Privacy Policy

NITGENIUS Pvt Ltd ("we", "us", or "our") operates NITGENIUS (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our Service. We are committed to protecting your privacy and handling your data with transparency and care. By using the Service, you consent to the practices described in this policy.

We use the information we collect to:

• Provide, operate, and improve the Service

• Process transactions and send related information (receipts, invoices, notifications)

• Send administrative messages (account updates, security alerts, policy changes)

• Respond to support requests and troubleshoot issues

• Send marketing communications (with your consent, and you may opt out at any time)

• Monitor and analyse usage patterns to improve user experience

• Detect and prevent fraud, abuse, and security incidents

• Comply with legal obligations and enforce our Terms of Service

• Generate anonymised, aggregated analytics for business reporting

If you are located in the European Economic Area (EEA) or the United Kingdom, our legal bases for processing your personal data are:

• Contract: Processing necessary to perform our contract with you (providing the Service)

• Legitimate interests: Improving the Service, preventing fraud, ensuring security — where these interests are not overridden by your rights

• Legal obligation: Compliance with applicable laws and regulations

• Consent: Where you have given explicit consent (e.g., marketing emails) — you may withdraw consent at any time

We do not sell your personal information. We may share your information with:

• Service providers: Third-party vendors who assist in operating our Service (hosting, payment processing, email delivery, analytics) under strict data processing agreements

• Business transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you before your information becomes subject to a different privacy policy

• Legal requirements: When required by law, court order, or government authority, or when necessary to protect our rights, your safety, or the safety of others

• With your consent: In any other circumstances with your explicit prior consent

All third-party service providers are contractually required to use your information only for the purpose of providing services to us and to maintain appropriate security measures.

We retain your personal information for as long as your account is active or as necessary to provide you the Service. If you cancel your account, we will delete your personal data within 30 days, except where:

• We are required to retain it by applicable law or regulation

• It is necessary to resolve disputes or enforce agreements

• It forms part of aggregated, anonymised data that no longer identifies you

Backups may retain data for up to 90 days following deletion from live systems.

We implement industry-standard technical and organisational measures to protect your personal information, including:

• Encryption of data in transit (TLS 1.2+) and at rest (AES-256)

• HTTP-only, Secure cookies for session management

• Role-based access controls and least-privilege principles

• Regular security audits and penetration testing

• SOC 2 Type II compliance programme

• Brute-force protection and rate limiting on authentication endpoints

No method of transmission over the Internet is 100% secure. While we strive to protect your information, we cannot guarantee absolute security. In the event of a data breach that affects your rights, we will notify you as required by applicable law.

We use cookies and similar technologies to:

• Maintain your session and authentication state (strictly necessary)

• Remember your preferences and settings (functional)

• Understand how you use the Service and improve it (analytics)

You can control cookies through your browser settings. Disabling strictly necessary cookies may affect your ability to use the Service. We do not use cookies for advertising or cross-site tracking. We do not share cookie data with ad networks.

Depending on your location, you may have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you

• Correction: Request correction of inaccurate or incomplete data

• Deletion: Request deletion of your personal data ("right to be forgotten"), subject to legal retention obligations

• Portability: Receive your data in a structured, machine-readable format

• Restriction: Request that we restrict processing of your data

• Objection: Object to processing based on our legitimate interests

• Withdrawal of consent: Withdraw consent at any time where processing is consent-based

To exercise any of these rights, contact us at hello@nitgenius.com. We will respond within 30 days. We may need to verify your identity before processing your request.

Your information may be transferred to and processed in countries other than your own. Where we transfer personal data outside the EEA or UK, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission, or transfers to countries with an adequacy decision. By using the Service, you acknowledge that your information may be transferred internationally.

The Service is not directed to individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that a child under 16 has provided us with personal information, we will take steps to delete such information promptly. If you believe we have inadvertently collected information from a child, please contact us at hello@nitgenius.com.

The Service may contain links to third-party websites or services that are not owned or controlled by us. We have no control over, and assume no responsibility for, the content, privacy policies, or practices of any third-party sites or services. We encourage you to review the privacy policies of any third-party services you visit.

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page, updating the "Effective Date", and, where required, sending you an email notification. Your continued use of the Service after the effective date constitutes your acceptance of the updated policy.

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact our Privacy team:

NITGENIUS Pvt Ltd

NITGENIUS, India

Email: hello@nitgenius.com

For EEA or UK residents, you also have the right to lodge a complaint with your local data protection authority.