Privacy Policy

1. Who we are

Abscode DMS is operated by Abscode Technologies LLP ("Abscode", "we", "us"). Registered office: [PLACEHOLDER: street address], India. Abscode Technologies LLP is a limited liability partnership established in India. For privacy questions, contact our Data Protection Officer / privacy team at privacy@abscode.com.

Abscode Technologies LLP is established in India and has no office or establishment in the EU/EEA or UK. Where we offer the service to individuals in the EEA or UK, GDPR Article 27 may still require us to appoint a representative there. Our EEA/UK representative, where appointed, is [PLACEHOLDER: EU/UK representative — or document reliance on the Article 27(2) exemption; confirm with counsel].

2. Scope & our two roles

We act as a data controller for personal data relating to this website and our sales/marketing relationship with you (e.g. enquiry and sign-up details). We act as a data processor for the documents and personal data that customers store and manage inside the Abscode DMS service ("Customer Content"), which we process on the customer's documented instructions under our Data Processing Agreement (DPA). With bring-your-own-storage, Customer Content remains in the customer's own storage (Google Drive, OneDrive, S3, Azure, NAS).

3. Personal data we collect

• Information you give us — name, work email, company, phone, country, and message content when you sign up, book a demo, or contact us.
• Account & billing data — account identifiers, plan, and billing details processed by our payment partners (Razorpay in India; Stripe elsewhere). We do not store full card numbers.
• Customer Content — documents and any personal data within them, processed as a processor on your behalf.
• Technical data — IP address, browser/device type, and server log data, used for security and reliability. We use only functional browser storage (e.g. to remember your selected country); we do not use advertising or third-party tracking cookies. See section 11.

4. How we use personal data & legal bases (GDPR Art. 6)

• To provide the service / respond to you — performance of a contract, or steps prior to a contract.
• To secure and improve the service — our legitimate interests in security, fraud prevention, and product quality.
• Marketing communications — your consent, which you may withdraw at any time.
• Legal & compliance obligations — compliance with applicable law.

Under India's DPDP Act 2023 we process personal data for lawful purposes with notice and, where required, consent. Under POPIA we rely on the corresponding lawful processing conditions.

5. Sharing & sub-processors

We share personal data only with vetted sub-processors who support the service (cloud hosting, email/notification delivery, payment processing) under contractual data-protection obligations. Our current sub-processor list is available on request and at /security/. We do not sell personal data.

6. International data transfers

Abscode is based in India and our core processing takes place in India, which the European Commission has not designated as an "adequate" jurisdiction. Where we process personal data of EEA/UK individuals, we use appropriate safeguards — principally the European Commission's Standard Contractual Clauses together with the UK International Data Transfer Addendum — for the transfer to India. Enterprise customers can request specific data-residency regions. [PLACEHOLDER: confirm hosting regions]

7. Data retention

We keep personal data only as long as necessary for the purposes above, then delete or anonymise it. Account data is retained for the life of the account plus a limited period required by law. Customer Content retention is controlled by the customer and the configured retention policy.

8. Your rights

Subject to applicable law, you may have the right to access, rectify, erase, restrict, or object to processing, to data portability, and to withdraw consent. EEA/UK individuals may lodge a complaint with their supervisory authority; Indian users may approach the Data Protection Board under the DPDP Act; South African users may complain to the Information Regulator under POPIA. To exercise any right, email privacy@abscode.com. For Customer Content, please contact the relevant customer (the controller); we will assist them as processor.

9. Security

We apply encryption in transit and at rest, role-based access, maker-checker controls, and audit logging. See our Security & Compliance page for details and our breach-notification approach.

10. Children

The service is intended for businesses and is not directed to children. We do not knowingly collect data from children under the age defined by applicable law.

11. Cookies & local storage

We use strictly necessary and functional browser storage only — for example, a localStorage value that remembers your selected country for pricing. We do not use advertising, profiling, or third-party analytics cookies. Because we use only essential storage, no consent is legally required, but we show a short notice for transparency.

12. Changes

We may update this policy; material changes will be posted here with a new "last updated" date.

13. Contact

Privacy team / DPO: privacy@abscode.com · Abscode Technologies LLP, [PLACEHOLDER: address].