Legal

Privacy Policy

Last updated: June 2026

This Privacy Policy explains how DigiRashtra (“DigiRashtra”, “we”, “us”, or “our”) collects, uses, shares, and protects personal data when you visit digirashtra.in (the “Site”) or contact us.

We act as a Data Fiduciary under India's Digital Personal Data Protection Act, 2023 (the “DPDP Act”) and, where applicable, as a data controller under the EU and UK General Data Protection Regulation (“GDPR”). This policy is designed to meet those frameworks and other applicable data protection laws. Because we work with clients worldwide, it applies to visitors everywhere.

1. Who We Are

DigiRashtra is a global software solutions studio that operates the website digirashtra.in. For any privacy question, or to exercise your rights, contact us at contact@digirashtra.in.

2. Personal Data We Collect

Information you provide. When you use our contact form or email us, we collect:

  • Full name
  • Company or business name (optional)
  • Email address
  • Phone number (optional)
  • Industry, budget range, and timeline (optional)
  • The contents of your message
  • A record of the consent you provide when submitting the form

Information collected automatically. When you visit the Site, our hosting and security infrastructure may process limited technical data such as your IP address, browser and device type, and access timestamps, recorded in standard server logs. We also use your IP address on a short-term basis to rate-limit forms and prevent abuse.

Error and performance data. We use error-monitoring tooling to keep the Site reliable. If an error occurs, limited technical diagnostic data, which may include your IP address and browser information, is processed to help us diagnose and fix the issue.

Cookies and similar technologies. The public Site uses only strictly necessary and functional storage required to operate. We do not use advertising or third-party tracking cookies, and we do not run analytics that profile you. If you sign in to a restricted area such as our content admin, we use an authentication cookie to keep you logged in.

We do not knowingly collect special-category or sensitive personal data through the Site. Please do not include such data in your message.

3. How We Use Your Data and Our Legal Bases

We use personal data only for the purposes below:

  • To respond to your enquiry and follow up about the project or question you raised. Legal basis: your consent (DPDP Act), and your consent or steps taken at your request prior to entering a contract (GDPR).
  • To send a confirmation email acknowledging your message. Legal basis: consent and legitimate interests.
  • To keep the Site secure and prevent abuse, including rate limiting and spam prevention. Legal basis: legitimate interests and, where applicable, legal obligation.
  • To monitor and improve reliability through error tracking. Legal basis: legitimate interests.
  • To comply with law and respond to lawful requests. Legal basis: legal obligation.

We do not sell your personal data, we do not use it for advertising, and we do not carry out profiling or automated decision-making that produces legal or similarly significant effects.

4. Consent and Withdrawing Consent

Where we rely on your consent, you provide it by ticking the consent box and submitting the contact form. You may withdraw your consent at any time by emailing contact@digirashtra.in. Withdrawing consent does not affect the lawfulness of processing carried out before the withdrawal, and we may retain limited information where another lawful basis or legal obligation applies.

5. Sharing Your Data and Our Processors

We do not sell or rent personal data. We share it only with trusted service providers (“Data Processors”) who process it on our behalf under appropriate contractual safeguards:

  • Resend for delivering contact-form and confirmation emails.
  • Supabase for database, storage, and authentication infrastructure.
  • Upstash for short-term rate limiting using IP addresses to prevent abuse.
  • Sentry for error and performance monitoring.
  • Our hosting provider, which serves the Site and maintains operational server logs.

We may also disclose personal data if required by law, regulation, legal process, or an enforceable governmental request, or to protect our rights, safety, or property.

6. International Data Transfers

We operate globally, and some of our service providers store or process data on servers located outside your country, including outside India and the European Economic Area. Where we transfer personal data across borders, we rely on appropriate safeguards such as standard contractual clauses or equivalent measures, consistent with the DPDP Act and Chapter V of the GDPR.

7. Data Retention

We keep enquiry data for as long as needed to handle your request and the resulting business relationship, and for a reasonable period afterwards to meet legal, accounting, or dispute-resolution requirements. Security and server logs are kept for a short period. When personal data is no longer needed, we delete or anonymise it.

8. How We Protect Your Data

We use reasonable technical and organisational measures, including encryption in transit (HTTPS), access controls, and secure infrastructure. No method of transmission or storage is completely secure, so we cannot guarantee absolute security. If a personal data breach occurs that is likely to affect you, we will notify you and the relevant authority, including the Data Protection Board of India and any applicable supervisory authority, as required by law.

9. Your Rights

Subject to applicable law, you have the following rights over your personal data.

Under India's DPDP Act, 2023, you may:

  • Access a summary of the personal data we process about you and how we process it
  • Request correction, completion, or updating of inaccurate or incomplete data
  • Request erasure of your personal data
  • Nominate another individual to exercise your rights in the event of your death or incapacity
  • Raise a grievance with us (see Grievance Officer below) and escalate to the Data Protection Board of India
  • Withdraw consent at any time

Under the GDPR, if you are in the EEA or UK, you may also:

  • Object to or request restriction of processing
  • Request a portable copy of the data you provided
  • Lodge a complaint with your local data protection supervisory authority

Under the California CCPA/CPRA, you may request to know, delete, or correct your personal information, and opt out of any “sale” or “sharing” of it. We do not sell or share personal information, and we will not discriminate against you for exercising your rights.

To exercise any right, email contact@digirashtra.in. We will verify your request and respond within the timeframes required by applicable law. Exercising your rights is free, subject to lawful exceptions.

10. Grievance Officer

In accordance with the DPDP Act and applicable rules, you may contact our Grievance Officer about any concern regarding how your personal data is handled:

Grievance Officer, DigiRashtra
Email: contact@digirashtra.in

We will acknowledge and address grievances within the timelines prescribed by law.

11. Children's Privacy

The Site is intended for adults and is not directed at children. We do not knowingly process the personal data of anyone under 18 years of age without verifiable consent from a parent or lawful guardian, and we do not undertake tracking, behavioural monitoring, or targeted advertising directed at children, consistent with the DPDP Act. If you believe a child has provided us personal data, contact us and we will delete it.

12. Changes to This Policy

We may update this Privacy Policy from time to time. The “Last updated” date at the top reflects the latest version, and material changes will be made prominent on this page.

13. Contact

For any question about this Privacy Policy or your personal data, contact:

DigiRashtra
contact@digirashtra.in
digirashtra.in

Back to home