Privacy Policy
Plain-language detail on what we collect, why, the legal bases, and the rights you can exercise. Trust over theatre.
1. Who we are (data controller)
This Privacy Policy explains how DONGOLABS LLP ("dongolabs", "we", "us") collects, uses, and protects personal data through dongolabs.com and when we scope or deliver work. DONGOLABS LLP is the controller responsible for personal data handled under this policy.
Registered office: Office No. 80, 2nd Floor, Jaipur Electronics Market, Jaipur, Rajasthan, IN. Contact: [email protected] or [email protected].
2. Scope
This policy covers personal data you give us (for example through the contact form, email, or a call) and data collected automatically when you browse the Site. It does not cover third-party sites we link to, which have their own policies.
3. What we collect
- Enquiry data — name, email, company, region, and message you send us.
- Client data — the information needed to perform an engagement, as set out in the relevant SOW.
- Usage data — pages viewed, device type, browser, and approximate region, but only where privacy-respecting analytics are enabled and you have consented where consent is required.
- Technical data — IP address and security logs held briefly by our hosting provider to keep the Site online and safe.
- Cookies — described in our Cookie Policy. Essential cookies are always on; analytics and marketing cookies are set only with your consent where the law requires it.
4. How we use it
- To respond to enquiries and scope potential work.
- To deliver and improve the services you engage us for.
- To operate, secure, and improve the Site.
- To understand, in aggregate, which pages are useful — not to single you out for advertising.
- To meet legal or contractual duties where they apply.
We do not sell your personal data, and we do not run invasive trackers that follow you across unrelated sites for advertising.
5. Legal bases
Our processing relies on the following, depending on where you are:
- India (DPDP Act 2023). We process on the basis of your consent and our legitimate uses, including providing the services you request and keeping the Site secure.
- EEA / UK (GDPR / UK GDPR). Consent for optional cookies and marketing you opt into; legitimate interests for running a secure site, answering enquiries you start, and improving our services in ways that do not override your rights; and contract where we need data to deliver work you have asked us to begin.
- United States (e.g. CCPA/CPRA). We do not "sell" or "share" personal information as those terms are defined, and we honour the rights described below.
You may withdraw consent at any time without affecting processing that was lawful before withdrawal.
6. Sharing and processors
We use a small set of processors to run the Site and receive messages (for example hosting, email delivery, and form handling). Each may process data only on our instructions under appropriate terms. We do not share your enquiry with third parties for their own marketing. Where legally required, we use appropriate safeguards for any cross-border transfer.
7. International transfers
DONGOLABS LLP is established in India and serves clients in the US, UK, Australia, the Middle East, and elsewhere. If personal data is transferred across borders, we rely on lawful transfer mechanisms (such as standard contractual clauses under the GDPR/UK GDPR) where they apply.
8. How long we keep it
Enquiry data is kept until the conversation ends and a reasonable follow-up window passes — typically no longer than 24 months if no engagement begins. Active client files follow the retention set in your contract. Analytics, where used, are kept in aggregated or short-lived form. Security logs are rotated on a shorter cycle by our host.
9. Your rights
Subject to applicable law, you may have rights to access, correct, export, delete, or restrict your personal data, to object to certain processing, and (where consent is the basis) to withdraw consent. Residents of India, the EEA, the UK, California, and other jurisdictions may exercise these rights. To do so, email [email protected]; we may ask you to verify your identity. We respond without undue delay and within statutory timeframes.
10. Complaints
If you are unhappy with how we handle your data, contact [email protected] so we can help. You may also contact your local authority — for example the Data Protection Board of India, an EEA supervisory authority, or the UK ICO — as applicable.
11. Security
We use HTTPS, access controls, and sensible hosting defaults. No transmission or storage method is perfectly secure; if we learn of a breach affecting your rights, we will notify you and regulators as the law requires.
12. Children
The Site is not directed at anyone under 16, and we do not knowingly collect their personal data. If you believe a child has contacted us, write to [email protected] and we will delete what we can identify.
13. Changes
We will post updates here with a new "last updated" date. Material changes affecting how we use personal data will be called out more clearly where we have a practical way to reach you.
Legal review notice
This policy is a practical template prepared for DONGOLABS LLP. It is not legal advice. Data protection law differs by jurisdiction and changes over time — have it reviewed by qualified counsel before relying on it, especially for cross-border transfers and regulated sectors.
Questions about this page? Write to[email protected].