At Pinnasys, we believe transparency is foundational to trust. This Privacy Policy describes our practices for handling personal information collected through pinnasys.com and our AI services. We are committed to handling your data responsibly and in compliance with applicable privacy laws including the Information Technology Act, 2000 (India), GDPR (EU), and UK GDPR.
1. Introduction
Company Software Pvt. Ltd., operating as Pinnasys ("Pinnasys", "we", "us", or "our"), is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit pinnasys.com, interact with our content, or engage us for AI engineering and consulting services.
Please read this policy carefully. By accessing our website or working with us, you acknowledge that you have read and understood how we handle your data. If you disagree with the practices described here, please discontinue use of our website.
2. Information We Collect
We collect information in the following ways:
Information You Provide Directly
- Contact and inquiry forms: name, email address, company name, phone number, and message content.
- Consultation booking: project details, requirements, and scheduling preferences.
- Job applications: resume, portfolio, professional history, and contact details.
- Email correspondence and support requests.
Information Collected Automatically
- Log data: IP address, browser type, referring URLs, pages visited, and time spent on pages.
- Device information: operating system, screen resolution, and device identifiers.
- Cookies and similar tracking technologies (see Section 7 for details).
- Analytics data collected via Google Analytics and Google Tag Manager.
Information from Third Parties
- Data from CRM tools such as Zoho CRM when you submit a lead form.
- LinkedIn, social media platforms, or professional directories when you engage with our company profiles.
- Partner or referral data when a third party introduces us to a prospective client.
3. How We Use Your Information
We use the information we collect for the following purposes:
- To respond to your inquiries, consultation requests, and support tickets.
- To deliver, manage, and improve our AI services and client engagements.
- To send service-related communications such as proposals, project updates, and invoices.
- To send marketing emails, newsletters, or event invitations — only where you have opted in or where we have a legitimate interest.
- To analyze website usage and improve our content, navigation, and user experience.
- To evaluate job applications and manage the recruitment process.
- To comply with legal obligations, resolve disputes, and enforce agreements.
- To detect, prevent, and address fraud, security incidents, or technical issues.
4. Legal Basis for Processing
Where applicable under data protection laws (including GDPR for users in the European Economic Area and UK GDPR for users in the United Kingdom), we process your personal data based on the following legal grounds:
- Contractual necessity: to fulfill a service agreement or take steps before entering into one.
- Legitimate interests: to operate our business, improve services, and communicate with prospects, provided those interests are not overridden by your rights.
- Consent: where you have explicitly opted in to receive marketing communications.
- Legal obligation: where processing is required to comply with applicable laws or regulations.
6. Data Retention
We retain your personal information only for as long as necessary to fulfill the purposes described in this policy, or as required by law. Specifically:
- Inquiry and lead data is retained for up to 24 months from last contact unless a business relationship is established.
- Client project data is retained for the duration of the engagement and up to 7 years thereafter for legal and compliance purposes.
- Job application data is retained for 12 months from the date of application unless a position is offered.
- Website analytics data is retained in aggregate form for up to 26 months.
Once data is no longer needed, we securely delete or anonymize it.
8. Your Privacy Rights
Depending on your location, you may have the following rights regarding your personal data:
- Access: Request a copy of the personal data we hold about you.
- Correction: Request that inaccurate or incomplete data be corrected.
- Deletion: Request that we delete your personal data (subject to legal obligations).
- Restriction: Request that we limit how we use your data while a dispute is resolved.
- Portability: Request your data in a structured, machine-readable format.
- Objection: Object to processing based on legitimate interests or for direct marketing.
- Withdraw Consent: Where processing is based on consent, withdraw it at any time without affecting prior lawful processing.
To exercise any of these rights, please contact us at hr@pinnasys.com. We will respond within 30 days. We may need to verify your identity before fulfilling a request.
9. Data Security
Pinnasys implements industry-standard technical and organizational security measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These include:
- Encrypted data transmission via HTTPS/TLS.
- Access controls limiting data access to authorized personnel only.
- Regular security reviews and vulnerability assessments.
- Secure cloud infrastructure with reputable providers.
While we take reasonable steps to protect your data, no method of internet transmission or electronic storage is 100% secure. We cannot guarantee absolute security and encourage you to take precautions when sharing sensitive information online.
10. International Data Transfers
Pinnasys is headquartered in Jaipur, India, and serves clients in the United States, United Kingdom, Australia, and other regions. Your information may be transferred to and processed in countries other than your own.
Where we transfer data across borders, we ensure appropriate safeguards are in place in accordance with applicable data protection laws, including standard contractual clauses, adequacy decisions, or equivalent protections.
11. Children's Privacy
Our website and services are not directed at individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have inadvertently collected data from a minor, we will take steps to delete it promptly.
If you believe we have collected information from a child, please contact us at hr@pinnasys.com.
12. Third-Party Websites
Our website may contain links to third-party websites, case study partners, or external resources. This Privacy Policy applies only to pinnasys.com. We are not responsible for the privacy practices of any third-party sites and encourage you to review their policies before submitting any personal data.
13. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will update the "Last Updated" date at the top of this page.
We encourage you to review this policy periodically. Your continued use of our website after changes are posted constitutes your acknowledgment of the updated policy.
14. Contact Us
If you have questions, concerns, or requests relating to this Privacy Policy or your personal data, please reach out to us: