Privacy Policy

Last updated: 26 May 2025

1. Introduction

DataGen Private Limited ("DataGen", "we", "our", or "us") respects your privacy and is committed to protecting the personal information you share with us. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit datagen.in or use any of our products or services, including SynthEngyne (collectively, the "Services").

This Policy is drafted in accordance with the Information Technology Act 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules 2011 ("SPDI Rules"), and the Digital Personal Data Protection Act 2023 ("DPDP Act").

2. Scope

  • Applies to all visitors, users, and others who access or use our Services from anywhere in the world.
  • Does not apply to third‑party websites or services that may be linked to or from our Services.

3. Definitions

TermMeaning
Personal DataAny data about an individual who can be identified directly or indirectly, including "Sensitive Personal Data or Information" ("SPDI") as defined under the SPDI Rules.
ProcessingAny operation performed on Personal Data, such as collection, storage, use, disclosure, or deletion.
Data PrincipalThe natural person to whom the Personal Data relates (you).
Data FiduciaryThe entity that determines the purpose and means of Processing (DataGen).

4. Information We Collect

CategoryExamplesLegal Basis*
Information you provideName, email, phone, company, job title, billing details, project filesConsent / Contract
Automatically collected dataIP address, browser type, device ID, pages visited, cookiesLegitimate Interest
Service‑generated dataLogs, synthetic datasets, model outputs, usage analyticsLegitimate Interest / Contract
Sensitive data (SPDI)Only if you explicitly upload it to SynthEngyne (e.g., proprietary documents)Explicit Consent

* Under the DPDP Act we rely on (a) your consent, (b) necessity for performance of a contract, or (c) legitimate interest that does not override your rights.

5. How We Use Your Information

  1. 1. Provide & improve Services – create synthetic datasets, fine‑tune models, maintain platform integrity.
  2. 2. Account management – registrations, authentication, billing, and customer support.
  3. 3. Security & fraud prevention – detect, prevent, and respond to security incidents.
  4. 4. Analytics & research – understand usage patterns to enhance features and performance.
  5. 5. Legal compliance – comply with applicable laws, regulations, and lawful requests.
  6. 6. Marketing – send product updates or event invitations (opt‑out anytime).

6. Cookies & Tracking Technologies

We use first‑ and third‑party cookies, log files, and similar technologies to remember your preferences, measure site performance, and analyse traffic patterns. You can manage or delete cookies in your browser settings; disabling cookies may affect functionality.

7. Sharing & Disclosure

We do not sell or rent your Personal Data. We only share it in the following circumstances:

RecipientPurposeSafeguards
Service providersOperate and support our ServicesContractual data‑processing agreements, industry‑standard security
Affiliates & group entitiesInternal business operationsSame level of protection
Law‑enforcement / regulatorsWhen required by law or to protect rights, property, or safetyEvaluated case‑by‑case
Business transfersIn connection with merger, acquisition, or asset salePrior notice & new policy

8. Cross‑Border Data Transfers

DataGen primarily processes and stores data on servers located in India; however, we may transfer data to jurisdictions that offer comparable protection, subject to appropriate safeguards (e.g., standard contractual clauses) and compliance with Sections 16–17 of the DPDP Act.

9. Data Security

We implement reasonable security practices and procedures ("RSPP") per Rule 8 of the SPDI Rules, including encryption in transit and at rest, role‑based access controls, multi‑factor authentication, regular vulnerability assessments, and a documented incident‑response program.

10. Data Retention

  • Personal Data is retained only as long as necessary for the purposes for which it was collected or as required by law.
  • Synthetic datasets generated via SynthEngyne are retained for 30 days by default; you may delete them sooner through your dashboard.
  • Back‑ups are securely destroyed after a maximum of 180 days.

11. Your Rights

Subject to exceptions under Indian law, you may:

  1. 1. Access – obtain a copy of your Personal Data.
  2. 2. Correct – update inaccurate or incomplete data.
  3. 3. Delete – request erasure when data is no longer necessary or upon withdrawal of consent.
  4. 4. Data Portability – receive data in a structured, commonly used format.
  5. 5. Withdraw Consent – at any time, without affecting prior Processing.
  6. 6. Grievance Redressal – lodge a complaint with our Grievance Officer or the Data Protection Board of India.

To exercise these rights, email [email protected].

12. Children's Privacy

Our Services are not directed to children under 18. We do not knowingly collect Personal Data from children. If you believe a child has provided us data, contact us for immediate deletion.

13. Third‑Party Links

Our website may contain links to external sites. We are not responsible for their privacy practices. Please review their policies before providing Personal Data.

14. Changes to This Policy

We may update this Policy periodically. Material changes will be notified via email or a prominent notice on our website at least 15 days before the change becomes effective.

15. Contact & Grievance Officer

Grievance Officer (Rule 5(9) SPDI Rules)

Email: [email protected]

By using our Services, you acknowledge that you have read and understood this Privacy Policy and agree to its terms.