ATOYA Advisory Solutions LLP (“ATOYA,” “we,” “us,” or “our”) is committed to safeguarding your privacy and handling your personal information with integrity, confidentiality, and in accordance with applicable Indian laws, including the Digital Personal Data Protection Act, 2023 (“DPDP Act”). This Privacy Policy explains how we collect, use, store, and disclose your personal data when you access or use our website and services (collectively, the “Services”).

By using our website or submitting any personal information to us, you consent to the practices described in this Privacy Policy.

1. Information We Collect

We may collect and process the following categories of personal data:

• Information You Provide Voluntarily: Name, contact details, job title, and other information you submit through forms, emails, or onboarding documents.
• Automatically Collected Usage Data: IP address, browser type, device information, and pages visited through cookies and similar technologies.
• Information from Third Parties: Public sources or background verification providers, if applicable.

We do not intentionally collect sensitive personal data unless required under specific contractual or legal circumstances with your explicit consent.

2. Lawful Purpose and Use of Information

We process personal data for purposes including:

• Providing, managing, and improving our services;
• Responding to inquiries and support requests;
• Complying with legal obligations;
• Sending updates, newsletters, or service information where permitted;
• Analyzing site usage to improve user experience and security.

We will not process your data for incompatible purposes without your consent.

3. Legal Basis for Processing

Our legal bases include:

• Consent
• Performance of a Contract
• Compliance with Legal Obligations
• Legitimate Interests (without overriding your rights)

4. Information Sharing and Disclosure

We do not sell or rent your data. We may share information:

• With ATOYA affiliates and consultants for internal use;
• With third-party service providers under confidentiality agreements;
• When required by law, regulation, or government request;
• In case of mergers, acquisitions, or restructuring with safeguards in place.

5. Data Retention and Storage

We retain personal data only as long as necessary for the purposes outlined or as required by law. Data no longer required is securely deleted or anonymized.

6. Data Security

We implement technical and organizational measures to protect personal data against unauthorized access, disclosure, or misuse. However, no system is entirely foolproof.

7. Your Rights

Subject to applicable law, you have the right to:

• Access your personal data;
• Request correction of inaccurate data;
• Request deletion or restriction where appropriate;
• Withdraw consent where applicable;
• Lodge complaints regarding misuse or unauthorized processing.

Please use the contact information below to exercise these rights.

8. Use of Cookies and Tracking Technologies

We use cookies and similar tools to enhance user experience and analyze traffic. You can disable cookies in your browser settings, but this may impact some website features.

9. Changes to This Privacy Policy

We reserve the right to update this Policy. Continued use of our Services after changes implies acceptance of the new terms.

10. Contact Information & Grievance Redressal

If you have questions or wish to exercise your rights, contact:

Grievance Officer
ATOYA Advisory Solutions LLP
Email: inquiry@atoyaas.com
Response Time: Within 7 business days from receipt of a valid request