Data Protection

Privacy Policy

How we collect, use, store, and protect your personal data in compliance with Indian data protection laws.

Effective: 08 November 2025 Updated: 08 November 2025
Your Privacy Matters. Connexolve Infotech Pvt Ltd is fully compliant with the Digital Personal Data Protection (DPDP) Act, 2023, the Information Technology Act, 2000, and the IT (Reasonable Security Practices) Rules, 2011.
Table of Contents
1. Introduction 2. Information We Collect 3. How We Use Your Data 4. Legal Basis for Processing 5. BGV-Specific Data Handling 6. Data Sharing & Disclosure 7. Cookies & Tracking 8. Payment Information 9. Data Security 10. Data Retention 11. Your Rights (DPDP Act) 12. Children's Privacy 13. Third-Party Links 14. International Transfers 15. Changes to Policy 16. Grievance Officer

1Introduction

This Privacy Policy explains how Connexolve Infotech Pvt Ltd ("Connexolve," "we," "us," or "our") collects, uses, stores, shares, and protects your personal data when you visit our website https://connexolve.in, use our Background Verification (BGV) portal, or avail any of our services.

By using our services, you consent to the collection and use of information in accordance with this policy.

2Information We Collect

2.1 Information You Provide Directly

  • Identity Data: Full name, date of birth, gender, photograph, signature
  • Contact Data: Email address, phone number, postal address
  • Government IDs (for BGV / Incorporation): PAN, Aadhaar, Voter ID, Driving License, Passport, Bank account, IFSC, GSTIN, FSSAI, Udyog Aadhaar
  • Business Data: Company name, designation, business address, GSTIN, MCA filings, ROC documents
  • Employment Data (for Payroll): Salary, PF/ESI/UAN, attendance, leave records, tax declarations
  • Financial Data: Bank details, transaction history, invoice records
  • Communication Data: Emails, chat transcripts, support tickets, call recordings

2.2 Information Collected Automatically

  • Technical Data: IP address, browser type, operating system, device identifiers
  • Usage Data: Pages visited, time spent, click patterns, referral source
  • Cookies & Similar Technologies: See Section 7 below

2.3 Information from Third Parties

  • Government APIs (UIDAI, Income Tax, GSTN, MCA, NSDL, Vahan, etc.) for verification responses
  • Payment gateway partners (Razorpay, Zoho Payments) for transaction verification
  • Authorized BGV data providers

3How We Use Your Information

PurposeData Used
Service delivery (BGV, Incorporation, Payroll, Hosting)Identity, Contact, Government IDs, Business Data
Payment processing & invoicingContact, Financial Data
Customer supportContact, Communication Data
WhatsApp / SMS / Email marketing (opt-in)Contact Data
Website analytics & improvementTechnical & Usage Data
Legal compliance (TDS, GST, ROC, audit)Identity, Financial, Business Data
Fraud prevention & security monitoringTechnical, Usage, Identity Data

4Legal Basis for Processing

Under the DPDP Act, 2023, we process your personal data based on:

  • Consent: For marketing communications and optional services
  • Performance of a contract: To deliver services you have purchased
  • Legal obligation: Compliance with tax, labour, and corporate laws
  • Legitimate interests: Fraud prevention, security, and service improvement

5Background Verification (BGV) — Specific Data Handling

⚠️ Important for BGV Clients: When you submit a person's data for verification, you act as the Data Fiduciary and Connexolve acts as the Data Processor.

  • You confirm that explicit, informed, written consent has been obtained from the data subject before submission.
  • BGV data is transmitted via encrypted channels (TLS 1.2+) to authorized government and partner APIs.
  • Verification results are stored securely with role-based access control.
  • We do not use BGV data for any purpose other than the verification requested.
  • Reports are made available only to the authorized client who initiated the verification.

6Data Sharing & Disclosure

We do not sell your personal data. We may share your information with:

  • Government Authorities: When required by law (Income Tax, GST, MCA, courts, law enforcement)
  • Verification APIs: UIDAI, NSDL, GSTN, MCA, Vahan, Bank APIs (for BGV only)
  • Payment Gateways: Razorpay, Zoho Payments (PCI-DSS compliant)
  • Cloud / Hosting Providers: AWS, Google Cloud (India-hosted servers)
  • Communication Partners: Meta WhatsApp Business API, SMS gateways, Google Workspace, Zoho
  • Professional Advisors: CAs, CSs, Legal advisors (under NDA)
  • Business Transfers: In case of merger, acquisition, or sale of assets (with prior notice)

7Cookies & Tracking Technologies

Our website uses cookies to enhance user experience:

  • Essential Cookies: Required for site functionality
  • Analytics Cookies: Google Analytics to understand usage patterns
  • Marketing Cookies: Used only with your consent for retargeting

8Payment Information

All payments are processed through PCI-DSS compliant payment gateways — Razorpay and Zoho Payments. We do not store your credit card, debit card, UPI PIN, or net banking credentials on our servers. Only transaction IDs and invoice references are retained for accounting purposes.

9Data Security

We implement industry-standard security measures:

  • SSL/TLS encryption for data in transit (HTTPS)
  • AES-256 encryption for sensitive data at rest
  • Role-based access controls (RBAC) & multi-factor authentication
  • Regular security audits, vulnerability scans & penetration testing
  • Secure cloud hosting in India-region data centres
  • Firewalls, intrusion detection & 24/7 monitoring
  • Employee NDAs and background checks for all staff handling client data

10Data Retention

  • Customer / Account Data: Duration of engagement + 7 years (Income Tax & Companies Act)
  • BGV Reports: 3 years from verification date (or longer if required by client contract)
  • Payment Records: 8 years (GST & statutory audit requirements)
  • Marketing Data: Until you withdraw consent
  • Website Logs: 12 months

After the retention period, data is securely deleted or anonymized.

11Your Rights Under the DPDP Act, 2023

As a Data Principal, you have the following rights:

Right to Access

Request a summary of personal data we hold about you

Right to Correction

Request correction of inaccurate or incomplete data

Right to Erasure

Request deletion of your data (subject to legal retention)

Right to Withdraw Consent

Withdraw consent at any time for consent-based processing

Right to Grievance

Lodge complaints with our Grievance Officer

Right to Nominate

Nominate someone to exercise rights on your behalf

To exercise any of these rights, email us at sales@connexolve.in. We respond within 30 days.

12Children's Privacy

Our services are not directed at individuals under the age of 18. We do not knowingly collect personal data from children. If you believe a child has provided us with their information, please contact us immediately for removal.

13Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of such sites. We encourage you to review the privacy policies of any third-party sites you visit.

14International Data Transfers

Your data is primarily stored on servers located in India. In limited cases, data may be processed by global service providers (e.g., Google Workspace, Meta WhatsApp). Such transfers comply with applicable data transfer requirements under the DPDP Act.

15Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. Material changes will be notified via email or prominent notice on our website.

16Grievance Officer

Grievance Officer

For privacy-related queries, data access requests, or to exercise your DPDP Act rights:

sales@connexolve.in
+91 87773 97384
5th Floor, 83, Shyama Prasad Mukherjee Road, Kalighat, Kolkata – 700026
Response time: 30 days max · Escalation: Data Protection Board of India (DPDP Act, 2023)
Terms of Service Privacy Policy Refund Policy