Privacy Policy
for Razegreen
Effective Date: 1st December 2024
Welcome to Razegreen’s Privacy Policy. At Razegreen, a unit of Reflective Software Tech Private Limited, we recognize that your privacy is of paramount importance. Our commitment to transparency, security, and compliance with legal standards forms the foundation of our privacy practices. This Privacy Policy governs the manner in which we collect, use, maintain, and disclose information collected from users (each, a “User”) of our services, including but not limited to our website, applications, and any associated products or services.
This document explains the details of how your personal information is handled, providing a thorough understanding of the steps we take to safeguard your data and ensure compliance with global privacy laws, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable laws and regulations.
This policy applies to all personal data processing activities carried out by Razegreen in connection with the services we offer to you, and it explains your rights and our obligations regarding your data.
1. Who We Are
Razegreen is a software development company that specializes in delivering innovative and customized software solutions. As part of Reflective Software Tech Private Limited, our mission is to provide high-quality products with a strong emphasis on security and performance. We understand the importance of protecting personal data and strive to ensure that all data processing activities align with our core values of trust, security, and transparency.
Razegreen’s operations are headquartered in Chennai, India, but we serve clients globally. Whether you are a visitor to our website, a potential client, or a partner, we take data privacy seriously and make it a priority in all aspects of our business.
For any inquiries regarding this privacy policy or our data protection practices, you can reach us at:
- Company Name: Razegreen, a unit of Reflective Software Tech Private Limited
- Website: https://razegreen.com
- Contact Email: info@razegreen.com
- Address: Flat No: 1A, Venkateshwara Nagar, 1st Pradana Salai, Maduravoyal, Chennai – 600095
2. Key Definitions
To better understand this privacy policy, we define the following key terms, which are referenced throughout this document. Understanding these terms will provide greater clarity as you navigate through this policy:
- Personal Data: Information relating to an identified or identifiable natural person, such as names, email addresses, payment details, or any other information that can be linked to an individual.
- Data Processing: Any operation or set of operations performed on personal data, including collection, recording, organization, storage, adaptation, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available.
- Data Controller: The entity (in this case, Razegreen) that determines the purposes and means of processing personal data.
- Data Processor: An entity that processes personal data on behalf of the data controller.
- Data Subject: The individual whose personal data is being processed.
- Consent: A freely given, specific, informed, and unambiguous indication of the data subject’s agreement to the processing of their personal data.
2.1 Other Important Definitions
- GDPR: The General Data Protection Regulation, a legal framework that sets guidelines for the collection and processing of personal data within the European Union (EU).
- CCPA: The California Consumer Privacy Act, a state statute intended to enhance privacy rights and consumer protection for residents of California, USA.
- Cookies: Small files that are placed on your computer or device by websites you visit to store information about your preferences.
3. The Types of Data We Collect
In order to provide and improve our services, Razegreen collects various types of personal data. The type of data we collect depends on the context of your interaction with us. Below, we outline the categories of data we collect and process, as well as the specific details within each category.
3.1 Personal Identification Information (PII)
Personal identification information (PII) is information that can be used to identify you directly or indirectly. This includes but is not limited to:
- Full Name: Used for user account creation, customer support, and billing purposes.
- Email Address: This is required to create an account, manage subscriptions, and for communication purposes such as sending transactional emails, account updates, or marketing messages (if consented to).
- Phone Number: Collected to assist with customer service, account recovery, and transactional notifications.
- Company Name and Job Title: In the case of business accounts, we collect these details to better understand your needs and tailor our services to your organization’s goals.
- Postal Address: This may be collected for billing purposes or to deliver physical products or invoices.
We ensure that the collection of such information is limited to what is necessary to fulfill the specific purpose for which it was collected.
3.2 Financial and Transaction Data
When you engage in transactions with Razegreen, such as purchasing services or products, we collect the following data:
- Payment Information: This includes credit or debit card details, banking information, or other payment methods. We use third-party payment gateways (compliant with PCI DSS) to process this information securely.
- Transaction History: Records of purchases, invoices, and billing activity are maintained to ensure proper accounting and customer support.
Financial information is never stored directly by Razegreen but by our trusted payment processors, who adhere to industry-standard security practices to protect your data.
3.3 Technical and Usage Data
In order to optimize and personalize your experience, we collect data about your device and usage patterns, such as:
- IP Address: Collected to help diagnose server issues, manage website performance, and ensure security by tracking suspicious activities or unauthorized access.
- Browser Information: Includes the type of browser you use, operating system, and language preferences. This helps us optimize your experience across devices.
- Cookies and Similar Technologies: These track user preferences, help with session management, and enable functionality such as saving login credentials. Cookies may also be used for analytics or advertising.
3.4 Usage Data and Analytics
Razegreen also collects data about how you interact with our services. This may include:
- Pages Visited: Information on which pages you visit, how long you stay on each page, and what actions you take (e.g., clicks, form submissions).
- Session Data: We collect session duration, referring URLs, and other interaction data to improve website performance and provide relevant content.
- Device-Specific Data: This may include hardware models, operating system versions, and device identifiers.
This data is collected using tools like Google Analytics, which helps us analyze site traffic and usage trends to improve our services.
4. How We Use Your Data
Razegreen uses personal data for a variety of legitimate purposes, always in alignment with applicable data protection laws. The following are the specific ways in which we utilize your personal information:
4.1 Provision of Services
We process your personal data primarily to fulfill our contractual obligations. This includes:
- Account Setup and Authentication: We use your personal information to create and maintain your account, authenticate users, and ensure that only authorized users access certain services.
- Service Delivery: Your data is used to provide you with the software solutions, customer support, and other services you’ve requested.
- Billing and Payment Processing: We use financial data to process payments, manage subscriptions, and issue invoices.
4.2 Customization and Personalization
To provide a more tailored experience, we analyze your preferences and behavior to:
- Personalize Content: Based on your usage patterns, we may customize the user interface, suggest features, or recommend services that align with your needs.
- Targeted Marketing: With your consent, we use personal data to send newsletters, promotional content, and information about new features or services.
- Customized Support: Your data helps us tailor customer service responses to your specific inquiries or issues, ensuring a faster and more accurate resolution.
4.3 Security and Fraud Prevention
We take proactive steps to protect both our users and ourselves from security threats, including:
- Security Monitoring: We monitor your interactions with our services to detect and prevent malicious activities, unauthorized access, or breaches.
- Fraud Detection: To minimize the risk of fraud, we may analyze usage patterns and transaction data for any irregularities that indicate fraudulent behavior.
4.4 Performance and Analytics
Your usage data helps us improve our services over time by allowing us to:
- Identify and Fix Bugs: Usage data and error logs help us identify issues and optimize software performance.
- Feature Development: We assess how users interact with our products to prioritize new feature development based on user demand and behavior.
- Optimize Resource Allocation: By understanding how our services are used, we can optimize resources like server allocation and infrastructure costs.
4.5 Compliance with Legal Requirements
Razegreen may process your personal data in response to legal requirements, such as:
- Compliance with Laws and Regulations: We are legally obliged to collect, process, and store certain types of personal data to comply with applicable laws, such as tax regulations and data retention laws.
- Regulatory Reporting: We may disclose information to regulatory authorities or law enforcement when required by law.
5. Legal Basis for Processing Data
Under GDPR and other applicable laws, Razegreen must have a valid legal basis to process your personal data. The legal bases we rely on are as follows:
5.1 Contractual Necessity
We process personal data where it is necessary for the performance of a contract with you or to take steps before entering into a contract. Examples include account setup, payment processing, and providing access to our services.
5.2 Legitimate Interests
In some cases, we process personal data based on our legitimate business interests, provided that those interests are not outweighed by your rights and freedoms. Legitimate interests may include:
- Enhancing the security and performance of our services.
- Understanding customer needs to improve our products.
- Preventing fraud or illegal activities.
5.3 Consent
When you provide consent, we process your personal data for specific purposes, such as:
- Sending marketing emails or newsletters.
- Using cookies for analytics or personalized advertising.
You have the right to withdraw consent at any time, and we will cease processing your data for those purposes once consent is revoked.
5.4 Legal Obligation
Razegreen processes personal data where required to comply with a legal obligation. This may involve:
- Keeping financial records for auditing purposes.
- Complying with data protection laws or responding to regulatory inquiries.
5.5 Protection of Vital Interests
In rare cases, we may process your personal data to protect your vital interests or the vital interests of another person. For example, we may disclose data in an emergency situation to prevent harm.
5.6 Public Task
In limited circumstances, we may process personal data where necessary to carry out tasks in the public interest. This is more likely to apply to certain government or public sector activities and may not be applicable to most of Razegreen’s operations.
This expanded framework focuses on legal bases, processing principles, detailed definitions, and enhanced clarity on data handling practices for transparency and regulatory compliance.
Continuing with the expansion, let’s further elaborate on the remaining sections, ensuring we provide a thorough, in-depth understanding of how Razegreen handles various aspects of data protection and privacy compliance.
6. How We Share Your Data
Razegreen may share your personal data with third parties under certain circumstances. We are committed to transparency regarding how and why data is shared, and we only disclose your information when necessary to fulfill legal, contractual, or business obligations. Here’s a breakdown of when and why we might share your data:
6.1 Service Providers
We partner with third-party service providers to help us deliver and enhance our services. These third-party providers perform functions such as:
- Hosting Services: We work with cloud providers to host our services and ensure data availability and redundancy.
- Payment Processors: For handling payments, we utilize trusted and compliant payment gateways that securely process your payment information.
- Analytics Providers: We rely on analytics providers (such as Google Analytics) to analyze how users interact with our website and services to help us improve functionality and performance.
- Marketing Platforms: When you consent to receive marketing communications, your data may be shared with platforms that help deliver newsletters, promotional emails, or targeted advertisements.
All third-party providers are bound by data protection agreements, which ensure that your personal data is processed securely and in accordance with applicable regulations. These providers are only permitted to process your data for the purposes specified by us, and they are prohibited from using it for their own purposes.
6.2 Business Transfers
In the event of a business transaction, such as a merger, acquisition, or sale of assets, Razegreen may share or transfer your personal data as part of that transaction. If such a transfer occurs, we will ensure that the receiving party agrees to honor this Privacy Policy and maintain adequate protections for your personal data. You will be notified if your personal data is transferred to a new owner or entity.
6.3 Legal and Regulatory Requirements
Razegreen may be required to disclose personal data in response to legal or regulatory obligations. Examples include:
- Law Enforcement: We may share data in response to requests from law enforcement agencies, courts, or regulatory bodies when such disclosures are necessary to comply with applicable laws, prevent fraud, or protect the rights and safety of individuals.
- Tax Authorities: We may be required to share certain financial data with tax authorities or other regulatory bodies in compliance with applicable tax laws.
We will only disclose your personal data to third parties under these circumstances when we have a legal obligation to do so, and we will take reasonable steps to inform you before making any such disclosure unless prohibited by law.
6.4 Affiliates and Subsidiaries
We may share your personal data with Razegreen’s affiliates, subsidiaries, or other related entities to provide our services, support business operations, or facilitate internal administrative processes. All entities within our corporate group follow strict data protection practices to ensure your personal data is handled securely.
6.5 With Your Consent
We may share your personal data with third parties when you have provided explicit consent for us to do so. This may include:
- Sharing data with third-party partners for joint marketing efforts.
- Providing your data to third parties for specialized services (e.g., integration with third-party applications).
You have the right to revoke this consent at any time, and we will immediately cease any data-sharing activities based on your consent.
7. How We Protect Your Data
Razegreen is committed to ensuring the security and confidentiality of your personal data. We take multiple steps to protect your data from unauthorized access, disclosure, alteration, or destruction, employing industry-standard measures and continuously reviewing our security practices to safeguard your information.
7.1 Security Measures
We implement a variety of security technologies and processes to protect your data, including but not limited to:
- Encryption: Data in transit is encrypted using Secure Socket Layer (SSL) technology, ensuring that sensitive information (such as payment details) is securely transmitted between your browser and our servers.
- Firewalls and Intrusion Detection Systems: Our network infrastructure is secured by firewalls and monitored by intrusion detection systems to identify and mitigate any potential threats.
- Access Controls: We enforce strict access control policies to ensure that only authorized personnel can access personal data. This includes role-based access control (RBAC), which restricts data access based on an employee’s role within the company.
- Regular Security Audits: We conduct regular security assessments, penetration tests, and vulnerability scans to identify and address potential security risks.
7.2 Data Minimization
Razegreen adheres to the principle of data minimization, meaning that we only collect, store, and process the minimum amount of personal data necessary to fulfill our purposes. We periodically review the data we hold to ensure that it is accurate, up-to-date, and no longer necessary data is deleted or anonymized.
7.3 Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including to meet legal, regulatory, and business requirements. Our data retention periods are as follows:
- Account Data: We retain your account information for as long as your account is active. If you decide to delete your account, we will remove your personal data within a reasonable timeframe unless retention is required by law (e.g., for tax purposes).
- Financial Data: Payment information is retained for the duration of your transactions and subscription services. For auditing and tax compliance, we may retain financial records for a legally mandated period.
- Marketing Data: If you consent to receive marketing communications, we retain your contact details until you withdraw your consent or opt out of communications.
If you would like further information about our data retention policies, you may contact us at any time.
7.4 Third-Party Security
When sharing your personal data with third-party providers, we ensure that they implement robust security measures to protect your data. Third-party providers must comply with data protection regulations and our strict data protection agreements, which mandate security, confidentiality, and processing standards.
8. International Data Transfers
Razegreen operates globally, and your personal data may be transferred to and processed in countries outside your home country. These transfers may include data sent to countries that do not provide the same level of protection as your jurisdiction. However, we ensure that all international data transfers are conducted in compliance with applicable data protection laws.
8.1 Data Transfer Safeguards
To ensure that your data is protected during international transfers, we use the following safeguards:
- Standard Contractual Clauses (SCCs): When transferring data outside the European Economic Area (EEA), we implement Standard Contractual Clauses (SCCs) approved by the European Commission. These clauses ensure that data transfers comply with GDPR requirements.
- Adequacy Decisions: In some cases, we rely on adequacy decisions made by the European Commission, which determine that certain countries provide an adequate level of data protection comparable to the EEA.
- Binding Corporate Rules (BCRs): For intra-company transfers within the Razegreen group, we use Binding Corporate Rules, which ensure consistent data protection practices across our global operations.
8.2 Transfer to Third-Party Countries
When transferring personal data to countries outside the EEA, we conduct risk assessments to ensure that the receiving country’s data protection laws align with our own standards. If the receiving country does not have adequate data protection laws, we implement additional measures, such as encryption, to protect your data.
We will notify you if any significant changes occur to our international data transfer practices or if additional safeguards are introduced.
9. Your Data Protection Rights
As a data subject, you have certain rights concerning your personal data, as outlined under GDPR, CCPA, and other data protection laws. Razegreen respects these rights and provides mechanisms for you to exercise them at any time.
9.1 Right to Access
You have the right to request access to the personal data we hold about you. Upon receiving a request, we will provide you with a copy of your personal data, along with information about how it is processed, the purposes of processing, and any third parties with whom we have shared your data.
- How to Access Your Data: You can request access to your data by contacting us at [Insert Email Address]. We may require proof of identity to verify your request.
9.2 Right to Rectification
If you believe that any of the personal data we hold about you is inaccurate or incomplete, you have the right to request that we correct or update your data. We will make the necessary changes as quickly as possible, subject to verification of the new information.
- How to Correct Your Data: You can update your information by logging into your account or contacting us directly.
9.3 Right to Erasure (Right to be Forgotten)
In certain circumstances, you have the right to request the deletion of your personal data. This includes situations where:
-
The data is no longer necessary for the purposes for which it was collected.
-
You have withdrawn your consent, and no other legal grounds exist for processing.
-
The data has been unlawfully processed.
-
Exceptions to Data Erasure: Razegreen may retain certain data if required to comply with legal obligations or to exercise or defend legal claims.
9.4 Right to Restrict Processing
You have the right to request that we restrict the processing of your personal data if:
- You contest the accuracy of the data.
- The processing is unlawful, but you oppose the erasure of the data.
- We no longer need the data for processing, but you require it to establish or defend legal claims.
- You have objected to data processing, and we are in the process of determining whether legitimate grounds override your rights.
9.5 Right to Data Portability
You have the right to request that we provide your personal data in a structured, commonly used, and machine-readable format. This right allows you to transfer your data to another controller if:
- The processing is based on your consent or a contract.
- The processing is carried out by automated means.
9.6 Right to Object
You have the right to object to the processing of your personal data if the processing is based on our legitimate interests or for direct marketing purposes. Upon receiving your objection, we will cease processing your data unless there are compelling legitimate grounds to continue processing or we need the data to establish, exercise, or defend legal claims.
9.7 Right to Withdraw Consent
If you have given consent for the processing of your personal data, you have the right to withdraw that consent at any time. Once you withdraw your consent, we will stop processing your data for the purposes for which you initially provided consent.
9.8 How to Exercise Your Rights
To exercise any of these rights, please contact us at [Insert Contact Information]. We will respond to your request as quickly as possible and within the legally mandated timeframes.
10. Cookies and Tracking Technologies
Razegreen uses cookies and similar tracking technologies to enhance your experience on our website, improve performance, and deliver personalized content. This section explains the types of cookies we use and how you can manage your preferences.
10.1 Types of Cookies We Use
We use the following categories of cookies on our website:
- Essential Cookies: These cookies are necessary for the website to function properly. Without these cookies, certain features and services may not be available.
- Performance Cookies: These cookies collect information about how visitors use our website, such as which pages are visited most frequently. This data helps us improve website functionality.
- Functional Cookies: Functional cookies enable the website to provide enhanced features and personalization. For example, they may remember your login details or language preferences.
- Targeting and Advertising Cookies: These cookies are used to deliver personalized advertisements and track the effectiveness of our marketing campaigns. They may be set by third-party advertising partners.
10.2 How to Manage Cookies
You can manage your cookie preferences by adjusting the settings in your web browser. Most browsers allow you to control cookies through their settings options. Please note that disabling certain types of cookies may impact the functionality of our website.
11. Updates to This Privacy Policy
Razegreen may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or industry standards. When we make significant changes to this policy, we will notify you via email or post an update on our website.
11.1 How We Notify You of Changes
- Email Notification: If you have provided your contact information, we will send you an email notification of any significant changes.
- Website Notice: We will post a prominent notice on our website outlining the changes to the Privacy Policy.
11.2 Effective Date of Changes
The effective date of the updated Privacy Policy will be included at the top of the policy. We encourage you to review this policy regularly to stay informed about how we are protecting your personal data.
12. Contact Us
If you have any questions, concerns, or complaints about this Privacy Policy or our data processing practices, please contact us at:
- Email: info@razegreen.com
- Phone: +91 96554 66648
- Mailing Address: Flat No: 1A, Venkateshwara Nagar, 1st Pradana Salai, Maduravoyal, Chennai – 600095
We are committed to resolving any concerns you may have regarding your privacy and data protection.