Privacy Policy
TECHNOTALIM PLATFORM AND SERVICES LLP
Last updated: November 27, 2025
1.1. Short Summary
This Privacy Policy outlines the comprehensive framework through which TECHNOTALIM PLATFORM AND SERVICES LLP ("we," "us," or "our") gathers, processes, discloses, and safeguards your personal information during interactions with our TechnoTaLim Console and associated services. It emphasizes transparency, user control, and adherence to applicable data protection laws, ensuring your privacy is prioritized while enabling seamless digital experiences.
1.2. Introduction
1.2.1. Who We Are
TECHNOTALIM PLATFORM AND SERVICES LLP is a registered Indian Limited Liability Partnership specializing in innovative web hosting solutions, educational tools & courses, console management tools and ancillary digital services designed to empower users with reliable, scalable online infrastructure.
1.2.2. Scope of This Policy
This policy governs all personal data handling activities across our TechnoTaLim Console, associated websites, mobile applications, and integrated services, irrespective of access method—whether via web browser, API, or third-party integrations—extending to global users while complying with jurisdictional requirements.
1.3. What Personal Data We Collect
1.3.1. Account Information
We collect essential details to establish and verify user identities, including your full legal name, primary email address for notifications, phone number for two-factor authentication, an encrypted password for secure login, and optional profile elements such as a display name or avatar to enhance user personalization.
1.3.2. Payment Information
To facilitate secure transactions, we gather payment method details (e.g., card type and last four digits) exclusively through our trusted partner Razorpay; this includes transaction records for reconciliation, billing addresses for invoice accuracy, and payment history to track subscription renewals and refunds.
1.3.3. Usage Data
This encompasses non-identifiable telemetry to optimize performance, such as your IP address for geolocation-based features, device identifiers (e.g., model and unique ID), browser specifications (type, version), time zone for scheduling, plug-in details, operating system and platform, navigation patterns (pages visited, session duration), clickstream analytics, server response times, download error logs, visit lengths on key pages, interaction metrics (e.g., scrolls, hovers), and exit methods to refine user interface and troubleshoot issues.
1.3.4. Hosting Data
For effective web management, we process uploaded website files (source code, assets), domain registration details (nameservers, WHOIS data), SSL certificate configurations (issuance, renewal status), custom website settings (e.g., DNS records, caching rules), aggregated traffic statistics (visits, bandwidth usage), and error logs (server faults, 404s) to ensure uptime and diagnostic capabilities.
1.3.5. Communications Data
To deliver responsive support, we retain records of user-initiated interactions, including email threads for query resolution, live chat transcripts for real-time assistance, and support ticket details (descriptions, attachments, resolutions) to maintain service quality and historical reference.
1.4. Why We Collect Your Data
1.4.1. Service Provision
Personal data is indispensable for core functionalities, such as onboarding and administering user accounts, provisioning scalable hosting environments, executing seamless payment workflows, and rendering proactive technical support to minimize downtime.
1.4.2. Legal Compliance
We process data to fulfill statutory duties, including honoring subpoenas or warrants, mitigating litigation risks, and safeguarding intellectual property rights in alignment with Indian and international legal standards.
1.4.3. Business Operations
Aggregated insights from data enable iterative enhancements to platform features, robust analytics for trend identification, proactive fraud detection algorithms, and fortified security protocols to uphold operational integrity.
1.4.4. Marketing
With prior opt-in consent, we leverage data for tailored promotional emails highlighting service upgrades, personalized dashboard recommendations based on usage patterns, and notifications on emerging features to foster user engagement.
1.5. Legal Basis & Consent
1.5.1. Consent
We obtain explicit, informed consent during account registration via clear checkboxes, with granular options for marketing opt-ins; users retain full autonomy to revoke consent through account settings or direct communication, triggering immediate cessation of specified processing.
1.5.2. Contractual Necessity
Certain data elements are strictly required to execute the user agreement, such as contact details for service delivery and payment credentials for fulfilling subscribed hosting commitments, without which contractual obligations cannot be met.
1.5.3. Legal Obligation
Retention practices align with mandates under the Income Tax Act, 1961, and GST regulations, preserving financial records (e.g., invoices, ledgers) for audit trails and tax computations over prescribed durations.
1.5.4. Legitimate Interests
Processing supports balanced interests like deploying AI-driven anomaly detection for fraud prevention, maintaining resilient network architectures against cyber threats, and deriving anonymized benchmarks to evolve service offerings without unduly impacting user privacy.
1.6. Cookies & Tracking
1.6.1. Types of Cookies We Use
Essential cookies underpin site operability (e.g., session persistence); authentication cookies secure login continuity; analytics cookies aggregate usage metrics for performance tuning; functional cookies store preferences like theme selections; and advertising cookies facilitate targeted, consent-based ad delivery across partner networks.
1.6.2. Third-Party Cookies
We integrate vetted providers such as Google Analytics for behavioral insights, Razorpay for transaction facilitation, and select partners (e.g., cloud CDNs) explicitly enumerated herein, each bound by data processing agreements ensuring equivalent protection levels.
1.6.3. Managing Cookies
Users can configure preferences via browser privacy settings (e.g., blocking third-party cookies in Chrome); analytics opt-outs are available through embedded tools like Google's consent mode; consent withdrawal prompts re-evaluation of tracking, with immediate effect on non-essential cookies.
1.7. Data Retention Periods
1.7.1. Account Data
Active accounts preserve core information indefinitely for continuity; upon deactivation or closure, data undergoes secure erasure within 30 days, barring overrides for unresolved disputes or archival necessities.
1.7.2. Transaction Records
In adherence to Section 44AB of the Income Tax Act, records are archived for a minimum of seven years post-transaction, retaining only indispensable fields (e.g., amounts, dates) while purging extraneous details to minimize exposure.
1.7.3. Website Hosting Data
Hosting artifacts persist coextensive with service tenure; termination triggers automated deletion protocols, including file wipes and domain disassociations, subject to user export options.
1.7.4. Analytics Data
Raw logs adhere to Google Analytics' 26-month retention default, transitioning to irreversible anonymization thereafter to balance insight value with privacy erosion.
1.7.5. Legal Holds
Extraordinary retention may extend periods in response to judicial orders or investigations; affected users receive prompt, confidential notifications detailing the rationale and anticipated duration.
1.8. Data Sharing & Third Parties
1.8.1. Payment Processors
Transactions route exclusively via Razorpay, a PCI-DSS Level 1 certified gateway, ensuring tokenized handling where no full card data resides on our infrastructure, thereby isolating financial risks.
1.8.2. Service Providers
We engage vetted vendors for specialized tasks—e.g., Cloudflare for cloud storage, Google Cloud for authentication—each under strict non-disclosure and data minimization covenants to prevent unauthorized dissemination.
1.8.3. Legal Requirements
Disclosures occur solely upon validated requests from authorized entities like the Central Board of Direct Taxes, cyber cells, or judicial bodies, with post-facto user alerts where permissible.
1.8.4. Business Transfers
In scenarios of corporate restructuring (e.g., mergers), data may transfer to successors under equivalent safeguards; we commit to advance notifications via email and site banners, affording opt-out windows pre-closure.
1.9. Payment Data Handling
1.9.1. Payment Gateway
Razorpay serves as our sole conduit for all monetary flows, leveraging its PCI-DSS Level 1 attestation for fortified encryption and fraud monitoring; our systems capture zero primary account numbers, delegating storage to the gateway.
1.9.2. Tokenization
For subscriptions, ephemeral tokens replace sensitive details, enabling frictionless recurring charges while confining vaulted tokens to Razorpay's segmented, audited repositories.
1.9.3. Transaction Records
We maintain succinct logs—transaction IDs, timestamps, totals—for fiscal accountability and dispute resolution, eschewing granular payment artifacts to align with data minimization tenets.
1.10. Security Measures & "Reasonable Security Practices"
1.10.1. Technical Security
Data in transit employs AES-256 SSL/TLS protocols; at-rest encryption utilizes hardware security modules; routine audits by certified firms, quarterly penetration simulations, automated vulnerability scans, and adherence to secure coding guidelines fortify defenses.
1.10.2. Access Controls
Implementations feature granular RBAC matrices, compulsory MFA for administrative portals, least-privilege enforcement via just-in-time access, and bi-annual privilege audits to curtail insider threats.
1.10.3. Infrastructure Security
Leveraging Tier-III certified data centers with biometric perimeters, we deploy next-gen firewalls, IDS/IPS suites, Cloudflare DDoS mitigation, encrypted offsite backups, and ISO 22301-compliant BCDR frameworks for resilience.
1.10.4. Compliance with IT Act Section 43A
Our practices embody "reasonable security" as per Schedule II, incorporating ISO 27001 certifications, annual third-party audits, and incident response playbooks to avert unauthorized access or breaches.
1.11. Children & Minors
1.11.1. Age Restrictions
Accounts demand verification of 18+ eligibility; underage users (13-17) require verifiable parental/guardian consent; data from minors is curtailed to essentials, with heightened scrutiny on processing scopes.
1.11.2. Parental Controls
Guardians access dashboards for oversight, including deletion petitions on behalf of minors, and enablement of age-appropriate filters (e.g., content moderation APIs) to curate safe environments.
1.11.3. Educational Services
For institutional tie-ups, we enforce FERPA-equivalent safeguards on student profiles, restricting shares to pedagogical necessities and mandating explicit institutional consents.
1.12. User Rights
1.12.1. Right to Access
Submit requests via dedicated portal or email for a structured overview of held data; we respond within one month, furnishing exports in CSV/JSON formats with explanatory metadata.
1.12.2. Right to Correction
Profile edits occur self-service via dashboard; material changes trigger identity validation (e.g., OTP); algorithmic corrections auto-resolve evident inaccuracies like outdated emails.
1.12.3. Right to Erasure
Deletion petitions, emailed to privacy@technotalim.com, undergo 72-hour review; exemptions apply for contractual or archival needs, with verifiable confirmations issued post-execution.
1.12.4. Right to Portability
Requests yield interoperable files (e.g., XML schemas) for seamless migration; delivery via secure links or APIs supports direct transfers to compatible platforms.
1.12.5. Right to Object
Opt-outs for non-essential processing (e.g., marketing) are instantaneous via settings toggles; where interests conflict, we conduct balancing assessments and propose mitigated alternatives like anonymized aggregates.
1.13. Grievance Officer Contact & Complaint Process
1.13.1. Grievance Officer Details
Name: ASHIK K I
Email: grievance@technotalim.com
Address: TechnoTaLim 13/229,ANSAR ISLAM MADRASSA, PUNNAYUR,EDAKKAZHIYOOR, Thrissur - Kerala, India
The officer serves as the impartial focal point for privacy escalations, ensuring unbiased adjudication.
1.13.2. Complaint Process
Lodge via email/form with incident details, evidence, and contact info; acknowledgments dispatch within 24-48 hours; resolutions target 15 days, with interim updates; unresolved matters escalate to senior compliance leads or external mediators.
1.13.3. Tracking Complaints
Each submission generates a unique alphanumeric reference; bi-weekly status emails maintain transparency; closures include root-cause analyses and preventive recommendations.
1.14. How to Request Data Deletion or Portability
1.14.1. Deletion Request Process
Direct emails to privacy@technotalim.com with account verification (e.g., recent transaction ID); processing completes in 30 days, encompassing cascading wipes across backups.
1.14.2. Portability Request Process
Analogous submissions to privacy@technotalim.com specify formats (e.g., GDPR-compliant JSON); deliveries occur via encrypted portals, excluding derived analytics.
1.14.3. Confirmation
Post-fulfillment audits yield detailed ledgers of actions—e.g., "10 records deleted from primary DB"—with retention proofs for audit trails.
1.15. Contact & Changes to Policy
1.15.1. Contact Information
Email: support@technotalim.com
Address: TechnoTaLim 13/229,ANSAR ISLAM MADRASSA, PUNNAYUR,EDAKKAZHIYOOR, Thrissur - Kerala, India
Our team pledges responsive, empathetic handling of all inquiries within 48 hours.
1.15.2. Policy Changes
Amendments disseminate via email alerts and console banners 30 days pre-enactment; material shifts (e.g., new processors) invite feedback; continued use post-update implies acceptance, with export options for dissenters.
1.15.3. Effective Date
Date of last update: November 27, 2025
Version history: Tracked internally with diffs available upon request, denoting evolutions like enhanced rights provisions.
© 2025 TECHNOTALIM PLATFORM AND SERVICES LLP. All rights reserved.