Home

Privacy Policy

Table of Contents

1. Introduction & Scope

MTechZilla Technologies Private Limited ("we", "us", "our", "Company") is committed to protecting your privacy. This Privacy Policy governs the collection, use, disclosure, and protection of information:

(A) From visitors to our website http://www.mtechzilla.com; and

(B) From clients, partners, and job applicants when engaging with our IT services.

By using our website or services, you acknowledge that you have read, understood, and agree to be bound by this Policy. If you do not agree with this Policy, please do not use our website or services.

2. Definitions

  • "Personal Data" means any information relating to an identified or identifiable natural person.
  • "Sensitive Personal Data" means information specifically categorized as sensitive under applicable laws (e.g., passwords, financial details, biometric data).
  • "Data Controller" means the entity that determines the purposes and means of the processing of personal data (MTechZilla, in the context of website visitors).
  • "Data Processor" means the entity that processes personal data on behalf of the controller (MTechZilla, when handling client data under a Master Services Agreement).
  • "Service" refers to any IT consulting, software development, or staffing services provided by MTechZilla.

3. Information We Collect

3.1 Information You Provide

  • Identity: Name, title, company name, phone number, email address.
  • Professional Profile: LinkedIn profile, resume/CV, portfolio links.
  • Business Info: Project requirements, technical stack preferences, RFP details.
  • Financial Info: Invoices, billing address, and credit card details (processed via secure third-party gateways; we do not store full card numbers).

3.2 Information Collected Automatically

  • Log Data: IP address, browser type, ISP, referring/exit pages, and time stamps.
  • Device Data: Device ID, unique identifiers, and crash reports.

4. Sensitive Personal Data & IT Security Credentials

Access Credentials: In the course of providing IT services, you may grant us access to your systems, servers, or code repositories (e.g., GitHub, AWS, Database passwords).

Protection: We treat these credentials as Sensitive Personal Data. We store them securely using encryption at rest and in transit. We never share client credentials with third parties who are not directly involved in the specific project.

No Mining: We agree not to mine your data or use your proprietary algorithms for any purpose other than delivering the contracted services.

6. Use of Information & Client Data Processing

6.1 General Use

We use your information to: provide services, communicate, improve our website, ensure security, and comply with laws.

6.2 Client Data (The "Processor" Role)

When you are our client, we act as a Data Processor for data you provide to us for project execution (e.g., customer lists, product data). We process this data solely according to your instructions as detailed in our Service Level Agreement (SLA) or Master Services Agreement (MSA), and not for our own independent purposes unless required by law.

7. Cookies & Do Not Track

7.1 Cookies

We use Essential, Analytics, and Marketing cookies. You can set your browser to refuse cookies, but some parts of the site may not function.

7.2 Do Not Track (DNT)

Our website does not respond to "Do Not Track" (DNT) signals from browsers. However, we adhere to this policy's limitations on data collection and use regardless of DNT settings.

8. Disclosure of Information

We do not sell your data. We may share it:

With Sub-Processors

Hosting (Vercel), CRM (Zoho), Analytics (Google/PostHog/Apollo), Email (Resend), Scheduling (Calendly), Hiring (Zoho Recruit). We contractually require these vendors to protect your data.

Business Transfers

In a merger or acquisition.

Affiliates

With our parent companies or subsidiaries, subject to confidentiality.

9. International Data Transfers

Your data may be transferred to and processed in countries other than your own (including India, USA, and Europe).

  • Adequacy: Where the European Commission has recognized a country as providing adequate protection (e.g., from UK to EEA).
  • SCCs: For transfers to the USA and other non-adequate countries, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission.
  • India to Abroad: For transfers from India, we ensure the recipient provides a level of protection equivalent to that under Indian law.

10. Data Retention & Deletion

We retain personal data only as long as necessary:

  • Visitors/Leads: Upon request, we will delete or anonymize your data unless we are required by law to retain it (e.g., pending litigation, tax audits).
  • Clients: Upon request, we will delete or anonymize your data unless we are required by law to retain it (e.g., pending litigation, tax audits).
  • Employment Applications: Upon request, we will delete or anonymize your data unless we are required by law to retain it (e.g., pending litigation, tax audits).

11. Data Security

We use industry-standard measures (SSL/TLS, AES-256 encryption for stored data, firewalls, MFA). However, no transmission over the internet is 100% secure. You provide information at your own risk.

12. Your Privacy Rights

12.1 GDPR (EU/UK Residents)

You have the right to: Access, Rectify, Erase, Restrict, Object to Processing, Data Portability, and Withdraw Consent. To exercise these rights, email privacy@mtechzilla.com. You also have the right to lodge a complaint with a supervisory authority.

12.2 CCPA/CPRA (California Residents)

You have the right to:

  • Know what personal information we collect, use, and disclose.
  • Delete your personal information (with exceptions).
  • Opt-out of the "sale" of personal information (Note: We do not sell data).
  • Non-discrimination: We will not discriminate against you for exercising these rights.
  • Authorized Agents: You may designate an authorized agent to make requests on your behalf.

12.3 PIPEDA (Canada Residents)

We adhere to the ten principles of PIPEDA.

  • Access: You may request access to your personal information.
  • Accuracy: We endeavor to keep your data accurate and up to date.
  • Challenging Compliance: You may challenge our compliance with these principles by writing to our Privacy Officer.

12.4 DPDP Act (India Residents)

As a Data Principal, you have the right to:

  • Obtain a summary of processed data.
  • Correction and Erasure of data.
  • Nominate an individual to exercise your rights in the event of death or incapacity.
  • Grievance Redressal: You may lodge a grievance with our Grievance Officer (details in Section 17).

13. Children's Privacy

Our services are not for children under 18. We do not knowingly collect data from children. If discovered, we will delete it immediately.

15. Changes to This Policy

We may update this policy periodically. Material changes will be effective 30 days after posting. We will notify users via email or a website banner.

16. Governing Law & Jurisdiction

To the extent permitted by law, this Policy shall be governed by the laws of India. Residents of other jurisdictions may also have specific rights that cannot be waived. In the event of a conflict regarding data transfers, the laws of the jurisdiction where the data subject resides (EU, Canada, California) shall prevail to the extent they provide greater protection.

17. Contact Information & Grievance Officer

For privacy inquiries, rights requests, or to lodge a grievance, contact:

Grievance Officer / Data Protection Officer
MTechZilla Technologies Private Limited, India
Email: privacy@mtechzilla.com