Back to Home

Privacy Policy

Promoora

Last updated: 6th March 2026

Contact / Grievance Officer: Aryan — ceo@promoora.in | +91 9627277003

1. Introduction

Promoora (“we”, “us”, “our”) is committed to protecting the privacy of visitors and customers who use our website, services, or who otherwise interact with us. This Privacy Policy explains what personal data we collect, how we use it, how we share it, and the choices you have. It is intended to meet the requirements of Indian data/privacy laws, including the Digital Personal Data Protection Act, 2023 (DPDP Act) and applicable IT rules.

2. Scope

This Policy applies to:

  • Visitors to promoora.in and subdomains;
  • Customers and leads who request proposals, pay for services, or otherwise engage with Promoora;
  • Users of any web-based dashboards, portals, or forms we operate.

3. Personal Data We Collect

We collect only data necessary to provide our services and operate the website. Typical categories:

a) Contact & Identity Data

Name, business name, email address, phone number, physical address, role/title.

b) Business & Transactional Data

Company details, service preferences, proposal/contract information, invoices, payment receipts.

c) Technical & Usage Data

IP address, browser type, device type, operating system, pages visited, referring URL, cookies and similar tracking data (analytics), page interactions.

d) Communications

Messages you send to us (e.g., emails, chat transcripts), recordings of calls if you provide consent or we inform you.

e) Sensitive Personal Data

We do not intentionally collect special categories of personal data (e.g., health, caste, religion, biometric data). If we ever need to process such data (e.g., clinical client use-cases), we will request explicit consent and store/process it under stricter controls per law. The IT Rules / SPDI guidance require additional protections for sensitive personal data.

4. How We Collect Data

  • Directly from you (forms, emails, contract, calls).
  • Automatically via cookies, logs, and analytics tools.
  • From public sources or your authorised representatives.

5. Purposes of Processing & Legal Basis

We process personal data to:

  • Provide and manage the services you request (contract performance);
  • Communicate with you (customer support and account management);
  • Process payments, billing and legal compliance;
  • Improve our website, monitor usage and perform analytics (legitimate interest / service improvement), provided such processing is balanced with your rights;
  • Marketing communications, only with your consent or where law permits;
  • Fulfil legal obligations (tax, dispute resolution, regulatory requests).

Under the DPDP Act, processing should be lawful and limited to specified purposes; this policy describes those purposes.

6. Cookies & Tracking

We use cookies and similar technologies for:

  • Essential functionality (session cookies).
  • Analytics (Google Analytics or similar) to measure and improve the site.
  • Optional marketing/tracking cookies (used only with your consent where required).

You can manage cookie preferences through your browser or the cookie control on the site.

7. Data Sharing & Third Parties

We may share personal data with:

  • Service providers (hosting, payment processors, email, analytics, CRM) under contract requiring confidentiality and security;
  • Professional advisors (legal, auditors) when needed;
  • Law enforcement or government agencies where required by law or a valid order;
  • A buyer or investor if the business (or assets) are sold — with notice to data subjects where feasible.

Where data is shared, we require third parties to implement reasonable security and comply with applicable laws. The SPDI Rules and DPDP Act set expectations for contracts and security when sharing personal data.

8. Cross-Border Transfers

If we transfer personal data outside India (e.g., to host on global cloud providers or use foreign service providers), we will ensure lawful transfer mechanisms (e.g., data processing agreements and contractual safeguards) and comply with any requirements under the DPDP Act and applicable government notifications.

9. Data Retention

We retain personal data only as long as needed for the purposes described (service provision, legal compliance, dispute resolution). Typical retention periods:

  • Leads & proposals: up to 3 years after last contact (unless you request deletion).
  • Financial records: as required by tax laws (typically 7–8 years).
  • Analytics logs: aggregated or anonymised where possible and kept no longer than necessary.

10. Security

We implement “reasonable security practices and procedures” (as required under the IT Act & SPDI Rules) including:

  • Access controls and role-based access;
  • Encrypted storage for sensitive fields;
  • HTTPS/TLS on the website;
  • Regular backups and patching;
  • Periodic security reviews.

No system is 100% secure. If a data breach occurs, we will investigate and notify affected individuals and authorities as required by law.

11. Your Rights (Data Subject Rights)

Subject to law, you have rights to:

  • Access: request a copy of your personal data we hold;
  • Correction: correct inaccurate or incomplete data;
  • Deletion: request deletion (subject to legal retention obligations);
  • Portability: receive your personal data in a machine-readable format where applicable;
  • Withdraw consent: withdraw consent for processing that relied on consent;
  • Object: object to certain processing (e.g., direct marketing);
  • Lodge a grievance or complaint with us or the relevant authority.

To exercise rights, contact: ceo@promoora.in or use the contact form. We will respond within the timelines required by applicable law. Under the IT rules and DPDP Act, grievance redress and timely responses are required.

12. Grievance Officer & Contact

Pursuant to IT Rules and good practice, we designate a Grievance Officer:

You may raise data or policy concerns with the Grievance Officer; we aim to resolve complaints promptly (within applicable timelines).

13. Children

Our services are not for children under 18. We do not knowingly collect data from minors. If we learn we collected data from a minor without consent, we will delete it promptly.

14. Links to Other Sites

Our site may link to third-party sites. We are not responsible for their privacy practices; review their policies.

15. Changes to Policy

We may update this Policy to reflect legal or operational changes. We will publish the revised date at the top and notify users where required.

16. Governing Law & Contact

This Policy is governed by the laws of India. For questions or to exercise your rights, contact: ceo@promoora.in | +91 9627277003.

© 2026 Promoora. All rights reserved.