At Pyrus Innovations, your privacy isn't just a compliance checkbox—it's a core engineering principle. This policy explains how we handle your data with precision and transparency on our platform, pyrusinnovations.com.
Data Minimization
We only collect what is strictly necessary to provide our services and engineering expertise.
Security First
Enterprise-grade encryption and access controls protect every byte of data processed on our platform.
To ensure total clarity, we define our core terms according to global standards:
User: Any individual who interacts with our digital architecture.
Personal Data: Information linked to an identifiable human.
Data Fiduciary: Pyrus Innovations, as we determine the "why" and "how" of data usage.
Data Principal: You, the individual owner of the data.
2. Scope of Policy
This policy is a global framework, engineered to comply with:
DPDP Act 2023 (India)
GDPR (Europe)
IT Act 2000
3. Types of Data Collected
A. Voluntarily Provided Data
Information you provide through platform interactions, lead-generation, and service requests:
Identity Data: Full name, professional title, and organization affiliation.
Contact Data: Business email address, professional phone number, and mailing address.
Project Metadata: Technical requirements, project timelines, and budgetary constraints shared during discovery.
B. Automatically Collected Data
Telemetry data collected via our infrastructure and trusted partners like Google Analytics 4:
Usage Data: Navigation patterns, interaction heatmaps, and session durations.
Technical Data: IP address (masked for anonymity), browser type, version, operating system, and ISP region.
Cookie Tags: Small data files used to maintain session integrity and traffic analysis.
4. Purpose of Data Processing
We process your information under strict legal frameworks for the following objectives:
Service Delivery: To fulfill engineering contracts, technical consultations, and project management.
Relationship Management: To facilitate billing, verify identities, and provide technical support.
Platform Optimization: To refine our digital interfaces based on aggregate telemetry and user feedback.
Security & Compliance: To prevent fraudulent access and comply with legal or regulatory audits.
5. Data Retention Policy
We retain personal information only for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required or permitted by law.
Contact Data: Retained for 24 months after the last engagement unless explicit deletion is requested.
Project Data: Retained for the duration of the contractual relationship plus a statutory 5-year period for audit purposes.
Anonymized Telemetry: Retained in aggregate form for performance benchmarking without a fixed expiry.
6. Third-Party Data Flow
We do not sell your data. We share information only with trusted sub-processors necessary for our operational stack:
InfrastructureGoogle Cloud Platform
AnalyticsGoogle Analytics 4
CommunicationsGoogle Workspace
FinancialRazorpay / Stripe
Legal Basis
We never process data without a valid legal anchor: either your explicit Consent,Contractual Necessity for engineering services, or a Legal Obligation.
8. Data Security Measures
Our security infrastructure is built on a Zero-Trust philosophy:
Transport Layer: All traffic is governed by high-grade TLS 1.3 encryption.
Identity Management: Our internal systems require Multi-Factor Authentication (MFA).
Cloud Perimeter: Hosted on Google Cloud Platform with VPC service controls.
Isolation: Anonymized usage data is strictly decoupled from identity data.
11. Your User Rights
Regardless of your location, we honor high-standard digital rights:
European Rights
Right to Portability
Right to Erasure
Right to Object
Indian Rights (DPDP)
Right to Correction
Right to Grievance Redressal
Right to Nomination
Grievance Redressal
For any specific concerns regarding data security or rights, contact our Data Protection Officer: