Privacy Policy

1. Introduction

Terzettoo is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services through our website or during project engagements.

2. Information We Collect

2.1 Personal Information

We may collect personally identifiable information when you:

• Contact us via forms, email, or phone
• Engage our services through contracts
• Make payments for our services
• Participate in surveys or feedback

This may include: Name, email address, phone number, business details, payment information, and project requirements.

2.2 Non-Personal Information

We automatically collect certain technical data when you visit our website:

• Browser type and version
• IP address (anonymized where possible)
• Pages visited and time spent
• Referring website addresses

3. How We Use Your Information

We use collected information for legitimate business purposes including:

• Providing and maintaining our Services
• Processing transactions and delivering projects
• Communicating about projects, updates, and security alerts
• Improving our website and service offerings
• Complying with legal obligations
• Preventing fraud and ensuring security

4. Legal Basis for Processing

We process personal data based on:

• Contractual necessity when providing services
• Legitimate interests for business operations and security
• Legal compliance for tax and regulatory requirements
• Consent where explicitly provided (e.g., marketing emails)

5. Data Sharing and Disclosure

5.1 Service Providers

We may share information with third-party vendors who assist with:

• Payment processing (Razorpay, etc.)
• Cloud storage and hosting
• Analytics and performance monitoring

All vendors are contractually obligated to maintain confidentiality and security.

5.2 Legal Requirements

We may disclose information when required by law or to:

• Comply with legal processes
• Protect our rights or property
• Prevent fraud or security issues
• Ensure safety of our team or others

5.3 Business Transfers

In case of merger, acquisition, or asset sale, client information may be transferred as a business asset, with prior notice and opportunity to opt-out where applicable.

6. Data Security

We implement robust security measures including:

• Encryption of sensitive data in transit and at rest
• Access controls and authentication protocols
• Regular security audits and vulnerability testing
• Secure development practices for all projects

However, no internet transmission is 100% secure. We cannot guarantee absolute security but will promptly notify affected individuals if a data breach occurs.

7. Data Retention

We retain personal data only as long as necessary for:

• Active projects and service delivery
• Legal and tax compliance (typically 6 years)
• Business records and analytics

Client project data is archived or deleted within 60 days after project completion unless extended retention is contractually required.

8. Your Data Rights

Depending on your jurisdiction, you may have rights to:

• Access and receive a copy of your personal data
• Rectify inaccurate or incomplete information
• Request deletion of your data (subject to legal limits)
• Restrict or object to certain processing
• Withdraw consent (where processing is consent-based)
• Lodge complaints with data protection authorities

To exercise these rights, contact us at legal@terzettoo.com. We may verify your identity before fulfilling requests.

9. International Data Transfers

As a global service provider, data may be transferred to and processed in countries outside your residence. We ensure all transfers comply with applicable laws using:

• Standard Contractual Clauses (SCCs) where required
• Data processing agreements with vendors
• Adequacy decisions for recipient countries

10. Cookies and Tracking Technologies

Our website uses essential cookies for functionality and may use analytics cookies to improve services. You can manage preferences through browser settings or our Cookie Banner.

We do not sell personal data or engage in cross-context behavioral advertising.

11. Children's Privacy

Our Services are not directed to individuals under 16. We do not knowingly collect children's data. If we become aware of such collection, we will take steps to delete the information.

12. Third-Party Links

Our website may contain links to third-party sites. We are not responsible for their privacy practices. We encourage reviewing their policies before providing any information.

13. Policy Updates

We may update this policy periodically. Material changes will be notified via email or website notice prior to the change becoming effective. The "Effective Date" at the top indicates when revisions were last made.