Privacy Policy

Nexbyte Technologies is a software, web and cloud solutions provider based in Ahmedabad, Gujarat, India. For the purposes of the DPDP Act, we act as a Data Fiduciary in respect of the personal data we determine the purpose and means of processing. If you have any questions about this policy, you can reach us at hello@nexbyte.com.

We collect information that you provide directly to us, and information collected automatically when you use our website:

• Information you provide: name, email address, company name, phone number, project details and any other information you share through our contact form, by email, or during an engagement.
• Automatically collected data: IP address, browser type and version, device and operating system information, referring URLs, pages visited, and usage patterns, gathered through cookies and similar technologies.
• Communications: records of your correspondence with us so we can respond to and manage your enquiries.

We do not intentionally collect sensitive personal data unless it is strictly necessary for an engagement and you have provided it to us with your consent.

We use the personal data we collect to:

• Respond to your enquiries and provide the services you request;
• Prepare proposals, estimates, statements of work and project roadmaps;
• Operate, maintain, secure and improve our website and services;
• Send service-related communications, and marketing updates where you have opted in;
• Carry out billing, accounting and record-keeping; and
• Detect, prevent and address fraud, security incidents and other unlawful activity, and comply with our legal obligations.

Under the DPDP Act, we process your personal data on the basis of your consent or for certain legitimate uses permitted by law (such as responding to a request you have voluntarily made, or complying with a legal obligation). Where we rely on consent, you may withdraw it at any time — see "Your Rights" below — and withdrawal will not affect the lawfulness of processing carried out before withdrawal.

If you are located in the European Economic Area or the United Kingdom, where applicable we process personal data under the GDPR on the basis of your consent, our legitimate interests, the performance of a contract with you, or to comply with a legal obligation.

We use cookies and similar technologies to operate the site, remember your preferences and understand how visitors use our pages. This may include third-party analytics tools (such as Google Analytics) that set their own cookies and process usage data on our behalf. You can control cookies through your browser settings. Please see our Cookie Policy for full details.

We do not sell your personal data. We may share it only with:

• Data Processors who help us operate our business (for example, hosting, cloud infrastructure, email, analytics and payment providers), under contractual confidentiality and data-protection obligations;
• Authorities and regulators where required by law, court order, or to establish, exercise or defend legal claims and protect our rights; and
• A successor entity in connection with a merger, acquisition or reorganisation, subject to this policy.

We may use service providers located outside India. Where personal data is transferred across borders, we take reasonable steps to ensure it is handled securely and in accordance with applicable law and any transfer restrictions notified by the Government of India under the DPDP Act.

We retain personal data only for as long as necessary to fulfil the purposes described in this policy, including to provide our services, comply with our legal, tax and accounting obligations, resolve disputes and enforce our agreements. When data is no longer required, we securely delete or anonymise it.

We implement reasonable security practices and procedures consistent with the IT Act, 2000 and applicable rules — including encryption in transit, access controls, and regular backups — to protect your personal data against unauthorised access, alteration, disclosure or destruction. However, no method of transmission over the internet or electronic storage is completely secure, and we cannot guarantee absolute security.

Subject to applicable law, as a Data Principal you have the right to:

• Access a summary of the personal data we process about you;
• Request correction, completion, updating or erasure of your personal data;
• Withdraw your consent at any time;
• Nominate another individual to exercise your rights in the event of death or incapacity; and
• Have your grievances addressed through our grievance redressal mechanism.

To exercise any of these rights, contact us at hello@nexbyte.com. We may need to verify your identity before acting on your request.

Our website and services are intended for businesses and individuals aged 18 and above. Consistent with the DPDP Act, we do not knowingly process the personal data of a child (a person under 18 years of age) without verifiable consent of a parent or lawful guardian. If you believe a child has provided us personal data, please contact us so we can take appropriate action.

In accordance with the DPDP Act and the Information Technology Act, 2000 and rules thereunder, you may contact our Grievance Officer with any concern or complaint regarding the processing of your personal data:

• Name: [Grievance Officer Name]
• Entity: Nexbyte Technologies
• Email: hello@nexbyte.com
• Address: [Registered office address], Ahmedabad, Gujarat, India

We will acknowledge and respond to your grievance within the timelines prescribed under applicable law.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology or legal requirements. Material changes will be posted on this page with an updated revision date. Your continued use of the website after changes take effect constitutes acceptance of the updated policy.

If you have questions about this Privacy Policy or how we handle your personal data, please contact us at hello@nexbyte.com.