Privacy Policy

Effective Date: 15 June 2025
Last Updated: 15 June 2026

This Privacy Policy and Data Usage Notice is published in accordance with the Digital Personal Data Protection Act, 2023 (DPDP Act) and the rules framed thereunder, as applicable in India. It explains how Netcloud Consulting Services (“Company,” “we,” “us,” or “our”), acting as a Data Fiduciary, collects, uses, stores, shares, and protects your personal data when you visit our website at netcloudconsulting.com (the “Site”) or engage with our services.

By using our Site or services, you acknowledge that you have read and understood this Policy. Where required, your consent will be sought before processing your personal data.

1. Data Fiduciary Details

Name: Netcloud Consulting Services
Registered Address: 11B, S.R. Das Road Kolkata – &00026
Website: https://netcloudconsulting.com
Email: [email protected] 

2. Definitions

For the purposes of this Policy, the following terms have the meanings assigned to them under the DPDP Act, 2023:

  • Personal Data: Any data about an individual who is identifiable by or in relation to such data.
  • Data Principal: The individual to whom personal data relates. Where the individual is a child (below 18 years), the term includes the parent or lawful guardian.
  • Data Fiduciary: Any person who, alone or in conjunction with others, determines the purpose and means of processing personal data — in this case, Netcloud Consulting Private Limited.
  • Data Processor: Any person who processes personal data on behalf of the Data Fiduciary.
  • Processing: Any operation or set of operations performed on personal data, including collection, recording, storage, use, sharing, disclosure, or deletion.
  • Consent: A free, specific, informed, unconditional, and unambiguous indication of the Data Principal’s agreement to the processing of their personal data.

3. Personal Data We Collect

We collect personal data only to the extent necessary for the specified purposes. The categories of personal data we collect include:

3.1 Data Provided by You

  • Full name
  • Email address
  • Phone number
  • Company name and designation
  • Business requirements or queries submitted through forms
  • Any other information you voluntarily provide during registration, inquiry, or service engagement

3.2 Data Collected Automatically

  • IP address and geolocation (country/city level)
  • Browser type, version, and operating system
  • Pages visited, time spent, and navigation paths on our Site
  • Referral URLs and search terms used to reach our Site
  • Cookie identifiers and session data (see Section 9)

3.3 Data from Third Parties

  • Business contact information obtained from publicly available sources or third-party data providers, strictly for B2B outreach
  • Analytics and marketing data from integrated platforms (e.g., Google Analytics, LinkedIn, Meta)

We do not knowingly collect sensitive personal data (such as financial information beyond transaction necessity, health data, biometric data, or caste/religious data) unless required for a specific service and with your explicit consent.

4. Purposes of Processing and Legal Basis

We process your personal data only for specified, clear, and lawful purposes. Under the DPDP Act, the legal bases for our processing are:

Purpose of Processing Legal Basis (DPDP Act)
Responding to inquiries, consultation requests, and contact form submissions Consent / Legitimate Use
Providing and managing our services (AI consulting, marketplace management, automation) Consent / Contractual Necessity
Sending service-related communications, updates, and notifications Consent
Sending marketing communications, newsletters, and promotional content (opt-in only) Consent
Improving our Site, products, and services through usage analytics Legitimate Use
Complying with applicable laws, regulations, and legal obligations Legal Obligation
Detecting and preventing fraud, misuse, or security breaches Legitimate Use
Processing payments and managing billing records Contractual Necessity

We will not use your personal data for any purpose other than those for which it was collected without your explicit consent or as permitted by applicable law.

5. Consent and Withdrawal

Where we rely on your consent as the legal basis for processing, we ensure that:

  • Consent is obtained freely, specifically, informedly, and unambiguously before processing begins.
  • Consent requests are presented in clear, plain language — separately from other terms and conditions.
  • You may withdraw your consent at any time by contacting us at [email protected] or by using the unsubscribe link in any marketing email.
  • Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
  • Upon withdrawal of consent, we will cease processing your data within a reasonable time, except where continued processing is necessary to comply with legal obligations.

6. Your Rights as a Data Principal

Under the DPDP Act, 2023, you have the following rights with respect to your personal data:

6.1 Right to Information

You have the right to obtain a summary of your personal data being processed by us, the identities of all Data Processors with whom we have shared your data, and any other information as prescribed under the Act.

6.2 Right to Correction and Erasure

You have the right to request correction of inaccurate or misleading personal data, completion of incomplete data, and updation of your personal data. You also have the right to request erasure of personal data that is no longer necessary for the purpose for which it was collected, subject to legal obligations.

6.3 Right to Grievance Redressal

You have the right to have your grievances addressed by us in a prompt and efficient manner. You may approach our Grievance Officer (details in Section 11) for resolution before escalating to the Data Protection Board of India.

6.4 Right to Nominate

You have the right to nominate any other individual who shall, in the event of your death or incapacity, exercise your rights under the DPDP Act on your behalf.

6.5 Right to Withdraw Consent

As described in Section 5, you may withdraw consent at any time, subject to the consequences of such withdrawal being communicated to you.

To exercise any of your rights, please contact our Grievance Officer as described in Section 11. We will respond to your request within 30 days of receipt or as required by applicable law.

7. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by applicable laws and regulations. Our retention practices are as follows:

  • Contact and inquiry data: Retained for up to 3 years from the date of last interaction, unless a business relationship is established.
  • Client/service data: Retained for the duration of the contract and for up to 7 years thereafter, in compliance with applicable tax and financial regulations.
  • Marketing data: Retained until consent is withdrawn or 3 years from last engagement, whichever is earlier.
  • Analytical/log data: Typically retained for up to 26 months.
  • Legal obligation data: Retained for the period required by the relevant law or regulatory authority.

Upon expiry of the retention period, personal data is securely deleted or anonymised in accordance with our data destruction procedures.

8. Sharing of Personal Data

We may share your personal data with the following categories of recipients, strictly on a need-to-know basis and with appropriate contractual safeguards:

8.1 Data Processors

Third-party service providers who process data on our behalf, including:

  • Cloud hosting and infrastructure providers (e.g., AWS, Google Cloud, Microsoft Azure)
  • Customer Relationship Management (CRM) platforms
  • Email marketing and communication service providers
  • Website analytics tools (e.g., Google Analytics)
  • Payment processing gateways

8.2 Business Partners

We may share data with authorised business partners and affiliates where necessary to deliver our services or joint offerings, subject to your consent where required.

8.3 Legal and Regulatory Authorities

We may disclose personal data to government authorities, law enforcement agencies, or courts where required by law, court order, or in connection with legal proceedings.

8.4 Business Transfers

In the event of a merger, acquisition, restructuring, or sale of assets, personal data may be transferred to the successor entity, subject to the same privacy commitments under this Policy.

We do not sell, rent, or trade your personal data to third parties for their independent marketing or commercial purposes.

9. Cookies and Tracking Technologies

Our Site uses cookies and similar tracking technologies to enhance your browsing experience, analyse site usage, and support our marketing activities. Cookies are small text files placed on your device.

9.1 Types of Cookies We Use

  • Strictly Necessary Cookies: Essential for the Site to function. No consent required.
  • Functional Cookies: Enable personalisation features. Require consent.
  • Analytics Cookies: Help us understand how visitors interact with our Site (e.g., Google Analytics). Require consent.
  • Marketing/Advertising Cookies: Used to deliver relevant ads (e.g., Google Ads, LinkedIn Insight Tag, Meta Pixel). Require consent.

9.2 Managing Cookies

You can manage your cookie preferences at any time through our Cookie Consent Banner or by adjusting your browser settings. Please note that disabling certain cookies may affect Site functionality.

10. Data Security

We implement appropriate technical and organisational measures to protect your personal data from unauthorised access, disclosure, alteration, or destruction. Our security measures include:

  • SSL/TLS encryption for data in transit
  • Encryption of data at rest using industry-standard algorithms
  • Role-based access controls and multi-factor authentication for internal systems
  • Regular security assessments, vulnerability scanning, and penetration testing
  • Employee training on data protection and information security
  • Incident response procedures for detecting and reporting personal data breaches

In the event of a personal data breach that is likely to result in harm to Data Principals, we will notify the Data Protection Board of India and affected individuals in accordance with the timelines prescribed under the DPDP Act.

11. Grievance Officer

In accordance with Section 13 of the DPDP Act, 2023, we have appointed a Grievance Officer to address complaints and queries related to the processing of your personal data.

Name: Kaushik Bose
Designation: Founder
Organisation: Netcloud Consulting Services
Email: [email protected] 
Address: 11B, S.R. Das Road Kolkata 700026
Working Hours: Monday to Friday, 9:00 AM – 6:00 PM IST

We will acknowledge your grievance within 48 hours and endeavour to resolve it within 30 days. If you are not satisfied with our resolution, you may escalate your complaint to the Data Protection Board of India, once constituted and operational under the DPDP Act.

12. Children’s Data

Our Site and services are not directed at children below the age of 18 years. We do not knowingly collect personal data from children without verifiable parental or guardian consent. If you believe we have inadvertently collected data from a child without consent, please contact us immediately at [email protected] and we will take prompt steps to delete such data.

13. Cross-Border Data Transfers

As a company operating in the digital and AI consulting space, certain data processing activities may involve transfer of personal data outside India. We carry out such transfers only:

  • To countries or territories permitted under notifications issued by the Central Government under the DPDP Act; and
  • In compliance with applicable contractual safeguards and data localisation requirements.

We will update this section as the Government of India issues rules regarding permissible cross-border data transfers under the DPDP Act.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, applicable laws, or regulatory requirements. The revised Policy will be posted on this page with an updated “Last Updated” date. Where material changes are made, we will provide prominent notice on our Site or notify you via email.

We encourage you to review this Policy periodically. Your continued use of our Site or services after any updates constitutes your acknowledgement of the revised Policy.

15. Contact Us

For any questions, concerns, or requests related to this Privacy Policy or your personal data, please reach out to us:

Netcloud Consulting Services
Email:[email protected]
Website: https://netcloudconsulting.com

This Privacy Policy is governed by the laws of India. Any disputes arising out of or in connection with this Policy shall be subject to the exclusive jurisdiction of the courts in India.