Privacy Policy - Crudoimage

Privacy Policy

Your privacy is important to us. This Privacy Policy explains how Crudoimage collects, uses, and protects your personal information when you use our productivity platform and services.

About This Policy: This Privacy Policy ("Policy") describes the information practices of Crudoimage Technologies Private Limited, a company incorporated under the laws of India ("Company", "we", "us", or "our"), regarding the collection, use, and protection of personal information through our productivity software platform and services ("Services").

This Policy applies to all information collected through our website, applications, and services. By using our Services, you consent to the collection and use of information in accordance with this Policy.

Consent and Acceptance: Your use of our Services constitutes acceptance of this Privacy Policy. If you do not agree with our practices, please do not use our Services. We may update this Policy periodically, and your continued use after changes indicates acceptance of the revised Policy.

Table of Contents

  1. Information We Collect
  2. How We Use Your Information
  3. Information Sharing and Disclosure
  4. Data Security and Storage
  5. Your Rights and Choices
  6. Cookies and Tracking Technologies
  7. Third-Party Services and Links
  8. Data Retention
  9. International Data Transfers
  10. Policy Updates and Contact Information

1. Information We Collect

We collect information to provide better services to our users and improve the functionality of our platform.

Personal Information

Information that can identify you personally:

  • Name, email address, phone number
  • Account credentials and authentication data
  • Profile information and preferences
  • Billing and payment information
  • Communication content and history

Usage Information

Data about how you interact with our Services:

  • App usage patterns and feature interactions
  • Session duration and frequency
  • Performance metrics and error logs
  • Device and browser information
  • IP address and location data

Content Data

Information you create or upload to our platform:

  • Documents, files, and project data
  • Comments, notes, and collaborative content
  • Task lists, schedules, and workflow data
  • Custom settings and configurations
  • Integration data from connected services

Technical Information

System and device data for service optimization:

  • Browser type, version, and settings
  • Operating system and hardware specifications
  • Network connection and service provider
  • Cookies and similar tracking technologies
  • Diagnostic and performance data

Data Collection Methods

We collect information through various methods:

  • Direct Collection: Information you provide when registering, using features, or contacting support
  • Automatic Collection: Data collected automatically through your use of our Services
  • Third-Party Sources: Information from integrated services you connect to our platform
  • Communication: Data from emails, messages, and other communications with us

2. How We Use Your Information

We use the information we collect for legitimate business purposes to provide, maintain, and improve our Services.

Primary Uses

  • Service Provision: To provide, operate, and maintain our platform and features
  • Account Management: To create and manage your account, authenticate access, and process payments
  • Communication: To respond to inquiries, provide support, and send service-related notifications
  • Personalization: To customize your experience and recommend relevant features
  • Analytics: To understand usage patterns and improve our Services
  • Security: To detect, prevent, and respond to security incidents and abuse

Legal Basis for Processing

We process your personal information based on the following legal grounds:

  • Contractual Necessity: To fulfill our contractual obligations in providing Services
  • Legitimate Interests: For business operations, security, and service improvement
  • Consent: When you explicitly consent to specific data processing activities
  • Legal Compliance: To comply with applicable laws and regulations

We never sell your personal information to third parties or use it for advertising purposes.

3. Information Sharing and Disclosure

We may share your information in limited circumstances as described below. We do not sell, rent, or trade your personal information.

When We Share Information

  • Service Providers: With trusted third-party service providers who assist in operating our Services under strict confidentiality agreements
  • Business Transfers: In connection with mergers, acquisitions, or asset transfers, subject to confidentiality protections
  • Legal Requirements: When required by law, court order, or to protect our legal rights and safety
  • Consent: With your explicit consent for specific sharing purposes
  • Team Collaboration: With team members within your organization for collaborative features you enable

Third-Party Service Providers

We work with selected service providers for:

  • Cloud hosting and infrastructure services
  • Payment processing and billing
  • Customer support and communication tools
  • Analytics and performance monitoring
  • Security and fraud prevention

Important: All service providers are bound by data processing agreements that require them to protect your information and use it only for specified purposes.

4. Data Security and Storage

We implement comprehensive security measures to protect your information from unauthorized access, alteration, disclosure, or destruction.

Security Measures

  • Encryption: Data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption
  • Access Controls: Strict role-based access controls and authentication requirements
  • Infrastructure Security: Secure cloud infrastructure with regular security audits
  • Monitoring: Continuous monitoring for security threats and anomalous activities
  • Incident Response: Established procedures for detecting and responding to security incidents
  • Employee Training: Regular security awareness training for all personnel

Data Location

Your data is stored on secure servers located in India. We may use cloud infrastructure providers with data centers in India and other regions with adequate data protection standards. All data transfers are protected by appropriate safeguards.

Backup and Recovery

We maintain regular backups of your data to ensure service continuity and data recovery in case of system failures. Backup data is subject to the same security protections as primary data.

5. Your Rights and Choices

You have several rights regarding your personal information. We are committed to helping you exercise these rights.

Access

Request access to personal information we hold about you, including details about how it's processed.

Rectification

Request correction of inaccurate or incomplete personal information.

Deletion

Request deletion of your personal information, subject to legal and operational requirements.

Portability

Request a copy of your data in a structured, machine-readable format.

Restriction

Request limitation of processing of your personal information in certain circumstances.

Objection

Object to processing of your personal information based on legitimate interests.

How to Exercise Your Rights

To exercise your privacy rights:

  • Log into your account settings to update or delete certain information
  • Contact our Data Protection Officer at privacy@crudoimage.com
  • Submit a request through our support system
  • Send a written request to our registered office address

We will respond to valid requests within 30 days. Identity verification may be required for security purposes.

6. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience, analyze usage, and provide personalized features.

Types of Cookies We Use

  • Essential Cookies: Required for basic website functionality and security
  • Functional Cookies: Enable enhanced features and personalization
  • Analytics Cookies: Help us understand how you use our Services
  • Performance Cookies: Monitor and improve website performance

Managing Cookies

You can control cookie settings through:

  • Your browser settings to block or delete cookies
  • Our cookie preference center in your account settings
  • Third-party opt-out tools for analytics services

Note: Disabling certain cookies may affect the functionality of our Services.

7. Third-Party Services and Links

Our platform may integrate with or contain links to third-party services. We are not responsible for the privacy practices of these external services.

Third-Party Integrations

We offer integrations with various productivity tools and services. When you connect these services:

  • You authorize us to access specified data from the connected service
  • The third-party service's privacy policy governs their handling of your data
  • You can revoke these connections at any time through your account settings
  • We only access the minimum data necessary for the integration to function

External Links

Our Services may contain links to external websites or services. These links are provided for convenience, and we are not responsible for their content or privacy practices. We encourage you to review the privacy policies of any external sites you visit.

8. Data Retention

We retain your information only for as long as necessary to fulfill the purposes outlined in this Policy.

Retention Periods

  • Account Data: Retained while your account is active and for 12 months after account closure
  • Usage Data: Typically retained for 24 months for analytics and service improvement
  • Support Communications: Retained for 3 years for quality assurance and legal compliance
  • Financial Records: Retained for 7 years for accounting and tax purposes
  • Legal Hold: Data may be retained longer when required by law or legal proceedings

Data Deletion

When data is deleted:

  • Active copies are permanently removed from our systems
  • Backup copies are deleted according to our backup retention schedule
  • Some data may persist in logs for security and operational purposes
  • De-identified data may be retained for statistical and research purposes

9. International Data Transfers

While we primarily store data in India, some data may be transferred to other countries where our service providers operate.

Transfer Safeguards

When transferring data internationally, we ensure:

  • Appropriate safeguards are in place, such as standard contractual clauses
  • Service providers maintain adequate data protection standards
  • Transfers comply with applicable data protection laws
  • Data subjects' rights remain protected regardless of location

Cross-Border Compliance

We monitor global privacy regulations and adapt our practices to ensure compliance with applicable laws in jurisdictions where we operate or have users.

10. Policy Updates and Contact Information

Policy Changes

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes:

  • We will notify you via email or through our Services
  • The updated Policy will be posted on our website with the revision date
  • Material changes will be highlighted and may require your renewed consent
  • Your continued use of our Services after changes constitutes acceptance

Compliance Framework

Our privacy practices are designed to comply with:

  • Information Technology Act, 2000 and related rules
  • Digital Personal Data Protection Act (DPDPA) 2023 when enacted
  • Applicable state and sectoral privacy regulations in India
  • International privacy standards where relevant