Privacy Policy

Effective Date:4/03/2025

Adiroha Solutions is committed to protecting your privacy. This Privacy Policy explains how we collect, use, share, and protect your personal information when you visit our website [www.adiroha.com] (the "Website") or use our cybersecurity services.

1. Information We Collect

We may collect and process the following types of information:

1.1 Information You Provide

• Full name, email address, phone number, company name, job title, and other business contact details.
• Payment and billing details for service subscriptions.
• Information provided when requesting security assessments, penetration testing, or consulting services.
• Any data voluntarily shared during customer support or inquiries.

1.2 Automatically Collected Information

When you use our Website or services, we may collect:

• IP address, browser type, operating system, and device details.
• Website usage data, such as pages visited and time spent.
• Cookies and tracking technologies (Cookies and Tracking Technologies).

1.3 Data Collected During Cybersecurity Services

• During security assessments, penetration testing, or vulnerability analysis, we may access and analyze certain client system data.
• We strictly follow Non-Disclosure Agreements (NDAs) and ensure this data is never shared, misused, or stored beyond the agreed period.
• All sensitive data is handled securely per ISO 27001, GDPR, and other relevant standards.

2. How We Use Your Information

We use your personal data for the following purposes:

• To provide cybersecurity services, including penetration testing, vulnerability assessments, and compliance audits.
• To process service payments and generate invoices.
• To respond to inquiries, provide customer support, and send security reports.
• To improve our services and enhance security testing methodologies.
• To send service updates, security alerts, and compliance-related communications.
• To comply with legal, regulatory, and contractual obligations.

We do not use customer data for unauthorized marketing or data profiling.

3. Data Protection and Compliance

3.1 Security Measures

We implement strict security controls, including:

• Encryption: Protecting sensitive data during storage and transmission.
• Access Control: Limiting data access to authorized personnel only.
• Secure Storage: Ensuring compliance with ISO 27001, GDPR, and industry best practice.
• Regular Security Audits: Conducting penetration testing on our own infrastructure.

3.2 Compliance with Global Data Protection Laws

• GDPR (General Data Protection Regulation) – We ensure that EU users’ personal data is processed lawfully, with rights to access, correct, or delete data.
• HIPAA (Health Insurance Portability and Accountability Act) – If applicable, we follow strict security guidelines for handling healthcare-related data.
• PCI DSS (Payment Card Industry Data Security Standard) – We do not store payment card details but comply with PCI DSS when processing transactions.
• ISO 27001 – Our security management aligns with international information security standards.

4. How We Share Your Information

• We do not sell or rent personal data. However, we may share information with:
• Trusted Third-Party Service Providers – To assist with payment processing, cloud hosting, and security analysis.
• Legal Authorities – When required to comply with laws, regulations, or court orders.
• Business Partners – If explicitly authorized by you for joint cybersecurity initiatives or compliance requirements.

All third parties are required to follow strict data protection agreements.

5. Data Retention

We retain personal data only as long as necessary to fulfill the purposes outlined in this policy. Security assessment reports are deleted after the contract period unless otherwise required by compliance regulations.

Customer inquiries and transactional data are retained per tax and legal requirements. You can request data deletion at any time (subject to legal constraints).

6. Your Rights and Choices

You have the following rights regarding your personal data:

• Access & Correction – Request a copy of your data and correct inaccuracies.
• Data Deletion – Request deletion of personal data, subject to legal and contractual obligations.
• Opt-Out of Marketing – Unsubscribe from marketing emails at any time.
• Restrict Processing – Limit how your data is used for specific purposes.

To exercise these rights, contact us at [insert contact email].

7. Cookies and Tracking Technologies

• We use cookies to enhance user experience and analyze website traffic.
• Essential Cookies: Required for Website functionality.
• Analytics Cookies: Help us understand Website usage trends.
• Marketing Cookies: Used only if consent is given.

You can manage cookies via browser settings. For more details, see our Cookie Policy.

8. International Data Transfers

If you are accessing our services from outside India, your data may be processed in India under applicable data protection laws. By using our services, you consent to this transfer.

9. Updates to This Privacy Policy

We may update this Privacy Policy periodically. Any changes will be posted on this page with an updated "04/03/2025".