Privacy Policy

Introduction

This Privacy Policy describes how Hidden Brains Infotech Pvt. Ltd. and all their subsidiaries, affiliates, products, solutions and service offerings (collectively, “Hidden Brains”, “we”, “us”, “our”) collect, use, share and protect personal data when you interact with our websites, mobile applications, cloud platforms, products, professional services, events and any other online or offline touchpoints (collectively, the “Services”).

By accessing or using our Services, or by submitting personal data to us through any channel (including web forms, email, phone, chat or in-person events), you acknowledge that you have read and understood this Privacy Policy and agree to its terms, subject to applicable law in your jurisdiction.

Scope and Roles

This Privacy Policy applies to:

• Visitors to our websites and digital properties.
• Customers, prospects and business contacts using or evaluating our products and services.
• Users of our subscription services, newsletters, webinars and other content.
• Representatives of our clients, partners, vendors and suppliers.

Hidden Brains generally acts as a “data controller” (or equivalent term under applicable law) for personal data it collects directly through its own channels, and as a “data processor”/“data fiduciary” when processing personal data on behalf of customers under their documented instructions.

Personal Data We Collect

Data you provide directly

Depending on how you interact with us, we may collect:

• Identification and contact details: name, business or personal email address, phone number, postal address, country, company name, job title, department and industry.
• Account and subscription data: login credentials, profile information, communication preferences, newsletter or event subscriptions, support tickets and feedback.
• Commercial and contractual data: information about enquiries, proposals, statements of work, contracts, order history, billing contact details and transaction metadata (but typically not full payment card numbers, which are handled by payment providers).
• Content you submit: messages via “Contact Us” or similar forms, chat transcripts, surveys, testimonials, event registrations, support requests, files or other materials you upload to or share through our platforms.

Where required by law or contract, certain fields will be marked as mandatory; failure to provide them may mean we cannot deliver the relevant Service to you.

Data Collected Automatically

When you visit or use our digital properties, we may automatically collect:

• Technical and usage data: IP address, device identifiers, browser type and version, operating system, language settings, referring URLs, pages viewed, time and date of visits, clickstream data and other interaction information.
• Cookies and similar technologies: information from cookies, pixels, tags, SDKs and similar tools used for site functionality, analytics, security, performance monitoring and, where permitted, personalization and marketing.

You can manage cookies via your browser or device settings; some features may not function correctly if certain cookies are disabled. More information on how cookies work, what cookies we use and why can be found in our Cookie Policy.

Automated Data Processing

Hidden Brains uses automated technologies, including rule-based systems and, in limited cases, artificial intelligence (AI), to support internal operations and to enable certain features within its products and services. These technologies are used to improve efficiency, accuracy, security, and service quality, and are operated in accordance with this Privacy Policy.

Internal Use of Automated Tools

• Hidden Brains may use automated tools, including AI-enabled systems, to support activities such as software development, quality assurance, support operations, documentation, translation, transcription, and security monitoring.
• Where third-party tools are involved, their use is subject to strict access controls, data-minimization principles, logging, and appropriate technical and organizational safeguards.
• Identifiable personal data is shared only where necessary. Wherever feasible, anonymized, aggregated, or masked data is used, and sensitive or special-category data is excluded. Contractual and technical measures are applied to prevent unauthorized use of personal data, including restricting its use for independent model training by third parties.

Automated Features in Products and Services

• Some Hidden Brains solutions may include automated or AI-assisted features such as analytics, recommendations, pattern detection, natural language interfaces, transcription, or summarization.
• Inputs and outputs associated with these features may be processed solely to deliver functionality, maintain quality, ensure security, prevent misuse, and comply with legal obligations.
• Where Hidden Brains acts as a data processor, the use of personal data in connection with such features is governed by customer agreements and handled strictly in line with documented customer instructions.

Data from third parties

We may receive personal data about you from:

• Our customers, partners, resellers and affiliates in connection with joint activities, project delivery or referrals.
• Marketing, event and lead generation partners, including conference organizers, webinar platforms and digital advertising partners.
• Publicly available sources, such as professional networking sites, company websites, public registers or published directories.
• Analytics service providers, including Google Analytics, which collect information about how visitors interact with our website, such as pages visited, navigation paths, and usage patterns. Where required by applicable law, such data is anonymized at the point of collection, and user-level and event-level data is automatically deleted after a retention period of two (2) years.

Where we combine such information with data we hold, we treat the combined information as personal data in accordance with this Policy.

Legal Basis and Purposes of Processing

Where required by applicable law, we process personal data under one or more of the following legal bases: consent, performance of a contract, compliance with legal obligations and legitimate interests (balanced against your rights and expectations).

We use personal data for the following purposes:

Service delivery and operations

• Providing, configuring, operating and improving our products, solutions, platforms and professional services.
• Creating and managing accounts, authenticating users, providing customer support and technical assistance.
• Business partners, suppliers and sub-contractors for the performance of any contract we enter into with them.
• Third party support services, such as, but not limited to project management tools, accounting systems and hosting data centers.

Sales, marketing and communications

• Responding to enquiries, sending requested information (proposals, case studies, technical details), scheduling demos and meetings.
• Sending newsletters, product updates, event invitations and promotional communications, where permitted, and enabling you to manage subscription preferences or opt out.

Analytics, improvement and personalization

• Measuring usage of our sites and Services, diagnosing issues, enhancing user experience, developing new features and improving security.
• Producing de-identified or aggregated statistics and insights for internal reporting, product improvement and business intelligence.

Compliance, security and risk management

• Protecting our systems, data and users through monitoring, incident detection, fraud prevention and information security controls.
• Complying with applicable laws, regulations, court orders, government requests and enforcing our contracts or legal rights.

Where we rely on consent (e.g., certain marketing activities, cookies, cross-border transfers where required), you may withdraw it at any time without affecting the lawfulness of processing before withdrawal.

Cookies and Similar Technologies

Hidden Brains uses cookies and similar technologies to:

• Enable core site functions (e.g., session management, security, forms).
• Understand how visitors use our websites and Services (analytics and performance).
• Remember your preferences and personalize certain content, where permitted.

You can typically configure your browser to reject or delete cookies; if you do so, some features or Services may not function as intended. Where legally required, we will present a cookie notice and obtain consent before setting non-essential cookies.

How We Share Personal Data

Hidden Brains does not sell your personal data. We may share personal data under strict controls with:

Group entities and affiliates

• Other Hidden Brains entities globally, only on a need-to-know basis and subject to appropriate contractual and security safeguards.

Service providers and partners

• Cloud hosting, infrastructure, security, analytics, marketing, email delivery, CRM, payment processors and other vendors who process data under our instructions and in line with contractual confidentiality and security requirements.

Business partners, resellers or implementation partners

• Partners involved in delivering a joint solution or servicing a shared customer, where appropriate.

Customers and other third parties

• Where we process data on behalf of a customer, we may share personal data with that customer or as instructed in the relevant agreement.
• With your consent or at your direction (for example, references, testimonials, case studies or event-related sharing).

Legal and regulatory disclosures

• Government authorities, law enforcement, regulators, courts or other third parties when required by law or reasonably necessary to protect our rights, users, systems or the public, in line with applicable legal safeguards.

Corporate transactions

• Actual or potential buyers, investors, advisers and other relevant parties in connection with an acquisition, merger, reorganization or other corporate transaction, subject to appropriate confidentiality protections.

In all cases, we limit sharing to what is necessary for the relevant purpose and implement appropriate contractual, technical and organizational safeguards.

International Data Transfers

As a global organization delivering projects and services across jurisdictions, personal data may be transferred to and processed in countries other than the one in which it was collected, including locations where data protection laws may offer a different level of protection.

Where required by applicable law, Hidden Brains implements appropriate safeguards for such transfers, which may include:

• Standard contractual clauses or other approved transfer mechanisms.
• Contractual data protection terms with recipients.
• Additional technical and organizational measures to protect data in transit and at rest.

You may contact us using the details in the “Contact Us” section for more information on applicable transfer mechanisms (subject to confidentiality).

Data Retention

Hidden Brains retains personal data only for as long as necessary to fulfil the purposes for which it was collected, including to satisfy any legal, regulatory, contractual, accounting or reporting requirements.

Retention periods are determined by factors such as:

• The nature of the data and the relationship with you.
• Statutory limitation periods and record-keeping obligations.
• Our legitimate business needs (e.g., security, dispute resolution, audits).

After the applicable retention period, personal data is securely deleted, anonymized or archived in accordance with our internal policies and applicable law.

Data Security

We implement a combination of technical, physical and organizational measures designed to protect personal data against unauthorized access, disclosure, alteration or destruction. These include, as appropriate:​

• Secure infrastructure, firewalls, encryption in transit (e.g., HTTPS/TLS) and at rest where applicable.
• Access controls and role-based permissions, based on need-to-know.
• Operational procedures, monitoring, logging and incident response processes.
• Employee awareness, confidentiality obligations and regular security reviews.

While we apply industry-aligned measures, no system is completely secure; use of the internet and our Services is at your own risk, and you should take appropriate precautions (e.g., strong passwords, access management).

Your Rights and Choices

Depending on your jurisdiction and subject to applicable law, you may have rights in relation to your personal data, which can include:​

• Right of access: to obtain confirmation and a copy of personal data we hold about you.
• Right to rectification: to correct inaccurate or incomplete personal data.
• Right to deletion/erasure: to request deletion of personal data, subject to legal and contractual obligations.
• Right to restriction: to request that we limit processing in certain circumstances.
• Right to objection: to object to processing based on legitimate interests or to direct marketing.
• Right to data portability: to receive certain data in a structured, commonly used, machine-readable format and/or request that we transmit it to another controller where technically feasible.
• Right to withdraw consent: where processing is based on consent, to withdraw that consent at any time.

To exercise your rights, or to raise questions about how we handle your data, you may contact us using the details below. We may need to verify your identity before fulfilling your request and may be unable to fully comply where legal or contractual obligations require us to retain certain data. In some cases, we are permitted to charge a small fee of no more than $10 in respect of our administrative costs.

If we process your personal data on behalf of a customer (for example, as part of a project or solution they use), we may refer your request to that customer, who acts as the primary controller for such data. If you would like to request the information we hold about you please mail us with your details to privacy@hiddenbrains.in.

This website may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

Anti-Spam Policy

Hidden Brains recognizes the receipt, transmission or distribution of spam emails (i.e. unsolicited bulk emails) as a major concern and has taken reasonable measures to minimize the transmission and effect of spam emails in our computing environment. All emails received by Hidden Brains are subject to spam check. Any email identified as spam will be rejected with sufficient information to the sender for taking necessary action. With this measure, along with other technical spam reduction measures, Hidden Brains hopes to minimize the effect of spam emails. Hidden Brains reserves the right to reject and/or report any suspicious spam emails, to the authorities concerned, for necessary action.

Children’s Privacy

Our Services are not intended for children under the minimum age of digital consent in their jurisdiction (for example, 13 years in some countries), and we do not knowingly collect personal data from such children. If you believe we have collected such data, please contact us so that appropriate action can be taken.

Third-Party Sites and Services

Our websites and Services may contain links to or integrations with third-party websites, applications, platforms, plugins or services that are not controlled by Hidden Brains. This Privacy Policy does not apply to those third parties. You are encouraged to review their privacy notices to understand how they process your data, as we are not responsible for their practices.

Changes to This Privacy Policy

Hidden Brains may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements or for other operational reasons. The “Last Updated” date at the top will indicate when the latest changes were made. Where required by law, we will provide additional notice of material changes and, where necessary, request your consent.

Contact Us and Grievance Redressal

If you have questions, concerns, or requests relating to this Privacy Policy or our handling of your personal data, or wish to contact our designated data protection / grievance officer, you may reach us at: privacy@hiddenbrains.in.

For users in jurisdictions that require a grievance or data protection officer, this contact point serves as the primary channel for exercising your rights and raising complaints.