A
Aparsoft

Privacy Policy

At Aparsoft, we value your privacy and are committed to protecting your personal information. This policy explains how we collect, use, and safeguard your data.

Last updated: May 10, 2025

Table of Contents

Introduction

This Privacy Policy explains how Aparsoft ("we", "us", or "our") collects, uses, and protects your personal information when you use our services, products, websites, or engage with us as a client or partner. Protecting your privacy is fundamental to our business philosophy and values.

Aparsoft provides AI-powered technology solutions, software development, and digital transformation services to organizations across multiple industries. This policy applies to all our services, including:

  • Enterprise software development and deployment
  • AI/ML solutions and custom model development
  • Mobile application development
  • Digital transformation consulting and implementation
  • Cloud infrastructure services
  • Technical support and maintenance

This Privacy Policy should be read alongside our Terms and Conditions. By using our services, you acknowledge that you have read and understood this Privacy Policy.

1. Information We Collect

We collect various types of information to provide and improve our services. The information we collect depends on how you interact with us and which services you use.

1.1 Information You Provide to Us

Account and Profile Information

When you register for our services, we collect information such as your name, email address, phone number, job title, company name, and billing information.

Content and Communications

Information you provide when using our services, including documents, data files, project requirements, specifications, and communications with our team.

Client Data

Data you provide for processing, analysis, or storage as part of our services, including datasets for AI/ML model development.

1.2 Information We Collect Automatically

Usage Information

Information about how you use our services, including access times, pages viewed, links clicked, and features used.

Device Information

Information about your device, including IP address, browser type, operating system, and device identifiers.

Cookies and Similar Technologies

Information collected through cookies, web beacons, and similar technologies as described in our Cookie Policy.

1.3 Information from Third Parties

Partner Information

Information we receive from business partners, resellers, or integrators who help us provide our services.

Analytics Providers

Information from third-party analytics services that help us understand how our services are used.

For enterprise clients, we may collect additional information as specified in your service agreement or data processing addendum. If you provide information about other individuals (such as your employees), you are responsible for ensuring you have the appropriate permissions to share that information with us.

2. How We Use Your Information

We use the information we collect for various purposes, including to provide, maintain, and improve our services, as well as to communicate with you. Here's how we use your information:

Service Delivery
  • Providing and maintaining our technology solutions and services
  • Processing and fulfilling service requests and transactions
  • Managing user accounts and authentication
AI and ML Development
  • Training and improving custom AI models for specific clients
  • Testing and evaluating AI systems before deployment
  • Optimizing model performance for client requirements
Analytics and Improvement
  • Analyzing service usage to improve performance and features
  • Monitoring system health and troubleshooting technical issues
  • Conducting research and development for new technologies
Communication
  • Sending important service notifications and updates
  • Responding to inquiries and providing customer support
  • Sharing relevant information about our services and offerings

Legal Bases for Processing

We process your information based on the following legal grounds:

  • Contract Performance: Processing necessary to fulfill our contractual obligations to you.
  • Legitimate Interests: Processing in our legitimate business interests, such as developing new services, marketing, and improving user experience.
  • Legal Compliance: Processing to comply with applicable laws and regulations.
  • Consent: Processing based on your specific consent, which you can withdraw at any time.

For enterprise clients, additional details about data processing activities are specified in your service agreement and data processing addendum.

3. Data Storage and Security

Protecting your information is a top priority at Aparsoft. We implement robust security measures to safeguard your data against unauthorized access, disclosure, alteration, or destruction.

3.1 Data Storage

Storage Locations

We store your information on secure servers located in data centers within India, the United States, the European Union, and other locations as required to efficiently deliver our services. For enterprise clients, specific storage locations may be specified in your service agreement.

Retention Period

We retain your information for as long as necessary to provide our services, comply with legal obligations, resolve disputes, and enforce our agreements. The specific retention period depends on the type of information and its purpose, typically ranging from the duration of your service contract plus 2 years for general business records to shorter periods for operational data.

Data Deletion

When information is no longer needed, we securely delete or anonymize it according to our data retention policies and applicable laws. Enterprise clients can request specific data deletion processes as part of their service agreements.

3.2 Security Measures

Technical Safeguards

We implement industry-standard encryption for data in transit and at rest, secure authentication mechanisms, firewalls, intrusion detection systems, and regular security scans to protect your information.

Access Controls

We maintain strict access controls and implement the principle of least privilege to ensure that only authorized personnel with legitimate business needs can access your information. All access is logged and regularly audited.

Organizational Measures

We conduct regular security awareness training for our employees, perform background checks for personnel with access to sensitive information, and maintain documented security policies and procedures.

While we implement robust security measures, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security of your information. If you have specific security requirements, please contact us to discuss additional safeguards.

4. AI and Machine Learning Practices

As a provider of AI-powered solutions, we have specific privacy practices related to our artificial intelligence and machine learning technologies. This section explains how we handle data in the context of our AI offerings.

4.1 Custom AI Model Development

Client-Specific Models

When developing custom AI models for clients, we use only the data provided by that client or data specifically licensed for that purpose. These models are dedicated to the specific client and their data is not used to improve our general AI offerings without explicit permission.

Data Preprocessing

Before using client data for AI training, we may preprocess it to remove sensitive information, following best practices for data anonymization and minimization. The specific preprocessing methods are documented and shared with the client.

4.2 Model Training and Improvement

Transparency

We maintain transparency about how our AI models are trained and what data is used. For client-specific implementations, we provide documentation detailing the model training process, data sources, and performance metrics.

Data Segregation

We maintain strict data segregation between different clients and projects. Data provided by one client is never used to train or improve models for another client without explicit permission.

4.3 AI Ethics and Governance

Ethical Guidelines

We adhere to ethical AI principles, including fairness, transparency, privacy, and human-centered design. Our AI development practices are guided by these principles and regularly reviewed by our ethics committee.

Algorithmic Impact Assessments

For AI systems with potential significant impact, we conduct algorithmic impact assessments to identify and mitigate potential risks and biases before deployment.

Enterprise clients can request our AI Ethics and Governance documentation, which provides more detailed information about our practices and standards for responsible AI development.

5. Data Sharing and Third Parties

We share your information with third parties only in specific circumstances and with appropriate safeguards in place. This section explains how and when we share your information.

5.1 Categories of Recipients

5.2 Data Transfer Safeguards

When we share your information with third parties or transfer it across borders, we implement appropriate safeguards to ensure that your information remains protected:

  • Data Processing Agreements: We enter into data processing agreements with service providers and partners that include provisions for data protection.
  • Standard Contractual Clauses: For international data transfers, we implement Standard Contractual Clauses approved by regulatory authorities.
  • Vendor Assessment: We assess the security and privacy practices of third parties before sharing your information.

We do not sell your personal information to third parties for monetary consideration. However, we may share your information with third parties as described in this section, which some jurisdictions may define as a "sale" or "sharing" under their privacy laws.

6. Your Privacy Rights

Depending on your location, you may have certain rights regarding your personal information. We respect these rights and provide mechanisms for you to exercise them.

Access and Portability

You have the right to access the personal information we hold about you and to receive a copy in a structured, commonly used format.

How to exercise:

Contact us at privacy@aparsoft.com with "Data Access Request" in the subject line.

Correction

You have the right to request correction of your personal information if it is inaccurate or incomplete.

How to exercise:

For account information, you can update it directly in your account settings. For other information, contact us at privacy@aparsoft.com.

Deletion

You have the right to request deletion of your personal information, subject to certain exceptions required by law or legitimate business purposes.

How to exercise:

Contact us at privacy@aparsoft.com with "Data Deletion Request" in the subject line.

Restriction and Objection

You have the right to request restriction of processing of your personal information and to object to certain processing activities.

How to exercise:

Contact us at privacy@aparsoft.com with your specific request.

Additional Rights for Specific Locations

Rights under Indian Data Protection Laws

Under the Digital Personal Data Protection Act, 2023 (DPDP Act), Indian residents have specific rights, including:

  • Right to obtain confirmation of processing
  • Right to correction and erasure
  • Right to grievance redressal
  • Right to nominate another person in case of death or incapacity

To exercise these rights, please contact our Data Protection Officer at dpo@aparsoft.com.

We will respond to all legitimate requests within the timeframe required by applicable law (typically 30 days). Occasionally, it may take us longer if your request is particularly complex or you have made multiple requests, in which case we will notify you of the delay.

7. Cookie Policy

Our website and services use cookies and similar technologies to enhance your experience, analyze usage, and assist in our marketing efforts. This section explains how we use these technologies and your choices regarding them.

7.1 What Are Cookies?

Cookies are small text files that are placed on your device when you visit a website. They are widely used to make websites work more efficiently, provide analytical information to website owners, and enable personalized experiences.

7.2 Types of Cookies We Use

Essential Cookies

These cookies are necessary for the website to function properly. They enable basic functions like page navigation, secure areas access, and remember your preferences. The website cannot function properly without these cookies.

Analytics Cookies

These cookies collect information about how visitors use our website, such as which pages they visit most often and if they receive error messages. This data helps us improve our website and your browsing experience.

Functionality Cookies

These cookies enable enhanced functionality and personalization, such as remembering your preferences and settings.

Marketing Cookies

These cookies are used to track visitors across websites to enable us to display relevant and engaging advertisements. They may be set by us or our advertising partners.

7.3 Your Cookie Choices

You have several options to control or limit how we and our partners use cookies:

  • Browser Settings: Most web browsers allow you to manage your cookie preferences through their settings. You can set your browser to refuse cookies, delete cookies, or alert you when cookies are being sent.
  • Cookie Preference Center: We provide a cookie preference center on our website where you can choose which types of cookies you accept or reject.
  • Opt-Out Tools: Various advertising associations provide ways to opt out of targeted advertising, such as the Digital Advertising Alliance, the Network Advertising Initiative, and the European Interactive Digital Advertising Alliance.

Please note that if you choose to block essential cookies, some features of our website may not function properly. Also, your cookie preferences apply only to the browser where you set them, so if you use different browsers or devices, you'll need to set your preferences on each one.

8. Children's Privacy

Our services are not directed to individuals under the age of 16, and we do not knowingly collect personal information from children. This section explains our approach to protecting children's privacy.

8.1 Age Restrictions

Our services are designed for individuals who are at least 16 years old. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us immediately at privacy@aparsoft.com.

8.2 Educational Products and Services

For certain educational products and services developed for AparAcademy or educational institutions, we may collect information from students under 16, but only with appropriate consent from parents or guardians and in compliance with applicable laws, such as the Children's Online Privacy Protection Act (COPPA) in the United States.

8.3 Discovery and Deletion

If we discover that we have inadvertently collected personal information from a child under 16 without appropriate parental consent, we will promptly delete that information. If you believe we might have such information, please contact us immediately.

For educational institutions using our services, we offer specific terms and safeguards designed to protect student privacy and comply with educational privacy laws. Please contact us for more information about our educational privacy practices.

9. International Data Transfers

As a global company with operations and clients worldwide, we may transfer your information across international borders. This section explains how we protect your information during such transfers.

9.1 Cross-Border Transfers

Your information may be transferred to, stored, and processed in countries other than the one in which you reside. These countries may have data protection laws that differ from those in your country. Specifically, our servers are located in India, the United States, and the European Union, and we engage service providers and partners globally.

9.2 Transfer Safeguards

When we transfer your information internationally, we implement appropriate safeguards to ensure that your information remains protected in accordance with this Privacy Policy and applicable laws:

  • Standard Contractual Clauses: We use Standard Contractual Clauses approved by the European Commission and other regulatory authorities for transfers from the EEA, UK, and other jurisdictions.
  • Corporate Rules: For intra-group transfers, we implement binding corporate rules that establish consistent data protection standards across our organization.
  • Adequacy Decisions: Where applicable, we rely on adequacy decisions that recognize certain countries as providing adequate protection for personal information.
  • Consent: In specific situations, we may seek explicit consent for international transfers after informing you about the potential risks.

9.3 Transfer Impact Assessments

Before transferring personal information internationally, we conduct transfer impact assessments to evaluate the level of protection in the destination country and implement additional safeguards if necessary.

For enterprise clients with specific requirements regarding data localization or transfer restrictions, we can discuss custom arrangements as part of your service agreement. Please contact your account manager or our privacy team to discuss your needs.

10. Changes to Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. This section explains how we handle policy updates and notify you of changes.

10.1 Policy Updates

We reserve the right to modify this Privacy Policy at any time. When we make changes, we will update the "Last Updated" date at the top of the policy and take appropriate steps to notify you of significant changes.

10.2 Notification Methods

For significant changes to this Privacy Policy, we will provide notice through one or more of the following methods:

  • Email notification to the email address associated with your account
  • Prominent notice on our website or within our services
  • For enterprise clients, notification through your account manager or designated contact

10.3 Review and Acceptance

We encourage you to periodically review this Privacy Policy to stay informed about how we collect, use, and protect your information. Your continued use of our services after any changes to this Privacy Policy constitutes your acceptance of the updated policy.

For enterprise clients with long-term contracts, changes to this Privacy Policy will not override specific privacy provisions in those contracts until contract renewal, unless otherwise specified in the contract or required by law.

11. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us using the information below:

Privacy Team

privacy@aparsoft.com
For general privacy inquiries and requests

Data Protection Officer

dpo@aparsoft.com
For regulatory inquiries and formal requests

Postal Address

Aparsoft Technologies Pvt. Ltd.
Attn: Privacy Department
Tech Innovation Park, 5th Floor
Whitefield, Bengaluru - 560066
Karnataka, India

Regional Representatives

For users in specific regions, you may contact our designated representatives:

European Union Representative

Aparsoft EU B.V.
gdpr@aparsoft.com
Prinsenstraat 45, 1015 DB Amsterdam, Netherlands

United States Representative

Aparsoft America Inc.
privacy-us@aparsoft.com
201 Mission Street, Suite 1200, San Francisco, CA 94105, USA

Acknowledgment

By using Aparsoft's services, you acknowledge that you have read and understood this Privacy Policy and agree to our collection, use, and disclosure practices described herein.

Last updated: May 10, 2025

Have Questions About Your Privacy?

Our privacy team is ready to assist you with any questions or concerns regarding your data and how we protect it.