Privacy Policy

StratLytics Private Limited and its affiliates ("StratLytics", "we", "us", or "our") are committed to protecting your privacy and handling your personal data responsibly. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you visit our website at stratlytics.com, use our platforms (SLERA, SLIQ, SLICE), or engage with us through any of our services.

This policy applies to individuals worldwide and addresses the requirements of the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), the Digital Personal Data Protection Act, 2023 (DPDP Act, India), the UK GDPR, and other applicable international data protection laws.

1. Information We Collect

Information You Provide Directly

We collect personal data you voluntarily provide when you:

• Fill out contact forms, demo request forms, or enquiry forms on our website
• Subscribe to our newsletter or marketing communications
• Apply for employment through our careers page or Zoho Recruit
• Communicate with us via email, phone, or other channels
• Enter into a business relationship or contractual agreement with us

This may include:

• Name, email address, phone number
• Organisation name, job title, and business role
• Messages, enquiry details, and use case descriptions
• Employment application data (CV, qualifications, work history)

Information Collected Automatically

When you visit our website, we may automatically collect:

• IP address (anonymised where required by law)
• Browser type, operating system, and device information
• Pages visited, time spent, referring URL, and navigation path
• Cookie identifiers and similar tracking data (see Section 4)

Platform Data (Enterprise Clients)

Our platforms (SLERA, SLIQ, SLICE) are deployed within enterprise client environments. Data processed within these platforms is governed by the data processing agreements between StratLytics and each client. This privacy policy does not cover client-owned data processed within platform deployments — that is governed by the relevant Data Processing Agreement (DPA).

2. How We Use Your Information

We use personal data for the following purposes:

Purpose	Description
Service delivery	Respond to your enquiries, process demo requests, and deliver platform implementations
Communication	Send requested information, follow up on enquiries, and provide customer support
Marketing	Send newsletters, research publications, and platform updates (with your consent or where we have a legitimate interest)
Recruitment	Process job applications and manage hiring workflows
Website improvement	Analyse usage patterns to improve website content, performance, and user experience
Legal and compliance	Comply with applicable laws, enforce agreements, and protect our legal rights

3. Legal Basis for Processing (GDPR / UK GDPR)

Where GDPR or UK GDPR applies, we process personal data on the following legal bases:

Legal Basis	Application
Consent	Newsletter subscriptions, marketing communications, and non-essential cookies
Contractual necessity	Processing required to enter into or perform a contract (e.g., platform implementation agreements)
Legitimate interest	Website analytics, security monitoring, responding to business enquiries, and direct marketing to existing business contacts
Legal obligation	Compliance with tax, employment, and regulatory requirements

4. Cookies and Tracking Technologies

Our website uses cookies and similar technologies to improve functionality and understand usage patterns.

Types of Cookies We Use

Category	Purpose	Consent Required
Strictly necessary	Essential for website functionality (session management, security)	No
Analytics	Understand how visitors use the site (page views, navigation patterns)	Yes
Marketing	Deliver relevant content and measure campaign effectiveness	Yes
Preference	Remember your choices (e.g., cookie consent preference)	No

You can manage your cookie preferences through the cookie consent banner displayed on your first visit. You may also control cookies through your browser settings. Note that disabling certain cookies may affect website functionality.

5. Data Sharing and Disclosure

We do not sell, rent, or trade your personal data. We may share information with:

• Service providers: Hosting providers, email delivery services, analytics tools, and recruitment platforms (e.g., Zoho Recruit) that process data on our behalf under appropriate contractual safeguards
• Professional advisors: Legal, accounting, and compliance advisors as required
• Law enforcement or regulators: Where required by applicable law, court order, or regulatory request
• Business transfers: In connection with a merger, acquisition, or sale of assets (you would be notified of any change in data controller)

All third-party processors are required to maintain confidentiality and data protection standards consistent with this policy.

6. International Data Transfers

StratLytics operates from offices in India, the United States, and the United Kingdom. Your personal data may be transferred to and processed in any of these jurisdictions.

Where we transfer personal data outside the European Economic Area (EEA) or the United Kingdom, we ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• UK International Data Transfer Agreement (IDTA) or UK Addendum to EU SCCs
• Adequacy decisions where applicable
• Binding Corporate Rules where applicable

For transfers to India, we rely on the data protection standards established under the DPDP Act, 2023 and applicable government notifications regarding permitted jurisdictions.

7. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes described in this policy, or as required by law. General retention periods:

Data Type	Retention Period
Contact form and enquiry data	2 years from last interaction, unless a business relationship is established
Newsletter subscription data	Until you unsubscribe or withdraw consent
Job application data	12 months after recruitment decision (unless consent is given for longer retention)
Client contractual data	Duration of the contract plus 7 years for legal and tax compliance
Website analytics data	26 months (anonymised and aggregated)

8. Data Security

We implement appropriate technical and organisational measures to protect your personal data, including:

• Encryption of data in transit (TLS/SSL) and at rest where applicable
• Access controls and role-based permissions for internal systems
• Regular security assessments and monitoring
• Employee training on data protection and information security
• Incident response procedures for data breach management

While we take reasonable precautions, no method of electronic storage or transmission is completely secure. We cannot guarantee absolute security but are committed to maintaining industry-appropriate safeguards.

9. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

GDPR / UK GDPR Rights (EEA and UK Residents)

• Right of access: Request a copy of the personal data we hold about you
• Right to rectification: Request correction of inaccurate or incomplete data
• Right to erasure: Request deletion of your personal data (subject to legal obligations)
• Right to restrict processing: Request limitation of processing in certain circumstances
• Right to data portability: Receive your data in a structured, machine-readable format
• Right to object: Object to processing based on legitimate interests or direct marketing
• Right to withdraw consent: Where processing is based on consent, withdraw at any time
• Right to lodge a complaint: File a complaint with a supervisory authority (e.g., ICO in the UK, CNIL in France, or your local data protection authority)

CCPA / CPRA Rights (California Residents)

• Right to know: Request disclosure of the categories and specific pieces of personal information collected
• Right to delete: Request deletion of personal information
• Right to opt out of sale or sharing: We do not sell personal information. If this changes, you will have the right to opt out
• Right to non-discrimination: Exercise your rights without receiving discriminatory treatment
• Right to correct: Request correction of inaccurate personal information
• Right to limit use of sensitive personal information: Where applicable

DPDP Act Rights (India Residents)

• Right to access: Obtain a summary of your personal data and processing activities
• Right to correction and erasure: Request correction of inaccurate data or erasure of data no longer necessary
• Right to grievance redressal: File a complaint with our Grievance Officer or the Data Protection Board of India
• Right to nominate: Nominate another individual to exercise your rights in the event of death or incapacity

Other Jurisdictions

If you are located in Australia, Canada, Singapore, the UAE, or any other jurisdiction with applicable data protection legislation, we will process your data in accordance with local requirements. Contact us to exercise any rights available under your local law.

To exercise any of these rights, contact us at privacy@stratlytics.com. We will respond within the timeframes required by applicable law (typically 30 days for GDPR, 45 days for CCPA).

10. Children's Privacy

Our website and platforms are intended for business professionals and are not directed at individuals under 18 years of age (or the applicable age of majority in your jurisdiction). We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a minor, please contact us immediately and we will take steps to delete it.

11. Third-Party Links

Our website may contain links to third-party websites, including LinkedIn, Zoho Recruit, and other external services. We are not responsible for the privacy practices of these third-party sites. We encourage you to review their privacy policies before providing any personal information.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. Material changes will be communicated through a notice on our website. The "Last Updated" date at the top of this policy indicates when the most recent revision was made.

We encourage you to review this policy periodically.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, contact us at:

For GDPR-related enquiries, you may also contact your local supervisory authority. For DPDP Act grievances, you may approach the Data Protection Board of India.