🔒 Your Privacy Matters

Privacy Policy

We are committed to protecting your privacy and personal information. This policy explains how we collect, use, store, and safeguard your data in full compliance with GDPR and Indian data protection laws.

📅 Last Updated: February 21, 2026
🛡️ GDPR & IT Act Compliant
SSL Encrypted

Quick Summary - Your Privacy Rights

We believe in transparency. Here's what you need to know at a glance:

We Collect Minimal Data
Only essential information needed to provide our services
🔒
Your Data is Secure
Industry-standard encryption and security measures
🚫
No Data Selling
We never sell your personal information to third parties
👤
You Control Your Data
Access, modify, or delete your information anytime

📋 Table of Contents

1 Introduction

Welcome to the Privacy Policy of Debasis Bhattacharjee (hereinafter referred to as "we," "us," or "our"). This Privacy Policy governs the collection, use, storage, and protection of personal information obtained through our website debasisbhattacharjee.com and all related services.

We are committed to protecting your privacy and ensuring the security of your personal information in accordance with:

  • The General Data Protection Regulation (GDPR) - EU Regulation 2016/679
  • The Information Technology Act, 2000 and its amendments
  • The Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011
  • All applicable Indian data protection laws and regulations

By using our website and services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with this policy, please do not use our services.

📢 Important Notice

This Privacy Policy is a legally binding agreement. Your continued use of our services after any changes to this policy constitutes your acceptance of such changes.

2 Information We Collect

We collect different types of information to provide and improve our services. The information we collect includes:

2.1 Information You Provide Directly

This includes information you voluntarily provide when you:

  • Create an account: Name, email address, password, phone number
  • Make a purchase: Billing information, payment details, shipping address
  • Contact us: Name, email, phone number, message content
  • Subscribe to newsletters: Email address, preferences
  • Use our services: Project details, requirements, specifications
  • Leave reviews or feedback: Name, ratings, comments

2.2 Information Collected Automatically

When you visit our website, we automatically collect certain information:

Data Type Description Purpose
Device Information IP address, browser type, operating system, device ID Security, analytics, optimization
Usage Data Pages visited, time spent, clicks, scrolling behavior Improve user experience
Location Data Approximate geographic location based on IP Content personalization
Cookies & Similar Session data, preferences, authentication tokens Functionality, personalization
Referral Information Source of traffic, referring websites Marketing analytics

2.3 Information from Third Parties

We may receive information about you from third-party sources:

  • Payment Processors: Transaction confirmations, payment status
  • Social Media Platforms: Public profile information (if you connect via social login)
  • Analytics Providers: Aggregated usage statistics
  • Marketing Partners: Campaign performance data (anonymized)

2.4 Sensitive Personal Data

Under the Indian IT Act, certain types of data are classified as "Sensitive Personal Data or Information" (SPDI). We collect SPDI only when necessary and with your explicit consent:

  • Financial information (bank account, credit/debit card details) - Only through secure payment gateways
  • Biometric information - We do NOT collect this
  • Physical, physiological, and mental health condition - Only if relevant to services (e.g., health-related projects)
  • Sexual orientation - We do NOT collect this
  • Medical records - Only if you share them for project purposes
🔐 Data Minimization Principle

We follow the principle of data minimization and collect only the information that is strictly necessary to provide our services. We do not collect excessive or irrelevant personal data.

3 How We Use Your Information

We use the collected information for the following purposes:

3.1 Service Provision & Improvement

  • To create and manage your account
  • To process orders, transactions, and payments
  • To deliver products and services you've requested
  • To provide customer support and respond to inquiries
  • To improve and optimize our website functionality
  • To develop new features and services
  • To personalize your experience

3.2 Communication

  • To send transactional emails (order confirmations, invoices, receipts)
  • To send service-related notifications and updates
  • To respond to your questions and requests
  • To send newsletters and marketing communications (with your consent)
  • To inform you about new products, services, and offers
  • To conduct surveys and gather feedback

3.3 Security & Fraud Prevention

  • To verify your identity and prevent unauthorized access
  • To detect and prevent fraudulent activities
  • To protect against security threats and cyber attacks
  • To ensure compliance with our Terms of Service
  • To investigate and resolve disputes

3.4 Analytics & Research

  • To analyze usage patterns and trends
  • To measure the effectiveness of our marketing campaigns
  • To conduct market research and competitive analysis
  • To generate statistical reports (anonymized data)
  • To improve our business operations

3.5 Legal & Compliance

  • To comply with applicable laws and regulations
  • To respond to legal requests and court orders
  • To enforce our Terms of Service and other agreements
  • To protect our rights, property, and safety
  • To maintain necessary business records

3.6 Legal Basis for Processing (GDPR)

Under GDPR, we process your personal data based on the following legal grounds:

  • Consent: You have given explicit consent for specific purposes
  • Contract Performance: Processing is necessary to fulfill our contractual obligations
  • Legal Obligation: We must comply with legal requirements
  • Legitimate Interest: Processing is necessary for our legitimate business interests
  • Vital Interest: Processing is necessary to protect someone's life (rare cases)

4 Data Sharing & Disclosure

We do not sell, rent, or trade your personal information to third parties. However, we may share your data in the following circumstances:

4.1 Service Providers

We may share information with trusted third-party service providers who assist us in operating our business:

  • Payment Processors: To process transactions (Razorpay, PayPal, Stripe, etc.)
  • Email Service Providers: To send emails and newsletters
  • Cloud Storage Providers: To store data securely
  • Analytics Services: To analyze website performance (Google Analytics, etc.)
  • Customer Support Tools: To provide better support
  • Marketing Platforms: To manage campaigns (with your consent)

All third-party service providers are contractually bound to protect your data and use it only for the specified purposes.

4.2 Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, your personal information may be transferred to the acquiring entity. We will notify you of any such change.

4.3 Legal Requirements

We may disclose your information if required by law or in response to:

  • Court orders, subpoenas, or legal processes
  • Government or law enforcement requests
  • Investigations related to fraud or illegal activities
  • Protection of our legal rights and safety
  • Emergency situations involving threats to life or safety

4.4 With Your Consent

We may share your information with third parties if you have given explicit consent for specific purposes.

4.5 Aggregated & Anonymized Data

We may share aggregated, anonymized, or de-identified data that cannot be used to identify you personally. This data may be shared for:

  • Industry research and reports
  • Marketing and business development
  • Statistical analysis and benchmarking
🚫 No Data Selling

We do NOT sell your personal information to third parties for marketing purposes. Your trust is our priority, and we will never monetize your personal data.

5 Data Security

We implement industry-standard security measures to protect your personal information from unauthorized access, alteration, disclosure, or destruction.

5.1 Technical Security Measures

  • SSL/TLS Encryption: All data transmitted between your browser and our servers is encrypted using 256-bit SSL/TLS
  • Secure Data Storage: Personal data is stored on secure servers with restricted access
  • Firewall Protection: Network-level firewalls prevent unauthorized access
  • Regular Security Audits: We conduct periodic security assessments and vulnerability scans
  • Intrusion Detection Systems: Automated monitoring for suspicious activities
  • Data Backup: Regular backups to prevent data loss
  • Access Controls: Role-based access restrictions for internal team members

5.2 Organizational Security Measures

  • Employee Training: Regular training on data protection and security best practices
  • Confidentiality Agreements: All employees sign NDAs and confidentiality agreements
  • Access Logging: All access to personal data is logged and monitored
  • Incident Response Plan: Procedures in place to handle data breaches
  • Third-Party Audits: Regular assessments by external security experts

5.3 Password Security

  • Passwords are stored using strong cryptographic hashing (bcrypt/Argon2)
  • We enforce strong password policies
  • Multi-factor authentication (MFA) available for enhanced security
  • Password reset procedures with email verification

5.4 Payment Security

We do not store complete credit/debit card information on our servers. All payment processing is handled by:

  • PCI DSS Compliant payment gateways (Razorpay, PayPal, Stripe)
  • Card details are tokenized and encrypted during transmission
  • We only store transaction references, not card numbers

5.5 Data Breach Notification

In the unlikely event of a data breach that affects your personal information:

  • We will notify affected users within 72 hours of discovery (GDPR requirement)
  • We will inform relevant authorities as required by law
  • We will provide details about the breach and steps we're taking
  • We will offer guidance on protecting yourself
⚠️ Your Responsibility

While we implement robust security measures, please note that no method of transmission over the internet is 100% secure. You are responsible for:

  • Keeping your password confidential
  • Logging out after using shared computers
  • Notifying us immediately of any unauthorized access
  • Using secure networks when accessing our services

6 Cookies & Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our website.

6.1 What Are Cookies?

Cookies are small text files stored on your device when you visit a website. They help websites remember your preferences and improve functionality.

6.2 Types of Cookies We Use

Cookie Type Purpose Duration
Essential Cookies Required for basic website functionality, authentication, security Session / Persistent
Performance Cookies Collect anonymous usage data to improve site performance Up to 2 years
Functionality Cookies Remember your preferences (language, region, settings) Up to 1 year
Marketing Cookies Track your browsing for personalized advertising (with consent) Up to 1 year
Analytics Cookies Analyze how visitors use the website (Google Analytics, etc.) Up to 2 years

6.3 Third-Party Cookies

Some cookies are placed by third-party services that appear on our pages:

  • Google Analytics: Website traffic analysis
  • Facebook Pixel: Ad targeting and conversion tracking
  • YouTube: Embedded video content
  • Social Media Plugins: Share buttons and widgets

6.4 Managing Cookies

You have control over cookies:

  • Browser Settings: Most browsers allow you to refuse or delete cookies
  • Cookie Consent Banner: Manage preferences when you first visit our site
  • Opt-Out Tools: Use browser extensions like Privacy Badger or Ghostery
  • Google Analytics Opt-Out: Install the Google Analytics Opt-out Browser Add-on

Please note that disabling certain cookies may affect website functionality.

6.5 Other Tracking Technologies

  • Web Beacons (Pixels): Small invisible images used to track email opens and user behavior
  • Local Storage: HTML5 local storage for saving preferences
  • Session Storage: Temporary data storage during your browsing session
  • Device Fingerprinting: Collecting device characteristics for fraud prevention (minimal use)

6.6 Do Not Track (DNT)

Some browsers have a "Do Not Track" feature. Currently, there is no industry standard for responding to DNT signals. We continue to monitor developments and may implement DNT support in the future.

7 Your Privacy Rights

You have important rights regarding your personal data. We respect and facilitate these rights in accordance with GDPR and Indian data protection laws.

👁️
Right to Access
You have the right to request a copy of all personal data we hold about you. We will provide this information within 30 days.
✏️
Right to Rectification
You can request correction of inaccurate or incomplete personal information at any time.
🗑️
Right to Erasure
You can request deletion of your personal data ("right to be forgotten"), subject to legal obligations.
🚫
Right to Restrict Processing
You can request that we limit how we use your personal data in certain circumstances.
📤
Right to Data Portability
You can request your data in a structured, machine-readable format to transfer to another service.
Right to Object
You can object to processing based on legitimate interests or for direct marketing purposes.
🤖
Right to Withdraw Consent
If processing is based on consent, you can withdraw it at any time without affecting prior processing.
⚖️
Right to Lodge a Complaint
You have the right to file a complaint with the relevant data protection authority if you believe your rights have been violated.

7.1 How to Exercise Your Rights

To exercise any of these rights, please contact us at:

  • Email: privacy@debasisbhattacharjee.com
  • Subject Line: "Privacy Rights Request - [Your Request Type]"
  • Required Information: Name, email address, account details (if applicable)

We will respond to your request within 30 days. In complex cases, we may extend this period by an additional 60 days with notification.

7.2 Verification Process

To protect your privacy, we will verify your identity before processing requests. We may ask for:

  • Government-issued ID verification
  • Confirmation of account ownership
  • Additional authentication steps

7.3 Fees

Exercising your privacy rights is generally free of charge. However, we may charge a reasonable fee or refuse requests that are:

  • Manifestly unfounded or excessive
  • Repetitive in nature
  • Clearly frivolous

🇪🇺 GDPR Compliance

For users in the European Union (EU) and European Economic Area (EEA), we comply with the General Data Protection Regulation (GDPR) requirements:

Lawful Basis for Processing

We process your data based on:

  • Consent: For marketing communications and non-essential cookies
  • Contract: To fulfill our service agreements with you
  • Legal Obligation: To comply with laws and regulations
  • Legitimate Interest: For fraud prevention, security, and business operations

Data Protection Officer

For GDPR-related inquiries, you can contact our Data Protection Officer:

  • Email: dpo@debasisbhattacharjee.com
  • Response Time: Within 30 days

Supervisory Authority

If you are not satisfied with our response, you have the right to lodge a complaint with:

  • Your local data protection authority in the EU/EEA
  • The Information Commissioner's Office (ICO) in the UK

International Data Transfers

When transferring data outside the EU/EEA, we ensure adequate protection through:

  • Standard Contractual Clauses (SCCs) approved by the EU Commission
  • Adequacy decisions for certain countries
  • Your explicit consent where required

9 Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

9.1 Retention Periods

Data Type Retention Period Reason
Account Information Until account deletion + 30 days Service provision, legal obligations
Transaction Records 7 years Tax compliance, accounting
Marketing Data Until consent withdrawal + 90 days Marketing communications
Support Tickets 3 years Customer service, quality assurance
Website Analytics 26 months Business analysis
CCTV Footage N/A - We don't collect -

9.2 Deletion Process

When data is no longer needed:

  • It is securely deleted or anonymized beyond recovery
  • Backups containing old data are overwritten within 90 days
  • Physical records are shredded
  • Electronic data is permanently erased using secure deletion methods

9.3 Legal Holds

We may retain data beyond standard retention periods if:

  • Required by law or legal process
  • Subject to ongoing litigation or investigation
  • Necessary to protect our legal rights
  • Part of a government or regulatory inquiry

10 Children's Privacy

Our services are not directed to children under the age of 18 years, and we do not knowingly collect personal information from minors.

10.1 Age Restriction

  • You must be at least 18 years old to use our services
  • We do not knowingly collect data from individuals under 18
  • If we discover that we have collected data from a minor, we will delete it immediately

10.2 Parental Rights

If you are a parent or guardian and believe that your child has provided us with personal information:

  • Contact us immediately at privacy@debasisbhattacharjee.com
  • Provide proof of guardianship
  • We will promptly delete the information

10.3 Educational Content

While we offer educational content and training:

  • Minors must have parental consent to access services
  • Parents/guardians are responsible for supervising minors' use
  • We recommend parental controls and monitoring tools
👨‍👩‍👧‍👦 Important Notice for Parents

We take children's privacy seriously. If you suspect that your child has created an account or shared personal information with us, please contact us immediately so we can take appropriate action.

11 International Data Transfers

Your personal information may be transferred to, stored, and processed in countries other than your country of residence.

11.1 Data Location

Our primary servers and data storage facilities are located in:

  • India (primary location)
  • We may use cloud services with servers in multiple countries
  • Third-party service providers may be located globally

11.2 Cross-Border Transfer Safeguards

When transferring data internationally, we ensure adequate protection through:

  • Standard Contractual Clauses (SCCs): EU Commission-approved contracts
  • Adequacy Decisions: Transfers to countries deemed adequate by regulators
  • Data Processing Agreements: With all third-party processors
  • Privacy Shield: For US-based companies (where applicable)
  • Explicit Consent: When required by law

11.3 Your Rights

Regardless of where your data is processed:

  • You retain all privacy rights described in this policy
  • Data is subject to this Privacy Policy and applicable laws
  • We maintain the same security standards globally

11.4 Data Localization (India)

In compliance with Indian data protection requirements:

  • Critical personal data of Indian citizens is stored within India
  • We maintain a copy of sensitive data within India
  • Cross-border transfers comply with RBI and MEITY guidelines

12 Third-Party Services & Links

Our website may contain links to third-party websites, services, or applications. We are not responsible for the privacy practices of these third parties.

12.1 Third-Party Websites

  • Links to external websites are provided for convenience only
  • We do not endorse or control third-party websites
  • Third-party sites have their own privacy policies
  • We encourage you to review their privacy practices
  • We are not responsible for content or practices of linked sites

12.2 Third-Party Services We Use

We integrate with various third-party services:

  • Payment Processors: Razorpay, PayPal, Stripe
  • Email Services: SendGrid, Mailchimp
  • Analytics: Google Analytics, Hotjar
  • Social Media: Facebook, Twitter, LinkedIn plugins
  • Cloud Storage: AWS, Google Cloud, DigitalOcean
  • Customer Support: Zendesk, Intercom

Each of these services has its own privacy policy and data practices. Links to their privacy policies are available upon request.

12.3 Social Media Features

Our website includes social media features and widgets:

  • These features may collect your IP address and browsing data
  • They may set cookies to enable proper functionality
  • Your interactions are governed by the social network's privacy policy
  • We recommend reviewing their privacy practices

12.4 Single Sign-On (SSO)

If you choose to log in using social media accounts:

  • We receive limited profile information from the provider
  • You can control what information is shared through the provider's settings
  • This is subject to the provider's terms and privacy policy
⚠️ Third-Party Responsibility

We carefully select third-party service providers and require them to protect your data. However, we cannot control their practices. Please review their privacy policies before sharing your information.

13 Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or services.

13.1 How We Notify You

When we make changes to this policy:

  • We will update the "Last Updated" date at the top of this page
  • For material changes, we will send you an email notification
  • We may display a prominent notice on our website
  • You may be required to accept the updated policy to continue using services

13.2 What Constitutes Material Changes

Material changes include:

  • New types of personal data collection
  • Significant changes to data use purposes
  • Changes to data sharing practices
  • Reduction in user privacy rights
  • Changes to data retention periods
  • New third-party data processors

13.3 Your Options

After receiving notice of changes:

  • You can review the updated policy
  • You can accept the changes to continue using our services
  • You can contact us with questions or concerns
  • You can stop using our services if you disagree
  • You can request deletion of your data

13.4 Archival

We maintain an archive of previous versions of this Privacy Policy. You can request to view earlier versions by contacting us.

13.5 Effective Date

Any changes to this Privacy Policy will become effective:

  • Immediately upon posting for non-material changes
  • 30 days after notification for material changes
  • Upon your acceptance if required

14 Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

14.1 General Privacy Inquiries

  • Email: privacy@debasisbhattacharjee.com
  • Response Time: Within 3-5 business days

14.2 Data Protection Officer (GDPR)

  • Email: dpo@debasisbhattacharjee.com
  • For: GDPR-related inquiries, rights requests

14.3 Data Security Concerns

  • Email: security@debasisbhattacharjee.com
  • For: Security vulnerabilities, data breaches, suspicious activity

14.4 Business Details

  • Business Name: Debmedia Technologies LLP
  • Proprietor: Debasis Bhattacharjee
  • Website: https://www.debasisbhattacharjee.com
  • Location: West Bengal, India
  • Support: support@debasisbhattacharjee.com

14.5 Regulatory Authorities

If you are not satisfied with our response to your privacy concerns, you may contact:

  • For India: Ministry of Electronics and Information Technology (MEITY)
  • For EU/EEA: Your local data protection authority
  • For UK: Information Commissioner's Office (ICO)

14.6 Legal Notices

For legal notices, complaints, or formal requests:

  • Email: legal@debasisbhattacharjee.com
  • Subject: Mark as "LEGAL NOTICE" or "FORMAL REQUEST"
  • Include: Full details, contact information, and supporting documents
💬 We're Here to Help

Your privacy is important to us. If you have any questions or concerns about how we handle your personal information, please don't hesitate to reach out. We're committed to transparency and will respond to all inquiries promptly.

Questions About Your Privacy?

Our privacy team is here to address any concerns you may have about how we protect your personal information.

Contact Privacy Team