Privacy Policy

Last updated: April 1, 2026

Upzare Technologies Private Limited ("UPZARE", "we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website or use our cloud hosting services (the "Services").

1. Information We Collect

1.1 Information You Provide

• Account Information: Name, email address, billing address, phone number, and payment details when you register for an account or purchase a plan.
• Support Communications: Information you provide when you contact our support team, including ticket content, attachments, and chat transcripts.
• Identity Verification: In certain cases, we may request government-issued identification to verify your identity for fraud prevention or compliance purposes.

1.2 Information Collected Automatically

• Usage Data: Pages visited, features used, timestamps, session duration, and referring URLs.
• Device Information: IP address, browser type and version, operating system, and device identifiers.
• Server Logs: Access logs, error logs, and performance metrics generated by your use of our hosting infrastructure.
• Cookies and Tracking Technologies: We use cookies, web beacons, and similar technologies as described in our Cookies Policy.

1.3 Information from Third Parties

We may receive information about you from payment processors (e.g., Stripe, PayPal), analytics providers, and fraud detection services.

2. How We Use Your Information

We use the information we collect to:

• Provide, operate, and maintain the Services.
• Process transactions and send billing-related communications.
• Respond to your support requests and provide customer service.
• Send service updates, security alerts, and administrative messages.
• Detect, prevent, and address fraud, abuse, and security incidents.
• Analyse usage trends to improve performance, reliability, and user experience.
• Comply with legal obligations and enforce our Terms of Service.
• Send marketing communications (only with your consent; you may opt out at any time).

3. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), our legal basis for processing your personal data depends on the context:

• Contract Performance: Processing necessary to provide the Services you have requested.
• Legitimate Interests: Processing for fraud prevention, security, analytics, and improving our Services, where these interests are not overridden by your rights.
• Consent: Where you have given explicit consent, such as for marketing communications.
• Legal Obligation: Processing required to comply with applicable laws and regulations.

4. How We Share Your Information

We do not sell your personal information. We may share your data with:

• Service Providers: Payment processors, cloud infrastructure partners, email delivery services, and analytics providers that help us operate the Services.
• Legal Requirements: Law enforcement or regulatory authorities when required by law, court order, or subpoena.
• Business Transfers: In connection with a merger, acquisition, or sale of assets, your data may be transferred as part of that transaction.
• With Your Consent: In any other case where you have provided explicit consent.

5. Data Retention

We retain your personal information for as long as your account is active or as needed to provide the Services. After account deletion, we retain certain data for up to 90 days for backup and audit purposes. Billing records are retained for a minimum of 7 years to comply with tax and accounting regulations. You may request deletion of your data at any time, subject to our legal retention obligations.

6. Data Security

We implement industry-standard technical and organisational measures to protect your data, including:

• Encryption of data in transit (TLS 1.3) and at rest (AES-256).
• Multi-factor authentication for administrative access to infrastructure.
• Regular security audits and penetration testing.
• Access controls and role-based permissions for employees and contractors.
• Intrusion detection systems and 24/7 security monitoring.

No method of transmission or storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

7. International Data Transfers

Your data may be processed in countries other than your country of residence. When we transfer data outside the EEA, we ensure adequate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission, or transfers to countries recognised as providing adequate data protection.

8. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you.
• Rectification: Request correction of inaccurate or incomplete data.
• Erasure: Request deletion of your data, subject to legal retention requirements.
• Restriction: Request restriction of processing in certain circumstances.
• Portability: Request your data in a structured, machine-readable format.
• Objection: Object to processing based on legitimate interests or for direct marketing.
• Withdraw Consent: Where processing is based on consent, withdraw it at any time without affecting prior processing.

To exercise any of these rights, contact us at privacy@upzare.com. We will respond within 30 days.

9. Children's Privacy

Our Services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will take steps to delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email or by posting a prominent notice on our website. The "Last updated" date at the top reflects the most recent revision.

11. Contact Us

If you have any questions or concerns about this Privacy Policy, please contact us at privacy@upzare.com.