten"), subject to legal obligations.
🚫
Right to Restrict Processing
You can request that we limit how we use your personal data in certain circumstances.
📤
Right to Data Portability
You can request your data in a structured, machine-readable format to transfer to another service.
Right to Object
You can object to processing based on legitimate interests or for direct marketing purposes.
🤖
Right to Withdraw Consent
If processing is based on consent, you can withdraw it at any time without affecting prior processing.
⚖️
Right to Lodge a Complaint
You have the right to file a complaint with the relevant data protection authority if you believe your rights have been violated.

7.1 How to Exercise Your Rights

  • Email: privacy@debasisbhattacharjee.com
  • Subject Line: "Privacy Rights Request - [Your Request Type]"
  • Required Information: Name, email address, account details (if applicable)

We will respond to your request within 30 days. In complex cases, we may extend this period by an additional 60 days with notification.

7.2 Verification Process

To protect your privacy, we will verify your identity before processing requests. We may ask for government-issued ID verification, confirmation of account ownership, or additional authentication steps.

7.3 Fees

Exercising your privacy rights is generally free of charge. However, we may charge a reasonable fee or refuse requests that are manifestly unfounded, excessive, repetitive, or clearly frivolous.

🇪🇺 GDPR Compliance

For users in the European Union (EU) and European Economic Area (EEA), we comply with the General Data Protection Regulation (GDPR) requirements:

Lawful Basis for Processing

  • Consent: For marketing communications and non-essential cookies
  • Contract: To fulfill our service agreements with you
  • Legal Obligation: To comply with laws and regulations
  • Legitimate Interest: For fraud prevention, security, and business operations

Data Protection Officer

  • Email: dpo@debasisbhattacharjee.com
  • Response Time: Within 30 days

Supervisory Authority

If you are not satisfied with our response, you have the right to lodge a complaint with your local data protection authority in the EU/EEA or the Information Commissioner's Office (ICO) in the UK.

International Data Transfers

When transferring data outside the EU/EEA, we ensure adequate protection through Standard Contractual Clauses (SCCs), adequacy decisions, and your explicit consent where required.

9 Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

9.1 Retention Periods

Data TypeRetention PeriodReason
Account InformationUntil account deletion + 30 daysService provision, legal obligations
Transaction Records7 yearsTax compliance, accounting
Marketing DataUntil consent withdrawal + 90 daysMarketing communications
Support Tickets3 yearsCustomer service, quality assurance
Website Analytics26 monthsBusiness analysis
CCTV FootageN/A - We don't collect-

9.2 Deletion Process

  • Data is securely deleted or anonymized beyond recovery
  • Backups containing old data are overwritten within 90 days
  • Physical records are shredded
  • Electronic data is permanently erased using secure deletion methods

9.3 Legal Holds

We may retain data beyond standard retention periods if required by law, subject to ongoing litigation, necessary to protect our legal rights, or part of a government or regulatory inquiry.

10 Children's Privacy

Our services are not directed to children under the age of 18 years, and we do not knowingly collect personal information from minors.

10.1 Age Restriction

  • You must be at least 18 years old to use our services
  • We do not knowingly collect data from individuals under 18
  • If we discover that we have collected data from a minor, we will delete it immediately

10.2 Parental Rights

If you are a parent or guardian and believe that your child has provided us with personal information, contact us immediately at privacy@debasisbhattacharjee.com with proof of guardianship and we will promptly delete the information.

10.3 Educational Content

  • Minors must have parental consent to access services
  • Parents/guardians are responsible for supervising minors' use
  • We recommend parental controls and monitoring tools
👨‍👩‍👧‍👦 Important Notice for Parents

We take children's privacy seriously. If you suspect that your child has created an account or shared personal information with us, please contact us immediately so we can take appropriate action.

11 International Data Transfers

Your personal information may be transferred to, stored, and processed in countries other than your country of residence.

11.1 Data Location

  • India (primary location)
  • We may use cloud services with servers in multiple countries
  • Third-party service providers may be located globally

11.2 Cross-Border Transfer Safeguards

  • Standard Contractual Clauses (SCCs): EU Commission-approved contracts
  • Adequacy Decisions: Transfers to countries deemed adequate by regulators
  • Data Processing Agreements: With all third-party processors
  • Privacy Shield: For US-based companies (where applicable)
  • Explicit Consent: When required by law

11.3 Your Rights

Regardless of where your data is processed, you retain all privacy rights described in this policy, data is subject to this Privacy Policy and applicable laws, and we maintain the same security standards globally.

11.4 Data Localization (India)

  • Critical personal data of Indian citizens is stored within India
  • We maintain a copy of sensitive data within India
  • Cross-border transfers comply with RBI and MEITY guidelines

12 Third-Party Services & Links

Our website may contain links to third-party websites, services, or applications. We are not responsible for the privacy practices of these third parties.

12.1 Third-Party Websites

  • Links to external websites are provided for convenience only
  • We do not endorse or control third-party websites
  • Third-party sites have their own privacy policies
  • We encourage you to review their privacy practices
  • We are not responsible for content or practices of linked sites

12.2 Third-Party Services We Use

  • Payment Processors: Razorpay, PayPal, Stripe
  • Email Services: SendGrid, Mailchimp
  • Analytics: Google Analytics, Hotjar
  • Social Media: Facebook, Twitter, LinkedIn plugins
  • Cloud Storage: AWS, Google Cloud, DigitalOcean
  • Customer Support: Zendesk, Intercom

12.3 Social Media Features

Our website includes social media features and widgets. These features may collect your IP address and browsing data, set cookies to enable proper functionality, and your interactions are governed by the social network's privacy policy.

12.4 Single Sign-On (SSO)

If you choose to log in using social media accounts, we receive limited profile information from the provider. You can control what information is shared through the provider's settings.

⚠️ Third-Party Responsibility

We carefully select third-party service providers and require them to protect your data. However, we cannot control their practices. Please review their privacy policies before sharing your information.

13 Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or services.

13.1 How We Notify You

  • We will update the "Last Updated" date at the top of this page
  • For material changes, we will send you an email notification
  • We may display a prominent notice on our website
  • You may be required to accept the updated policy to continue using services

13.2 What Constitutes Material Changes

  • New types of personal data collection
  • Significant changes to data use purposes
  • Changes to data sharing practices
  • Reduction in user privacy rights
  • Changes to data retention periods
  • New third-party data processors

13.3 Your Options

  • You can review the updated policy
  • You can accept the changes to continue using our services
  • You can contact us with questions or concerns
  • You can stop using our services if you disagree
  • You can request deletion of your data

13.4 Archival

We maintain an archive of previous versions of this Privacy Policy. You can request to view earlier versions by contacting us.

13.5 Effective Date

  • Immediately upon posting for non-material changes
  • 30 days after notification for material changes
  • Upon your acceptance if required

14 Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

14.1 General Privacy Inquiries

  • Email: privacy@debasisbhattacharjee.com
  • Response Time: Within 3-5 business days

14.2 Data Protection Officer (GDPR)

  • Email: dpo@debasisbhattacharjee.com
  • For: GDPR-related inquiries, rights requests

14.3 Data Security Concerns

  • Email: security@debasisbhattacharjee.com
  • For: Security vulnerabilities, data breaches, suspicious activity

14.4 Business Details

  • Business Name: Debmedia Technologies LLP
  • Proprietor: Debasis Bhattacharjee
  • Website: https://www.debasisbhattacharjee.com
  • Location: West Bengal, India
  • Support: support@debasisbhattacharjee.com

14.5 Regulatory Authorities

If you are not satisfied with our response to your privacy concerns, you may contact:

  • For India: Ministry of Electronics and Information Technology (MEITY)
  • For EU/EEA: Your local data protection authority
  • For UK: Information Commissioner's Office (ICO)

14.6 Legal Notices

  • Email: legal@debasisbhattacharjee.com
  • Subject: Mark as "LEGAL NOTICE" or "FORMAL REQUEST"
  • Include: Full details, contact information, and supporting documents
💬 We're Here to Help

Your privacy is important to us. If you have any questions or concerns about how we handle your personal information, please don't hesitate to reach out. We're committed to transparency and will respond to all inquiries promptly.

Questions About Your Privacy?

Our privacy team is here to address any concerns you may have about how we protect your personal information.

Contact Privacy Team