Privacy Policy

Last updated: January 2026

1. Introduction

Myriadcara ("Company", "we", "our", or "us") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our cloud infrastructure, DevOps, and cybersecurity services.

This policy is compliant with the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and the Digital Personal Data Protection Act, 2023 of India.

2. Information We Collect

We collect the following types of information:

Personal Information

  • Name, email address, phone number, and business contact details
  • Company name, designation, and business address
  • Billing information and payment details
  • Government-issued identification (for KYC compliance where required)

Technical Information

  • IP addresses and device information
  • Browser type and version
  • Usage patterns and access logs
  • Infrastructure and system configuration data (for managed services)

Communications

  • Email correspondence and support tickets
  • Meeting notes and project documentation
  • Feedback and testimonials (with your consent)

3. How We Use Your Information

We use the collected information for the following purposes:

  • To provide and maintain our services
  • To process transactions and send billing information
  • To communicate about service updates, security alerts, and support
  • To improve our services and develop new features
  • To comply with legal obligations and regulatory requirements
  • To protect against fraudulent or unauthorized activity
  • To respond to inquiries and provide customer support

4. Legal Basis for Processing

Under Indian law, we process your personal data based on the following legal grounds:

  • Contract: Processing necessary for the performance of our service agreement
  • Consent: Where you have given explicit consent for specific processing
  • Legal Obligation: Processing required by Indian law or regulation
  • Legitimate Interest: Processing for our legitimate business interests, balanced against your rights

5. Data Sharing and Disclosure

We may share your information with:

  • Service Providers: Third-party vendors who assist in service delivery (bound by confidentiality agreements)
  • Cloud Partners: AWS, GCP, Azure for infrastructure services (under their respective privacy policies)
  • Legal Authorities: When required by Indian law, court order, or government request
  • Business Transfers: In connection with merger, acquisition, or sale of assets

We do not sell your personal information to third parties.

6. Data Security

We implement appropriate technical and organizational security measures to protect your personal data, including:

  • Encryption of data in transit (TLS 1.2+) and at rest (AES-256)
  • Access controls and role-based permissions
  • Regular security audits and vulnerability assessments
  • Employee training on data protection practices
  • Incident response procedures and breach notification protocols

These measures comply with the reasonable security practices specified under Indian IT law.

7. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable law. Specific retention periods:

  • Active client data: Duration of service engagement plus 3 years
  • Financial records: 8 years (as required by Indian tax law)
  • Contact inquiries: 2 years from last interaction
  • Website logs: 90 days

8. Your Rights

Under Indian data protection law, you have the following rights:

  • Right to Access: Request a copy of your personal data
  • Right to Correction: Request correction of inaccurate data
  • Right to Erasure: Request deletion of your data (subject to legal retention requirements)
  • Right to Withdraw Consent: Withdraw consent for processing where applicable
  • Right to Grievance Redressal: Lodge complaints about data processing

To exercise any of these rights, please contact our Grievance Officer at the email provided below.

9. Cross-Border Data Transfers

In the course of providing our services, your data may be transferred to and stored in countries outside India (including cloud regions in the US, EU, and Singapore). We ensure that such transfers comply with applicable Indian law and that appropriate safeguards are in place, including contractual protections with our service providers.

10. Cookies and Tracking

Our website uses cookies and similar technologies to enhance your experience. We use:

  • Essential cookies: Required for website functionality
  • Analytics cookies: To understand how visitors use our site
  • Preference cookies: To remember your settings (e.g., theme preference)

You can control cookie preferences through your browser settings.

11. Children's Privacy

Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will take steps to delete such information promptly.

12. Policy Updates

We may update this Privacy Policy from time to time. Material changes will be notified via email or a prominent notice on our website at least thirty (30) days before they take effect. We encourage you to review this policy periodically.

13. Grievance Officer

In accordance with the Information Technology Act, 2000 and rules thereunder, Myriadcara has appointed a Grievance Officer. For any privacy-related concerns, complaints, or to exercise your data rights, please contact:

Grievance Officer

Myriadcara

operations@myriadcara.com

Response time: Within 30 days of receiving the complaint