Legal
Privacy Policy
Last updated: May 2025
1. Who We Are
InfraDefend ("we", "us", "our") is a cybersecurity and managed IT services company. Our registered contact email is contact@infradefend.com. This Privacy Policy explains how we collect, use, store, and protect personal data when you visit infradefend.com or interact with our services.
2. Data We Collect
We collect the following personal data when you submit our contact form: full name, company name, business email address, phone number, service interest, and any information you include in your message. We do not collect sensitive personal data (as defined under the DPDP Act 2023) without explicit consent. We also collect anonymised analytics data (pages visited, session duration, referral source) to understand how our website is used.
3. How We Use Your Data
Your data is used solely to respond to your enquiry, provide you with information about our services, and conduct our business operations. We do not sell, rent, or trade your personal data to any third party. We may use your email to send relevant service updates if you have given consent; you may unsubscribe at any time.
4. Legal Basis for Processing
We process your data on the basis of (a) your consent when you submit the contact form, (b) our legitimate interest in responding to business enquiries, and (c) contractual necessity when an engagement is agreed. Under the Digital Personal Data Protection Act 2023 (DPDP Act), you are a Data Principal and InfraDefend is the Data Fiduciary responsible for lawful processing.
5. Data Sharing & Third Parties
Your form submission data is transmitted via Zoho Mail (SMTP) to our internal inbox. Zoho is our Data Processor and processes data in accordance with their privacy policy. We may share data with law enforcement or regulatory authorities if legally required. No data is shared with advertising networks or data brokers.
6. Data Retention
We retain enquiry data for a maximum of 3 years from the date of last contact, after which it is securely deleted. If you become a client, retention periods are governed by your service agreement. You may request deletion at any time (see Section 8).
7. Cookies & Analytics
We use Google Analytics 4 (GA4) to collect anonymised usage data. GA4 uses cookies to identify unique sessions. We request your consent via our cookie banner before loading analytics scripts. If you decline, no analytics cookies are set. You can withdraw consent at any time by clearing your browser cookies or revisiting our cookie banner.
8. Your Rights
Under the DPDP Act 2023 and GDPR (where applicable), you have the right to: access the personal data we hold about you; correct inaccurate data; request erasure ("right to be forgotten"); withdraw consent at any time; and nominate a representative. To exercise any of these rights, email us at contact@infradefend.com with the subject "Data Request". We will respond within 30 days.
9. Data Security
We implement appropriate technical and organisational measures to protect your data, including encrypted email transmission, access controls, and regular security reviews. In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify you and the relevant authority within 72 hours as required by applicable law.
10. Changes to This Policy
We may update this Privacy Policy from time to time. The date of the most recent revision appears at the bottom of this page. Continued use of our website after a change constitutes acceptance of the updated policy.
11. Contact
For any privacy-related queries, contact us at contact@infradefend.com or via the contact form at infradefend.com/contact.