Privacy Policy
Last updated: 26 May 2025
1. Introduction
DataGen Private Limited ("DataGen", "we", "our", or "us") respects your privacy and is committed to protecting the personal information you share with us. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit datagen.in or use any of our products or services, including SynthEngyne (collectively, the "Services").
This Policy is drafted in accordance with the Information Technology Act 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules 2011 ("SPDI Rules"), and the Digital Personal Data Protection Act 2023 ("DPDP Act").
2. Scope
- •Applies to all visitors, users, and others who access or use our Services from anywhere in the world.
- •Does not apply to third‑party websites or services that may be linked to or from our Services.
3. Definitions
| Term | Meaning |
|---|---|
| Personal Data | Any data about an individual who can be identified directly or indirectly, including "Sensitive Personal Data or Information" ("SPDI") as defined under the SPDI Rules. |
| Processing | Any operation performed on Personal Data, such as collection, storage, use, disclosure, or deletion. |
| Data Principal | The natural person to whom the Personal Data relates (you). |
| Data Fiduciary | The entity that determines the purpose and means of Processing (DataGen). |
4. Information We Collect
| Category | Examples | Legal Basis* |
|---|---|---|
| Information you provide | Name, email, phone, company, job title, billing details, project files | Consent / Contract |
| Automatically collected data | IP address, browser type, device ID, pages visited, cookies | Legitimate Interest |
| Service‑generated data | Logs, synthetic datasets, model outputs, usage analytics | Legitimate Interest / Contract |
| Sensitive data (SPDI) | Only if you explicitly upload it to SynthEngyne (e.g., proprietary documents) | Explicit Consent |
* Under the DPDP Act we rely on (a) your consent, (b) necessity for performance of a contract, or (c) legitimate interest that does not override your rights.
5. How We Use Your Information
- 1. Provide & improve Services – create synthetic datasets, fine‑tune models, maintain platform integrity.
- 2. Account management – registrations, authentication, billing, and customer support.
- 3. Security & fraud prevention – detect, prevent, and respond to security incidents.
- 4. Analytics & research – understand usage patterns to enhance features and performance.
- 5. Legal compliance – comply with applicable laws, regulations, and lawful requests.
- 6. Marketing – send product updates or event invitations (opt‑out anytime).
6. Cookies & Tracking Technologies
We use first‑ and third‑party cookies, log files, and similar technologies to remember your preferences, measure site performance, and analyse traffic patterns. You can manage or delete cookies in your browser settings; disabling cookies may affect functionality.
7. Sharing & Disclosure
We do not sell or rent your Personal Data. We only share it in the following circumstances:
| Recipient | Purpose | Safeguards |
|---|---|---|
| Service providers | Operate and support our Services | Contractual data‑processing agreements, industry‑standard security |
| Affiliates & group entities | Internal business operations | Same level of protection |
| Law‑enforcement / regulators | When required by law or to protect rights, property, or safety | Evaluated case‑by‑case |
| Business transfers | In connection with merger, acquisition, or asset sale | Prior notice & new policy |
8. Cross‑Border Data Transfers
DataGen primarily processes and stores data on servers located in India; however, we may transfer data to jurisdictions that offer comparable protection, subject to appropriate safeguards (e.g., standard contractual clauses) and compliance with Sections 16–17 of the DPDP Act.
9. Data Security
We implement reasonable security practices and procedures ("RSPP") per Rule 8 of the SPDI Rules, including encryption in transit and at rest, role‑based access controls, multi‑factor authentication, regular vulnerability assessments, and a documented incident‑response program.
10. Data Retention
- •Personal Data is retained only as long as necessary for the purposes for which it was collected or as required by law.
- •Synthetic datasets generated via SynthEngyne are retained for 30 days by default; you may delete them sooner through your dashboard.
- •Back‑ups are securely destroyed after a maximum of 180 days.
11. Your Rights
Subject to exceptions under Indian law, you may:
- 1. Access – obtain a copy of your Personal Data.
- 2. Correct – update inaccurate or incomplete data.
- 3. Delete – request erasure when data is no longer necessary or upon withdrawal of consent.
- 4. Data Portability – receive data in a structured, commonly used format.
- 5. Withdraw Consent – at any time, without affecting prior Processing.
- 6. Grievance Redressal – lodge a complaint with our Grievance Officer or the Data Protection Board of India.
To exercise these rights, email [email protected].
12. Children's Privacy
Our Services are not directed to children under 18. We do not knowingly collect Personal Data from children. If you believe a child has provided us data, contact us for immediate deletion.
13. Third‑Party Links
Our website may contain links to external sites. We are not responsible for their privacy practices. Please review their policies before providing Personal Data.
14. Changes to This Policy
We may update this Policy periodically. Material changes will be notified via email or a prominent notice on our website at least 15 days before the change becomes effective.
15. Contact & Grievance Officer
Grievance Officer (Rule 5(9) SPDI Rules)
Email: [email protected]
By using our Services, you acknowledge that you have read and understood this Privacy Policy and agree to its terms.