Privacy Policy

1. Introduction

Quanvance ("Quanvance," "we," "us," or "our") is committed to protecting the privacy and security of your personal information. This Privacy Policy describes how we collect, use, disclose, and protect the Personal Data (as defined below) of individuals who visit our website quanvance.com , use our IT services, business services, and cloud services (collectively, the "Services"), or otherwise interact with us.

This policy applies to individuals accessing our Services from the United States of America (USA) and the Republic of India, and outlines rights under applicable data protection laws, including relevant state laws in the USA and India's Digital Personal Data Protection Act, 2023 (DPDPA).

By accessing our website or using our Services, you acknowledge you have read and understood this Privacy Policy.

2. Definitions

• Personal Data: Any information relating to an identified or identifiable natural person. This includes data that can directly identify someone (like a name or email address) or indirectly identify them when combined with other information (like an IP address or unique device identifier). Under the DPDPA, this is referred to as "Digital Personal Data."
• Data Principal: The individual to whom the Personal Data relates (referred to as "Consumer" under some US laws).
• Processing: Any operation performed on Personal Data, such as collection, recording, organization, storage, adaptation, retrieval, use, disclosure, transfer, or erasure.
• Data Fiduciary: The entity that determines the purpose and means of processing Personal Data (equivalent to "Data Controller" in other frameworks). Quanvance Solutions acts as a Data Fiduciary for the data described in this policy unless otherwise stated (e.g., when acting as a processor for client data).
• Data Processor: An entity that processes Personal Data on behalf of the Data Fiduciary.

3. Information We Collect

We collect various types of Personal Data depending on your interaction with us:

(a) Information You Provide Directly:

• Contact Information: Name, email address, phone number, company name, job title, physical address when you fill out contact forms, request consultations, sign up for newsletters, or register for an account.
• Communication Data: Information you provide when you contact us for support, provide feedback, or communicate with us via email, phone, or other channels.
• Account Data: Usernames, passwords, and other information needed to create and maintain your account for accessing certain Services.
• Payment Information: While we typically use third-party payment processors (e.g., Paytm, Stripe, PayPal), we may receive transaction details (but usually not full credit card numbers) required for billing and record-keeping.

(b) Information Collected Automatically:

• Usage Data: Information about how you interact with our website and Services, such as IP address, browser type, operating system, referring URLs, pages viewed, time spent on pages, links clicked, and diagnostic data.
• Cookies and Tracking Technologies: We use cookies, web beacons, pixels, and similar technologies to collect Usage Data, personalize your experience, analyze trends, and manage our website. Please see our Cookie Policy (Link to your Cookie Policy, if separate) or Section 12 below for more details.

(c) Information Processed on Behalf of Clients (as Data Processor):

When providing our Services (especially Cloud and Managed IT services), we may process Personal Data controlled by our clients. In these cases, Quanvance acts as a Data Processor, and the processing is governed by the Data Processing Agreement (DPA) or service agreement between Quanvance and the client (who is the Data Fiduciary/Controller). This policy does not cover data processed solely in our capacity as a Data Processor.

4. How We Use Your Information

We use your Personal Data for the following purposes:

• To Provide and Manage Services: To deliver the Services you request, manage your account, process transactions, and provide customer support.
• To Communicate with You: To respond to inquiries, send service-related announcements, administrative messages, technical notices, security alerts, and requested information (including marketing materials, where permitted).
• To Improve Our Services: To analyze usage trends, monitor the effectiveness of our website and Services, troubleshoot issues, and develop new features or offerings.
• For Marketing and Advertising: To send you promotional communications about our Services, events, or industry insights, subject to your consent or opt-out rights as required by law.
• For Security and Fraud Prevention: To protect our website, Services, users, and the public from security threats, fraud, or illegal activity.
• To Comply with Legal Obligations: To meet legal requirements, respond to lawful requests from public authorities (including national security or law enforcement), enforce our terms, and protect our rights.

5. Legal Basis for Processing (Primarily for India - DPDPA)

Under the DPDPA, we process your Digital Personal Data based on one or more of the following:

• Consent: Where required, we obtain your explicit, freely given, specific, informed, and unambiguous consent for processing your Personal Data for specific purposes (e.g., marketing emails, non-essential cookies). You have the right to withdraw your consent at any time.
• Legitimate Uses (DPDPA) / Legitimate Interests (General): We may process your data for certain specified legitimate uses under DPDPA, such as fulfilling contractual obligations, complying with law, providing requested services, ensuring network security, or preventing fraud, provided such processing does not override your fundamental rights. We may also rely on legitimate interests under other applicable frameworks for purposes like service improvement and internal analytics.
• Performance of Contract: Processing necessary to fulfill our contractual obligations to you when you use our Services.
• Legal Obligation: Processing necessary to comply with applicable laws and regulations in India or the USA.

6. How We Share Your Information

We do not sell Personal Data in the traditional sense. However, we may share your Personal Data with the following categories of third parties:

• Service Providers / Data Processors: Companies that perform services on our behalf, such as cloud hosting providers (e.g., AWS, Azure, GCP), CRM providers, email service providers, analytics providers, payment processors, and IT support vendors. These providers are authorized to use your Personal Data only as necessary to provide services to us and are obligated to protect your data.
• Business Transfers: In connection with a merger, acquisition, financing, reorganization, bankruptcy, or sale of all or a portion of our assets, your Personal Data may be transferred to the successor entity, subject to standard confidentiality arrangements.
• Legal Requirements: If required by law, regulation, legal process (like a subpoena), or governmental request, or if we believe disclosure is necessary to protect our rights, property, or safety, or that of our users or the public.
• With Your Consent: We may share your information with other third parties when we have your explicit consent to do so.

7. International Data Transfers

Quanvance Solutions operates in the USA and India. Your Personal Data may be collected, transferred to, stored, and processed in either country, or in other countries where our service providers operate. These countries may have data protection laws that differ from those in your country of residence.

When we transfer Personal Data across borders, we take steps to ensure it is protected according to this Privacy Policy and applicable laws. This may include relying on:

• Adequacy decisions (where applicable).
• Standard Contractual Clauses (SCCs) or similar contractual safeguards.
• Your explicit consent for the transfer after being informed of the risks.

We implement appropriate technical and organizational measures to safeguard your data during international transfers.

8. Data Security

We implement reasonable and appropriate technical, administrative, and physical security measures designed to protect your Personal Data from unauthorized access, use, disclosure, alteration, or destruction. Measures may include encryption, access controls, firewalls, and secure software development practices. However, no internet transmission or electronic storage method is 100% secure, so we cannot guarantee absolute security.

9. Data Retention

We retain your Personal Data only for as long as necessary to fulfill the purposes for which it was collected, including providing our Services, complying with legal obligations (e.g., tax, accounting), resolving disputes, enforcing our agreements, and for legitimate business purposes. Retention periods vary depending on the type of data and the context. When Personal Data is no longer needed, we will securely delete or anonymize it.

10. Your Rights

Depending on your location (USA or India) and subject to applicable laws and exceptions, you may have the following rights regarding your Personal Data:

(a) Rights Generally Applicable (may vary by jurisdiction):

• Right to Access: Request access to the Personal Data we hold about you.
• Right to Rectification / Correction: Request correction of inaccurate or incomplete Personal Data.
• Right to Erasure / Deletion: Request deletion of your Personal Data, subject to certain exceptions (e.g., legal obligations).
• Right to Restrict Processing: Request limitation of how we process your Personal Data in certain circumstances.
• Right to Data Portability: Request a copy of your Personal Data in a machine-readable format (where technically feasible).
• Right to Object: Object to processing based on legitimate interests or for direct marketing purposes.
• Right to Withdraw Consent: Withdraw your consent at any time where processing is based on consent (withdrawal does not affect lawfulness of prior processing).

(b) Specific Rights under US State Laws (e.g., CCPA/CPRA - California focus):

• Right to Know: Request details about the categories and specific pieces of personal information collected, sources, purposes, and categories of third parties shared with.
• Right to Delete: Request deletion of personal information collected from you.
• Right to Opt-Out of Sale/Sharing: Request that we do not "sell" or "share" (for cross-context behavioral advertising) your personal information. Quanvance Solutions currently does not sell Personal Data in the common understanding of the term.
• Right to Correct: Request correction of inaccurate personal information.
• Right to Limit Use of Sensitive Personal Information: (If applicable) Limit the use of sensitive personal information to specific permitted purposes.
• Right to Non-Discrimination: You will not be discriminated against for exercising your privacy rights.

(c) Specific Rights under India's DPDPA 2023:

• Right to Access Information: Obtain a summary of your Digital Personal Data being processed and the processing activities undertaken.
• Right to Correction and Erasure: Request correction of inaccurate/misleading data and erasure of data that is no longer necessary for the purpose it was collected (subject to law).
• Right to Grievance Redressal: Easily accessible means to register grievances with the Data Fiduciary (Quanvance) or a designated Consent Manager.
• Right to Nominate: Nominate another individual to exercise rights on your behalf in case of death or incapacity.
• (Note: Data Principals also have duties under DPDPA, such as not providing false information and complying with laws.)

How to Exercise Your Rights: To exercise any of these rights, please contact us using the details in Section 15. We will respond to verifiable requests within the timeframes required by applicable law. We may need to verify your identity before processing your request.

11. Children's Privacy

Our Services are not directed to children under the age of 13 (in the USA) or 18 (in India, unless verifiable parental consent is obtained for specific processing as permitted by law). We do not knowingly collect Personal Data from children meeting these age thresholds. If we become aware that we have inadvertently collected such information, we will take steps to delete it promptly. If you believe a child has provided us with Personal Data, please contact us.

12. Cookies and Tracking Technologies

We use cookies and similar technologies. A cookie is a small text file stored on your device.

• Types of Cookies: Essential (necessary for website function), Performance/Analytics (help us understand usage), Functional (remember choices), Targeting/Marketing (deliver relevant ads).
• Your Choices: Most browsers allow you to control cookies through settings. You can typically refuse or delete cookies. However, disabling essential cookies may impact website functionality. For non-essential cookies (like marketing/analytics), we will seek your consent where required by law (e.g., via a cookie banner).
• Click here for our detailed Cookie Policy.

13. Third-Party Links

Our website or Services may contain links to third-party websites or services not operated by us. This Privacy Policy does not apply to those third-party practices. We encourage you to review the privacy policies of any third-party sites you visit.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will post the updated policy on our website and indicate the "Last Updated" date. For significant changes, we may provide more prominent notice (e.g., email notification). Your continued use of our Services after changes constitutes acceptance of the revised policy.

15. Contact Us / Grievance Officer (India)

If you have questions about this Privacy Policy, wish to exercise your rights, or have a complaint or grievance, please contact us:

Quanvance
Modern Colony, Pune, MH, India 411057
Email: privacy@Quanvancesolutions.com
Phone: +91 0621 7968194

We are committed to resolving privacy concerns promptly and fairly. You may also have the right to lodge a complaint with the relevant data protection authority in your jurisdiction (e.g., the Data Protection Board of India once established, or the relevant US state Attorney General).