Privacy Policy

01

Who We Are

The data controller responsible for your personal information is:

• Company: CRIMATON Pvt. Ltd.
• Address: 160C, SG, Hoshiarpur Road, Jalandhar, Punjab — 144001, India
• Email: contact@crimaton.com
• Phone: +91 78140 63546

When we refer to "CRIMATON", "we", "us", or "our" in this policy, we mean CRIMATON Pvt. Ltd. in its capacity as the data controller for the personal information you share with us through our website, products, or services.

02

Data We Collect

We collect personal data only when you actively provide it or when it is generated by your interaction with our website. We collect:

Information you provide directly:

• Name, email address, phone number, and job title when you submit an enquiry or contact form
• Organisation name and industry when submitting a business or software enquiry
• Location information (country, state) provided through our contact forms
• Areas of interest and requirements as described in your enquiry submission
• Marketing consent preference recorded at the time of form submission
• Training registration details including experience level and scheduling preferences

Information collected automatically:

• IP address and approximate geographic location for security and rate-limiting purposes
• Browser type, device type, and operating system (via standard server logs)
• Pages visited, time spent, and referring URL (if analytics is enabled)
• Form submission timestamps

We do not collect payment card data directly. Any payments are processed through authorised payment gateways that handle card data under their own PCI-DSS compliance obligations.

03

How We Use Your Data

We use the personal data we collect for the following purposes:

• Responding to enquiries — to contact you in response to your software, training, or professional services enquiry
• Service delivery — to deliver and administer training programmes, SDI batches, CTF events, and software licences you have purchased
• Account and relationship management — to manage your engagement with CRIMATON over time, including follow-ups and renewals
• Marketing communications — to send updates on products, training batches, events, and industry resources, only where you have given explicit consent
• Legal and compliance obligations — to maintain records as required under applicable Indian law, including GST and corporate record-keeping requirements
• Security and fraud prevention — to detect and prevent bot submissions, spam, and malicious activity through our contact forms
• Website improvement — to understand how visitors use our site and improve its content and structure

We do not use your personal data for automated decision-making or profiling that produces legal or similarly significant effects.

04

Legal Basis for Processing

We process your personal data on the following legal bases under applicable data protection law:

• Contractual necessity — when processing is required to fulfil or prepare to fulfil a service or product you have requested
• Legitimate interests — when we have a legitimate business interest in responding to your enquiry, managing our client relationships, securing our systems, or improving our services, provided this does not override your rights
• Consent — for marketing communications, where we process your data only if you have explicitly opted in. You may withdraw consent at any time by contacting contact@crimaton.com
• Legal obligation — where we are required to retain or process data to comply with Indian law

05

Sharing Your Data

We do not sell, rent, or trade your personal data to any third party. We may share your information in the following limited circumstances:

• Service providers: With trusted vendors who assist us in operating our website or delivering services — such as hosting providers, email service providers, and payment processors — under strict data processing agreements that prohibit them from using your data for any other purpose
• Legal requirements: Where required to do so by Indian law, regulation, or court order, or to protect the rights, property, or safety of CRIMATON, its clients, or the public
• Business transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred to the acquiring entity, who will be bound by this Privacy Policy
• With your consent: In any other circumstance where you have explicitly authorised us to share your information

Any third party with whom we share data is required to handle it in accordance with applicable data protection standards.

06

Data Retention

We retain your personal data only for as long as necessary for the purposes for which it was collected, or as required by applicable law:

• Enquiry and contact form data: Retained for up to 3 years from the date of submission to support ongoing business relationships and follow-up
• Training and programme records: Retained for up to 7 years to support certificate verification and compliance requirements
• Financial and transaction records: Retained for the period required under Indian GST and corporate law, typically 8 years
• Marketing consent records: Retained until consent is withdrawn, plus 1 year for audit purposes
• Server and security logs: Retained for up to 90 days, then automatically deleted

When data is no longer required, we securely delete or anonymise it.

07

Data Security

We take the security of your personal data seriously and implement appropriate technical and organisational measures to protect it, including:

• HTTPS encryption for all data transmitted between your browser and our website
• Access controls limiting who within CRIMATON can access personal data
• Honeypot and rate-limiting protections on all contact forms to prevent automated abuse
• Regular review of our security practices and hosting environment

No method of transmission over the internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your data, we cannot guarantee absolute security. In the unlikely event of a data breach affecting your rights, we will notify you as required by applicable law.

08

Cookies

Our website uses cookies — small text files stored on your device — to support basic functionality and improve your experience. The cookies we use fall into the following categories:

• Essential cookies: Required for the website to function correctly, including navigation and form submission. These cannot be disabled without affecting site functionality
• Analytics cookies: Used to understand how visitors interact with our site (e.g. pages visited, session duration). We use anonymised data only and do not track individuals across third-party websites
• Preference cookies: Used to remember settings such as your selected language or navigation state

We do not use advertising or tracking cookies, and we do not share cookie data with advertisers. You can control cookie preferences through your browser settings. Note that disabling essential cookies may affect site functionality.

09

Your Rights

Depending on your location and applicable law, you may have the following rights regarding your personal data:

• Right of access: To request a copy of the personal data we hold about you
• Right to rectification: To request correction of any inaccurate or incomplete data
• Right to erasure: To request deletion of your personal data, subject to our legal retention obligations
• Right to restrict processing: To request that we limit how we use your data in certain circumstances
• Right to data portability: To request your data in a structured, machine-readable format where technically feasible
• Right to withdraw consent: To withdraw marketing consent at any time without affecting the lawfulness of prior processing
• Right to object: To object to processing based on legitimate interests where your rights outweigh ours

To exercise any of these rights, contact us at contact@crimaton.com with your full name and the specific right you wish to exercise. We will respond within 30 days. We may need to verify your identity before processing your request.

10

Children's Privacy

Our website, products, and services are directed at professionals and are not intended for use by individuals under the age of 18. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a person under 18, please contact us immediately at contact@crimaton.com and we will delete it promptly.

11

International Data Transfers

CRIMATON is based in India and your data is primarily processed and stored within India. In certain circumstances, data may be processed by service providers operating in other jurisdictions — for example, cloud hosting or email delivery services. Where such transfers occur, we ensure that appropriate safeguards are in place consistent with applicable Indian data protection requirements.

By using our website and submitting your data through our contact forms, you consent to its processing as described in this policy, including any necessary international transfers under the safeguards described above.

12

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or the services we offer. Changes are effective immediately upon publication on this page with an updated date.

We recommend reviewing this policy periodically. Where changes are material, we will make reasonable efforts to notify you — for example, via email if you have an active engagement with us at the time of the change.

13

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

• Email: contact@crimaton.com
• Phone: +91 78140 63546
• Address: CRIMATON Pvt. Ltd., 160C, SG, Hoshiarpur Road, Jalandhar, Punjab — 144001, India

We are committed to resolving any concerns about our privacy practices promptly and transparently.