Privacy Policy

Below is a Privacy Policy for ZillyWebs tailored to comply with Indian data‐protection laws, including the Information Technology Act 2000 (Section 43A & SPDI Rules 2011) and the Digital Personal Data Protection Act 2023 (DPDP Act). It outlines what data we collect, how we use it, your rights, and our security and redressal measures.

In summary, ZillyWebs collects personal and non‑personal data strictly as needed to deliver website services; processes data on lawful bases (consent, contract performance, legal obligation) under the DPDP Act 2023 and SPDI Rules 2011; implements reasonable security practices per MeitY guidelines; retains data only as long as required; provides users rights to access, correct, withdraw consent, and grievance redressal via a designated officer; and discloses data only to essential service providers or as mandated by law

1. Introduction & Scope

ZillyWebs (“we”, “us”, “our”) respects your privacy and is committed to protecting your personal data when you use our website services at https://www.zillywebs.com (“Site”). This Policy applies to all individuals (Data Principals) in India whose data we process, in accordance with:

• The Information Technology Act, 2000, Section 43A and its SPDI Rules 2011 India Code;

• The Digital Personal Data Protection Act, 2023 (DPDP Act), effective 11 August 2023 MeitY.

2. Definitions

• Personal Data: Any information relating to an identified or identifiable individual (DPDP Act) DLA Piper Data Protection.

• Sensitive Personal Data or Information (SPDI): As per Rule 3 of SPDI Rules, includes passwords, financial information (bank/Credit card details), health data, biometric data, etc. Lexology.

• Data Fiduciary: Entity determining purposes and means of processing (DPDP Act) DLA Piper Data Protection.

• Data Processor: Entity processing data on behalf of a Data Fiduciary (DPDP Act) DLA Piper Data Protection.

3. Categories of Data Collected

3.1 Personal Data

• Contact Information: Name, email, phone number, address provided when you request a quote or support DataGuidance.

• Account Data: Credentials if you register on our Site.

• User‑Uploaded Content: Logos, text, images you submit for your website development.

3.2 Sensitive Personal Data (SPDI)

• Payment Details: Billing address, credit/debit card information collected via PCI‑compliant gateways Lexology.
  

3.3 Non‑Personal & Technical Data

• Log Data: IP address, browser, OS, timestamps cis-india.org.

• Usage Data: Pages visited, session duration, referral sources.

• Cookie Identifiers & Tracking: As detailed in Section 8.
  

4. Purposes & Lawful Bases for Processing

We process your data only for:

1. Service Delivery: To develop, host, and maintain your website (contract performance) Carnegie Endowment.

2. Communication: Responding to inquiries, service updates, promotional offers (consent for marketing) https://secureprivacy.ai/.

3. Analytics & Improvements: To analyse Site usage and enhance our services (legitimate interest) DLA Piper Data Protection.

4. Legal Compliance: To comply with applicable Indian laws and regulations (legal obligation) PRS Legislative Research.
   

5. Cookies & Tracking Technologies

We use cookies for:

• Essential Functions: Authentication, shopping cart

• Analytical Cookies: Google Analytics for anonymous usage insights DLA Piper Data Protection.

• Preference Cookies: To remember form inputs or language choices.

You may disable cookies in your browser, but some Site features may not function properly.

6. Third Parties & Data Sharing

We share your data only with:

• Service Providers: Hosting services, payment gateways (e.g., Razorpay/Stripe), email/SMS platforms, analytics vendors DLA Piper Data Protection.

• Government Authorities: When required under IT Act or DPDP Act (e.g., CERT‑IN for incident reporting) it.delhi.gov.in.

• Business Transfers: In the event of a merger or sale, with notice to you.

We never sell your personal data for marketing by unrelated third parties.

7. Data Security

We adopt “reasonable security practices and procedures” as prescribed by MeitY, including:

• Annual security audits by qualified auditors it.delhi.gov.in.

• Encryption in transit (TLS) and at rest.

• Access controls and regular vulnerability assessments.
  

8. Data Retention

• SPDI: Retained only as long as needed to fulfil the purpose or as required by law (SPDI Rules 5(4)) cis-india.org.

• Non‑SPDI: Retained for business analytics and record‑keeping up to 3 years, unless a longer retention is mandated.
  
  

9. User Rights & Grievance Redressal

Under DPDP Act 2023 & SPDI Rules you have rights to:

• Access & Correction: View or correct your data Carnegie Endowment.

• Consent Withdrawal: Withdraw consent anytime; we may suspend services if consent is necessary for core functions DataGuidance.

• Erasure & Restriction: Request deletion or blocking of data.

• Data Portability: Receive your data in a machine‑readable format.

• Complaint: Submit grievances to our Grievance Officer (details below); we will respond within one month per SPDI Rules 7(9) DataGuidance.
  
  

10. Children’s Privacy

We do not knowingly collect data from children under 18. If you believe we have inadvertently done so, please contact our Grievance Officer for deletion.

11. Cross‑Border Transfers

Where data is transferred outside India (e.g., global hosting), we ensure equivalent safeguards via:

• Standard Contractual Clauses approved by MeitY (when available) DLA Piper Data Protection.

• Verification that the recipient adheres to similar security practices.
  
  

12. Changes to This Policy

We may update this Policy in line with legal developments (e.g., DPDP Act rules). The “Effective Date” above indicates the current version. Significant changes will be notified via email or Site banner.

13. Contact Us

For any queries about this Policy or your rights, reach us at: Email: hello@zillywebs.com