Legal

Privacy Policy

Effective: March 2026 DPDP Act 2023 Compliant GDPR Compliant ISO 27001 Aligned
🔒 Your Privacy Matters: This policy is effective as of March 2026 and complies with India’s Information Technology Act 2000, the Digital Personal Data Protection Act 2023 (DPDP Act), and international standards including GDPR, ISO 27001, and SOC 2. We believe in plain-language transparency — if anything is unclear, email us at privacy@enterweb.in.
🏠

1. Who We Are

EnterWeb IT Firm ("Company," "we," "us," or "our") is an MSME-registered IT consulting firm headquartered in Bishrakh, Sector 1, Greater Noida, Uttar Pradesh, India (PIN 201306). We operate the enterweb.in website and provide enterprise IT services including network infrastructure, cloud solutions, cybersecurity, ILL/SIP connectivity, compliance consulting, and IT procurement services.

This Privacy Policy explains how we collect, use, disclose, and protect personal information provided in connection with our website and services. By using our website or engaging our services, you agree to the practices described in this policy.

📋

2. Information We Collect

2.1 Information You Provide Directly

  • Contact form submissions: Full name, email address, phone number, company name, and message content.
  • Quote request forms: Company name, contact details, service requirements, and budget range.
  • Email communications: Any information you include in emails sent to our team.
  • Project engagement: Technical environment details, network diagrams, access credentials (transmitted securely), and project documentation shared during service delivery.

2.2 Information Collected Automatically

  • Analytics data: Pages visited, time on site, referral source, browser type, operating system, and screen resolution — via privacy-respecting analytics tools.
  • Technical data: IP address (anonymised where possible), HTTP headers, and approximate geographic location (country/city level).
  • Cookie preferences: Your cookie consent choice stored in localStorage for up to 1 year. No personal data stored.
🚫 We Do NOT Collect: Payment card data (handled by third-party payment processors only), sensitive personal information such as biometric or health data, or personal data of children under 18 years of age.
🎯

3. How We Use Your Information

We use collected information strictly for the following purposes:

  • Service delivery: Responding to enquiries, preparing project quotes, delivering contracted IT services, and providing ongoing technical support.
  • Communication: Sending project updates, maintenance notifications, and service-related communications.
  • Website improvement: Analysing usage patterns to improve site performance, content quality, and user experience.
  • Legal compliance: Meeting our obligations under Indian law, including GST/Income Tax record-keeping requirements.
  • Security: Detecting and preventing fraud, unauthorised access, and abuse of our systems.
  • Marketing (opt-in only): Sending newsletters or service updates — only where you have explicitly opted in.
⚖️

4. Legal Basis for Processing

Under the DPDP Act 2023 and GDPR, we process your data on the following lawful bases:

Legal BasisWhen Applied
Contract PerformanceProcessing necessary to deliver services you have requested or contracted.
Legitimate InterestsWebsite analytics, fraud prevention, and service improvement — balanced against your rights.
ConsentMarketing communications and non-essential cookies — only where you have explicitly opted in.
Legal ObligationRetaining financial records as required by Indian GST/Income Tax regulations.
🔒

5. Data Security

We implement industry-leading security measures to protect your personal information from unauthorised access, disclosure, alteration, or destruction:

  • Transport encryption: All data transmitted via HTTPS/TLS 1.3.
  • Access controls: Role-based access — only staff who need data to perform their job can access it.
  • Data minimisation: We collect only what is strictly necessary for the stated purpose.
  • Third-party security: All service providers are contractually required to maintain equivalent security standards.
  • Breach notification: We will notify affected individuals and the Data Protection Board of India within 72 hours of becoming aware of a qualifying breach, as required by the DPDP Act 2023.
⚠️ Important: While we implement comprehensive security measures, no method of internet transmission is 100% secure. If you have concerns about submitting sensitive information, please contact us directly at +91 96677 96286.
👤

6. Your Rights

Under the DPDP Act 2023 and GDPR, you have the following rights regarding your personal data. To exercise any right, contact privacy@enterweb.in — we aim to respond within 30 days.

RightWhat It Means
AccessRequest a copy of all personal data we hold about you.
CorrectionRequest correction of inaccurate or incomplete personal data.
ErasureRequest deletion of your personal data where no legal obligation requires retention.
PortabilityReceive your data in a structured, machine-readable format.
ObjectionObject to processing based on legitimate interests or for direct marketing.
Withdraw ConsentWithdraw marketing consent at any time without affecting prior processing.
Grievance (DPDP)Lodge a complaint with the Data Protection Board of India under the DPDP Act 2023.
📅

7. Data Retention

We retain personal information only for as long as necessary to fulfil the purposes it was collected for, or to comply with legal and regulatory obligations:

  • Contact form data: Retained for 2 years from last interaction.
  • Project/service records: Retained for 7 years to comply with Indian tax and accounting regulations.
  • Website analytics: Aggregated and anonymised within 90 days; no individually identifiable data retained beyond that.
  • Email communications: Retained for 3 years from the date of last substantive communication.
  • Marketing consent records: Retained until consent is withdrawn plus 1 year for audit purposes.

When data is no longer needed and no legal obligation requires retention, we securely delete or irreversibly anonymise it within 30 days.

🔁

8. Third-Party Sharing

🚫 Our Commitment: We never sell, rent, trade, or otherwise transfer your personal information to any third party for their own marketing or commercial purposes. Period.

We may share your data with the following trusted third-party service providers only as strictly necessary:

  • EmailJS: Email delivery for contact form submissions — data used solely for message delivery.
  • Web analytics providers: Aggregated, anonymised analytics only — no personal identifiers.
  • Professional advisors: Legal, accounting, or auditing firms subject to professional confidentiality obligations.

All third-party processors are bound by data protection agreements and are prohibited from using your data for their own purposes.

We may disclose personal information if required by law, court order, or government authority — or in good-faith belief that such disclosure is necessary to comply with a legal obligation, protect our rights, prevent fraud, or protect personal safety.

🍪

9. Cookies & Local Storage

NameTypePurposeExpiry
ewCookieConsentlocalStorageStores your cookie consent preference (accepted/declined)1 year
Analytics cookiesCookieAnonymised page view and usage statisticsSession / 90 days

You can control and delete cookies through your browser settings. Most modern browsers allow you to: view cookies currently stored, delete all or specific cookies, block all cookies from all or specific sites, and be notified when a new cookie is set. Disabling cookies may affect certain functionality of our website.

👦

10. Children’s Privacy

Our website and services are intended solely for business use by adults (18 years and older) and organisations. We do not knowingly collect any personal information from individuals under the age of 18.

If you are a parent or guardian and believe that a minor has submitted personal information to us, please contact us immediately at privacy@enterweb.in and we will promptly delete such data within 5 business days.

📞

11. Contact & Grievance Officer

For any questions, data access requests, or complaints regarding this Privacy Policy, please contact our Privacy team. We aim to respond within 5 business days and resolve matters within 30 days.

Privacy Contact

Post: EnterWeb IT Firm, Bishrakh Sector 1, Greater Noida, UP 201306, India
Hours: Mon–Fri 9 AM – 6 PM IST

If you are not satisfied with our response, you have the right to lodge a complaint with the Data Protection Board of India under the DPDP Act 2023. EU residents may also contact their local supervisory authority under the GDPR.

🔄

12. Policy Updates

We may update this Privacy Policy to reflect changes in our practices, services, or applicable laws. When we make material changes, we will update the "Effective Date" at the top of this page and, where appropriate, notify active clients by email. Your continued use of our website or services after the effective date constitutes acceptance of the changes.

Previous versions: Contact privacy@enterweb.in to request any previous version of this policy.