01Who We Are

Infomaze Elite ("we", "us", "our") is a software engineering and technology services company based in India. We operate the website at www.infomaze.co.in and related subdomains. For the purposes of data protection law, Infomaze Elite is the data controller for personal data collected through our website and in the course of our business operations.

Registered address: Infomaze Elite, [Your registered address], India.

Privacy contact: privacy@infomaze.co.in

We are ISO 27001 certified, meaning our information security management practices are independently audited. We are also subject to the Information Technology Act 2000, the Digital Personal Data Protection Act 2023 (DPDP Act) (India), and we apply GDPR-equivalent standards for data subjects in the European Economic Area and United Kingdom.

02What Personal Data We Collect

We collect personal data through the following touchpoints on our website:

We do not collect: payment card data, government identification numbers, health data, biometric data, or any special category personal data through our website.

03How We Use Your Data

We use the personal data we collect for the following purposes:

• Responding to enquiries: When you contact us through a form or the Mazey chatbot, we use your contact details to respond to your specific request.
• Sending whitepaper downloads: When you request a whitepaper, we use your email to deliver the download link. With your consent, we may also notify you when new whitepapers are published.
• Business development: If you submit a project brief or hiring enquiry, we use the information to match you with relevant specialists and respond with a proposal.
• Improving our website: Anonymised analytics help us understand which pages are useful and where we should improve content.
• Legal obligations: We may process personal data where required by applicable law, regulation, or legal process.

We do not use your data for: advertising targeting, profiling for automated decisions, or selling to third parties.

04Who We Share Your Data With

We share personal data only with the following categories of third parties, and only to the extent necessary:

• CRM and email tools: We use tools such as Zoho CRM and Zoho Campaigns (or equivalent) to manage contact records and send requested communications. These platforms process data on our behalf under data processing agreements.
• Analytics providers: We use Google Analytics or equivalent to analyse anonymised website usage data. IP addresses are anonymised before processing.
• Cloud hosting providers: Our website and data may be hosted on AWS, Azure, or Google Cloud infrastructure. These providers hold data processor agreements with us.
• Professional advisors: Our legal, financial, and compliance advisors may access data where strictly necessary for their services, under confidentiality obligations.

We never sell, rent, or trade personal data to any third party. We do not share data with advertising networks or data brokers.

05International Data Transfers

Infomaze Elite is based in India. If you are located in the European Economic Area (EEA), United Kingdom, or another jurisdiction with data transfer restrictions, your personal data may be transferred to and processed in India.

We ensure appropriate safeguards are in place for such transfers, including:

• Standard Contractual Clauses (SCCs) with relevant processors where required
• Our ISO 27001 certification covering all data handling practices
• Data Processing Agreements with all third-party processors

06How Long We Keep Your Data

After retention periods expire, data is securely deleted or anonymised in accordance with our ISO 27001 data disposal procedures.

07Your Rights (GDPR & UK GDPR)

If you are in the EEA or UK, you have the following rights under GDPR:

To exercise any of these rights, email privacy@infomaze.co.in with your request. We will respond within 30 days. We may ask for identity verification before processing the request.

You also have the right to lodge a complaint with your local supervisory authority. In the UK, this is the Information Commissioner's Office (ICO). In the EU, contact your national data protection authority.

08Your Rights Under the India DPDP Act 2023

Under the Digital Personal Data Protection Act 2023, data principals (individuals whose data is processed) have the following rights:

• Right to information: Know what personal data we process about you and the purpose of processing.
• Right to correction and erasure: Have inaccurate or incomplete data corrected, and have data erased where consent is withdrawn or processing is no longer necessary.
• Right to grievance redressal: Have any grievance related to your personal data addressed. Contact our Data Protection Officer at privacy@infomaze.co.in
• Right to nominate: Nominate another individual to exercise rights on your behalf in the event of death or incapacity.

Infomaze Elite complies with obligations as a Data Fiduciary under the DPDP Act, including maintaining appropriate technical and organisational security measures, not retaining data beyond the necessary period, and processing data only for stated purposes with valid consent.

09Data Security

We protect your personal data using technical and organisational measures including:

• ISO 27001 certified information security management — independently audited annually
• Encryption in transit (TLS/HTTPS) for all data transmitted to and from our website
• Encryption at rest for stored personal data on our systems
• Minimum-privilege access controls — staff access only the data necessary for their role
• Multi-factor authentication on all systems that store personal data
• Regular security assessments and penetration testing
• Staff security training as part of our ISMS programme

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours (GDPR requirement) and affected individuals without undue delay where the breach is likely to result in a high risk.

10Cookies

We use cookies on our website. For full details of what cookies we use and why, please see our Cookie Policy. In summary:

• Essential cookies: Required for the site to function — session management, form security tokens. No consent required.
• Analytics cookies: Used to understand how visitors use our site (Google Analytics with IP anonymisation). Consent required and obtained via our cookie banner.
• No advertising or tracking cookies are used on this website.

11Third-Party Links

Our website may contain links to third-party websites — client sites, platform documentation, partner websites, and case study references. This Privacy Policy does not apply to those websites. We are not responsible for the privacy practices of third-party sites and recommend you review their privacy policies before providing any personal data.

12Children's Privacy

Our website and services are directed at business professionals and are not intended for individuals under the age of 18. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a person under 18, please contact us at privacy@infomaze.co.in and we will delete it promptly.

13Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or the services we offer. When we make material changes, we will update the "Last Updated" date at the top of this page and, where appropriate, notify you by email if you have an active relationship with us.

We encourage you to review this policy periodically. Continued use of our website after changes are posted constitutes acceptance of the updated policy.

14Contact Our Data Protection Officer

For any questions, requests, or complaints regarding this Privacy Policy or our data handling practices: