Privacy Policy
Tevrix Digital Solutions Private Limited
Effective Date: March 10, 2025
Last Updated: March 10, 2025
Version: 4.2 | Policy ID: PRIV-POL-2025-03
Executive Summary
This Privacy Policy governs the processing of personal data by Tevrix Digital Solutions Private Limited ("Company," "we," "us," "our") across our Software-as-a-Service (SaaS) platform, websites, and related services. We are committed to implementing privacy by design and by default principles in compliance with global data protection regulations including the GDPR, CCPA, PDPA, and India's Digital Personal Data Protection Act, 2023.
Clear disclosure of data processing activities
Enterprise-grade data protection measures
User-centric data management options
Table of Contents
Interpretation and Definitions
Core Definitions
Personal Data
Any information relating to an identified or identifiable natural person ('data subject'), including but not limited to name, identification number, location data, online identifier, or factors specific to physical, physiological, genetic, mental, economic, cultural, or social identity.
Processing
Any operation or set of operations performed on personal data, whether or not by automated means, including collection, recording, organization, structuring, storage, adaptation, retrieval, consultation, use, disclosure, dissemination, erasure, or destruction.
Data Controller
The natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
Services
Collectively refers to our SaaS platform (tevrixplatform.com), associated websites, mobile applications, APIs, developer tools, and related offerings provided by Tevrix Digital Solutions.
Supplementary Documentation
This Privacy Policy operates in conjunction with:
Data Controller and Representative Information
Primary Controller
Company Name
Tevrix Digital Solutions Private Limited
Registration Number
CIN U72900KA2023PTC182345
Registered Office
Level 14, Tower C, Prestige Tech Park
Marathahalli, Bangalore
Karnataka 560103, India
Tax Identification
GSTIN 29AAKCS1823A1Z5
Data Protection Officer (DPO)
Name
Ms. Priya Sharma
dpo@tevrixdigitalsolutions.com
Availability
Monday to Friday, 9:00 AM - 6:00 PM IST
EU/UK Representative (Article 27 GDPR)
For data subjects in the European Union and United Kingdom, our appointed representative is:
Global Privacy Solutions GmbH
Attn: Tevrix Digital Solutions EU Representative
Friedrichstraße 123, 10117 Berlin, Germany
Email: eu-representative@tevrixdigitalsolutions.com
Categories of Personal Data Processed
Comprehensive Data Inventory
Identity and Contact Data
Information establishing and authenticating your identity
- • Full legal name
- • Email address
- • Phone number
- • User account credentials
- • Job title and department
- • Company/organization details
- • Business email and phone
- • Professional qualifications
- • Government-issued ID (masked)
- • Proof of address documents
- • Tax identification numbers
- • Business registration details
Technical and Usage Data
Information collected automatically through your interaction with our Services
- IP address (anonymized where required)
- Browser type, version, and language settings
- Operating system and device type
- Screen resolution and display settings
- Network connection type and speed
- Pages visited and time spent
- Feature usage patterns and frequency
- Clickstream data and navigation paths
- Error logs and crash reports
- API request patterns and response times
Financial and Transactional Data
Information related to billing, payments, and commercial transactions
Secure Note: We use tokenized payment processing and do not store raw credit card numbers on our servers.
- • Billing address and contact details
- • Company tax information
- • Purchase history and invoice records
- • Subscription tier and plan details
- • Transaction IDs and timestamps
- • Payment method preferences
- • Currency and exchange rate information
- • Refund and credit history
- • Contractual agreement records
Content and Communication Data
Information you voluntarily provide through platform interactions
Important: We do not intentionally collect special category data (sensitive personal data). Users are advised not to upload or share sensitive information through our platform.
- • Project data and workspace content
- • File uploads and document storage
- • Comments, annotations, and feedback
- • Custom configurations and templates
- • Support ticket conversations
- • Email correspondence with our team
- • Chat transcripts (with consent)
- • Survey responses and feedback
Legal Basis for Processing
GDPR Compliance Framework
| Processing Activity | Legal Basis (GDPR Article 6) | Data Category | Consent Management |
|---|---|---|---|
| Account creation and user authentication | Performance of contract (1)(b) | Identity Data | Required during signup |
| Service delivery and platform functionality | Performance of contract (1)(b) | Technical Data | Implied through usage |
| Payment processing and billing | Performance of contract (1)(b) | Financial Data | Required for paid services |
| Customer support and communication | Legitimate interests (1)(f) | Communication Data | Optional for marketing |
| Platform analytics and improvement | Legitimate interests (1)(f) | Usage Data | Granular opt-in available |
| Marketing communications | Consent (1)(a) | Contact Data | Explicit opt-in required |
| Security monitoring and fraud prevention | Legal obligation (1)(c) | Technical Data | Not applicable |
| Compliance with legal requirements | Legal obligation (1)(c) | Various | Not applicable |
Legitimate Interests Assessment
Where we rely on legitimate interests, we conduct a formal balancing test considering:
- Purpose necessity and proportionality
- Impact on data subject rights
- Data minimization and protection measures
- Transparency and control mechanisms
Withdrawal of Consent
You may withdraw consent for processing activities based on consent at any time:
Note: Withdrawal does not affect the lawfulness of processing based on consent before its withdrawal.
Data Subject Rights and Exercise Procedures
Comprehensive Rights Framework
Under applicable data protection laws including GDPR, CCPA/CPRA, and India's DPDP Act, you have specific rights regarding your personal data. We are committed to facilitating the exercise of these rights.
Right of Access
Response time: 30 days
Obtain confirmation and copy of personal data being processed
Right to Rectification
Response time: 30 days
Request correction of inaccurate or incomplete data
Right to Erasure
Response time: 30 days
Request deletion of personal data under certain conditions
Right to Restriction
Response time: Immediate
Limit processing of data in specific circumstances
Right to Data Portability
Response time: 30 days
Receive data in structured, commonly used format
Right to Object
Response time: 30 days
Object to processing based on legitimate interests
Right to Withdraw Consent
Response time: Immediate
Withdraw previously given consent at any time
Right to Non-Discrimination (CCPA)
Response time: N/A
Not be discriminated against for exercising rights
Right to Lodge Complaint
Response time: N/A
File complaint with supervisory authority
Rights Exercise Procedure
Step 1: Identity Verification
Access through authenticated account
For sensitive requests
Government-issued ID for third-party requests
Step 2: Request Submission
- Privacy Dashboard within platform
- Email to privacy@tevrixdigitalsolutions.com
- API endpoints for automated requests
- Postal mail to registered office
- In-person appointment (scheduled)
- Designated request forms
Step 3: Response Timeline
Request Received
Day 0
Verification
Day 1-3
Processing
Day 4-20
Response
Day 21-30
Contact Information and Complaints
Primary Contact Channels
Data Protection Officer
dpo@tevrixdigitalsolutions.com
Privacy Team
privacy@tevrixdigitalsolutions.com
General Support
support@tevrixdigitalsolutions.com
Telephone Support
India (Primary)
+91 80 4900 0000
International Toll-Free
+1 888 000 0000
Fax
+91 80 4900 0001
Emergency security incidents: 24/7 response
Physical Addresses
Registered Office
Tevrix Digital Solutions Private Limited
Level 14, Tower C, Prestige Tech Park
Marathahalli, Bangalore 560103
Karnataka, India
EU Representative
Global Privacy Solutions GmbH
Friedrichstraße 123
10117 Berlin, Germany
Regulatory Complaint Procedures
Supervisory Authorities
Data Protection Board of India
Ministry of Electronics & IT
New Delhi, India
Berlin Commissioner for Data Protection and Freedom of Information
Friedrichstraße 219, 10969 Berlin
Germany
Complaint Resolution Process
Internal Resolution Attempt
Contact our DPO for resolution within 30 days
Mediation Option
Voluntary mediation through certified privacy dispute resolution service
Regulatory Complaint
File complaint with relevant supervisory authority