Privacy Policy

Effective Date: 1st of April 2026

1. General Declaration, Scope, and Express Consent

This Privacy Policy ("Policy") governs the data collection, processing, and retention methodologies utilized by prismtechsystems.in, its subsidiaries, affiliates, and authorized operational fiduciaries (collectively, the "Data Controller," "We," "Us," or "Our"). By accessing, browsing, or interacting with any digital property under our control, you (the "Data Subject" or "User") expressly, unequivocally, and irrevocably consent to the practices delineated in this Policy. If you do not agree with these terms in their entirety, you must immediately cease all use of our services.

2. Typology of Data Processed

The Data Controller systematically harvests both Personally Identifiable Information (PII) and Non-Personally Identifiable Information (Non-PII). This includes, but is not limited to:

  • Volunteered Data: Names, email addresses, billing coordinates, and direct communications.
  • Automated Telemetry: IP addresses, browser fingerprinting, geographical geolocation data, operating system typologies, and algorithmic behavioral tracking metrics.
  • Cookies and Tracking Vectors: We utilize persistent and session-based cryptographic cookies, web beacons, and equivalent tracking technologies to execute essential platform functions and optimize data payloads.

3. Purpose and Legal Basis for Processing

We process the aforementioned data strictly for the following legally permissible objectives: (a) the effectuation and fulfillment of commercial contracts and service requests; (b) the continuous security auditing and optimization of our digital infrastructure; (c) compliance with mandatory statutory obligations, regulatory directives, and binding judicial subpoenas; and (d) the protection of the vital interests of the Data Controller or third parties.

4. Jurisdictional Transfers and Subprocessors

The Data Controller reserves the right to transfer, process, and warehouse PII on secure servers located outside of the Data Subject's immediate legal jurisdiction. By utilizing our services, you expressly consent to such cross-border data transmittals. We exclusively engage vetted third-party subprocessors bound by stringent confidentiality addendums and Standard Contractual Clauses (SCCs) to ensure data parity.

5. Statutory Data Subject Rights and Absolute Limitations

Subject to overriding statutory retention mandates and the establishment, exercise, or defense of legal claims, Data Subjects may submit a formalized, written request to access, rectify, or request the erasure of their PII. The Data Controller reserves the right to levy a commercially reasonable administrative fee for unfounded, repetitive, or excessive requests, and mandates rigorous identity verification protocols prior to executing any such request.