Your Privacy Matters

Privacy Policy

At Transversal, we are committed to protecting your personal data and ensuring transparency in how we collect, use, and safeguard your information.

Last Updated: February 6, 2026

Introduction

Transversal ("we," "our," or "us") operates the transversal.in website and provides DPDPA compliance solutions and services. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you visit our website, use our platform, or engage with our services.

This policy is prepared in accordance with the Digital Personal Data Protection Act, 2023 (DPDPA) of India and other applicable data protection laws. By accessing our services, you consent to the practices described in this policy.

Information We Collect

Personal Data You Provide

We collect personal data that you voluntarily provide to us, including:

  • Identity Data: Name, job title, company name, and professional role
  • Contact Data: Email address, phone number, and business address
  • Account Data: Login credentials and authentication information
  • Communication Data: Messages, inquiries, and feedback you send us
  • Transaction Data: Billing information and payment details (processed securely through third-party payment processors)

Data Collected Automatically

When you access our platform, we may automatically collect certain technical information:

  • Device Data: Browser type, operating system, and IP address (for security purposes only)
  • Log Data: Access logs, error logs, and security-related information

Note: We do not use cookies, tracking technologies, or analytics tools to monitor your behavior on our website.

Data from Third Parties

We may receive personal data from third parties, such as:

  • Business partners who refer you to our services
  • Publicly available professional databases (like LinkedIn)

How We Use Your Information

We use your personal data for the following lawful purposes:

Service Delivery

  • Providing and maintaining our compliance platform and services
  • Creating and managing your account
  • Processing transactions and sending related information
  • Generating compliance reports and audit trails
  • Providing customer support and responding to inquiries

Communication

  • Sending service updates, security alerts, and administrative messages
  • Providing information about new features, products, or services (with your consent)
  • Responding to your requests, queries, and feedback

Legal and Compliance

  • Complying with legal obligations under applicable laws
  • Enforcing our terms of service and other agreements
  • Protecting our rights, property, and safety
  • Detecting and preventing fraud, abuse, or security incidents

Improvement

  • Conducting research and development to improve our services
  • Personalizing user experience based on your preferences and settings

Lawful Basis for Processing

Under the Digital Personal Data Protection Act, 2023, we process your personal data based on:

  • Consent: Where you have given explicit consent for specific processing activities
  • Contract Performance: Where processing is necessary to fulfill our contractual obligations to you
  • Legal Obligation: Where processing is required to comply with applicable laws
  • Legitimate Uses: For purposes specified under Section 7 of the DPDPA, including voluntary provision of data, medical emergencies, employment purposes, and public interest

You may withdraw your consent at any time by contacting us. However, withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.

Data Sharing and Disclosure

We do not sell your personal data. We may share your information with:

Service Providers

We engage trusted third-party companies to perform services on our behalf:

  • Cloud hosting providers (for data storage and processing)
  • Payment processors (for secure transaction handling)
  • Customer support tools (for ticket management)

All service providers are contractually bound to protect your data and process it only as directed by us.

Legal Requirements

We may disclose your data if required by law or in good faith belief that such action is necessary to:

  • Comply with legal obligations or valid legal processes
  • Protect and defend our rights or property
  • Prevent or investigate potential wrongdoing
  • Protect personal safety of users or the public

Business Transfers

In the event of a merger, acquisition, or sale of assets, your personal data may be transferred to the acquiring entity. We will notify you of any such change and ensure the receiving party adheres to this Privacy Policy.

Data Security

We take reasonable measures to protect your personal data:

  • Encryption: Data in transit is protected using TLS/SSL encryption
  • Access Controls: We limit access to personal data to authorized team members only
  • Secure Infrastructure: Your data is stored on Supabase, a trusted cloud database platform with built-in security features
  • Authentication: We use secure authentication mechanisms to protect your account

While we implement reasonable security measures, no method of transmission over the Internet or electronic storage is completely secure. We cannot guarantee absolute security, but we are committed to protecting your data to the best of our ability.

Data Retention

We retain your personal data only as long as necessary for the purposes outlined in this policy:

  • Account Data: Retained while your account is active and for a reasonable period afterward for legal and business purposes
  • Transaction Data: Retained as required by tax and financial regulations (typically 7 years in India)
  • Communication Data: Retained for the duration of the business relationship plus a reasonable period for support purposes

Upon request for deletion (subject to legal retention requirements), we will delete or anonymize your personal data within a reasonable timeframe.

Your Rights Under DPDPA

As a Data Principal under the Digital Personal Data Protection Act, 2023, you have the following rights:

  • Right to Access: You have the right to obtain confirmation about whether your personal data is being processed, and access to such data along with a summary of processing activities
  • Right to Correction: You have the right to correct, complete, or update your personal data that is inaccurate or misleading
  • Right to Erasure: You have the right to request deletion of your personal data, subject to legal retention requirements
  • Right to Grievance Redressal: You have the right to have grievances addressed and, if unsatisfied, approach the Data Protection Board of India
  • Right to Nominate: You have the right to nominate another individual to exercise your rights in case of death or incapacity

To exercise any of these rights, please contact us using the details provided below. We will respond to your request within 30 days.

Cookies and Tracking Technologies

We do not use cookies, tracking pixels, or third-party analytics tools on our website.

Your browsing activity on our website is not tracked, monitored, or shared with any third parties for advertising or analytics purposes. We believe in respecting your privacy and providing our services without invasive tracking.

If we decide to implement any cookies or tracking technologies in the future, we will update this Privacy Policy and seek your consent where required by law.

Data Storage

Your personal data is stored securely on Supabase, our trusted database infrastructure provider. We do not transfer your personal data to servers located outside of the jurisdictions where Supabase operates.

We do not sell, rent, or transfer your personal data to third parties for their own purposes. Your data is only used to provide and improve our services to you.

Children's Privacy

Our services are intended for businesses and professionals and are not directed at individuals under the age of 18. We do not knowingly collect personal data from children.

If we become aware that we have collected personal data from a child without verification of parental consent, we will take steps to delete that information immediately. If you believe we may have collected data from a child, please contact us.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes:

  • We will update the "Last Updated" date at the top of this policy
  • We will notify you by email or through a prominent notice on our website
  • For significant changes, we may seek your renewed consent

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your data.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Transversal

Response Time

We aim to respond to all inquiries within 30 days

If you are not satisfied with our response to your grievance, you have the right to approach the Data Protection Board of India as established under the Digital Personal Data Protection Act, 2023.

DPDPA Compliance Statement

Transversal is committed to complying with the Digital Personal Data Protection Act, 2023 (DPDPA) of India. We have implemented appropriate technical and organizational measures to ensure and demonstrate that our processing is performed in accordance with the Act. As a Data Fiduciary, we acknowledge our obligations under the DPDPA and are committed to upholding the privacy rights of all Data Principals.

Back to Home