Privacy Policy

1. Introduction

GRAIT Cloud ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our cloud infrastructure services.

2. Information We Collect

2.1 Information You Provide

We collect information that you voluntarily provide when you:

• Register for an account (name, email, company details)
• Set up billing information (GST, PAN, address)
• Contact our support team
• Subscribe to our newsletters or marketing communications

2.2 Automatically Collected Information

When you use our services, we automatically collect:

• IP addresses and device information
• Browser type and version
• Usage data and service metrics
• Log files and error reports
• Cookies and similar tracking technologies

2.3 Customer Data

We process customer data that you store on our infrastructure. We act as a data processor and you remain the data controller for this information.

3. How We Use Your Information

We use the collected information for:

• Providing and maintaining our services
• Processing payments and generating invoices
• Sending service notifications and updates
• Providing customer support
• Improving our services and developing new features
• Detecting and preventing fraud and security threats
• Complying with legal obligations
• Sending marketing communications (with your consent)

4. Data Sharing and Disclosure

We do not sell your personal information. We may share your information with:

• Service Providers: Third-party vendors who help us operate our services
• Payment Processors: To process billing and payments
• Legal Requirements: When required by law or to protect our rights
• Business Transfers: In connection with mergers or acquisitions

5. Data Security

We implement industry-standard security measures to protect your information:

• Encryption of data in transit and at rest
• Regular security audits and penetration testing
• Access controls and authentication mechanisms
• Employee training on data protection
• Incident response and disaster recovery plans

6. Data Retention

We retain your information for as long as necessary to:

• Provide our services to you
• Comply with legal obligations (e.g., tax records for 7 years)
• Resolve disputes and enforce our agreements

You may request deletion of your data at any time, subject to legal retention requirements.

7. Your Rights

Under applicable data protection laws, you have the right to:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate or incomplete data
• Erasure: Request deletion of your data
• Portability: Receive your data in a structured format
• Objection: Object to processing of your data
• Restriction: Request restriction of processing
• Withdraw Consent: Withdraw consent for marketing communications

8. Cookies and Tracking

We use cookies and similar technologies to:

• Maintain your session and preferences
• Analyze usage patterns and improve our services
• Provide personalized content
• Measure marketing campaign effectiveness

You can control cookies through your browser settings.

9. International Data Transfers

Your data is primarily stored in India. If we transfer data internationally, we ensure appropriate safeguards are in place to protect your information.

10. Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or through our service dashboard. Continued use of our services after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us:

13. Compliance

We comply with applicable data protection laws including:

• Information Technology Act, 2000 (India)
• Information Technology (Reasonable Security Practices) Rules, 2011
• General Data Protection Regulation (GDPR) for EU customers