Privacy Policy

1. Introduction

Virinchi Software Pvt Ltd (“Virinchi Software”, “we”, “our”, or “us”) is a private limited company incorporated under the Companies Act, 2013, with its registered office at New Delhi, Delhi, India. We operate the website at https://virinchisoftware.com (the “Site”) and provide AI-first product engineering services to clients globally.

This Privacy Policy explains how we collect, use, share, and protect information about you when you visit our Site, contact us, or engage our services. It applies to all users worldwide and should be read together with our Terms of Service.

By using the Site you acknowledge that you have read and understood this Privacy Policy. If you do not agree, please do not use the Site.

2. Information We Collect

2.1 Information you provide directly

• Contact & enquiry data — name, email address, phone number, company name, job title, and the message you send via our contact form or email.
• Business information — project requirements, specifications, or documents you share during a sales or scoping conversation.
• Recruitment data — résumés, cover letters, and employment history submitted for open positions.

2.2 Information collected automatically

• Usage data — pages visited, time spent, referring URL, browser type, operating system, and device identifiers.
• IP address — used to infer approximate geographic location (country / city level only).
• Cookies & similar technologies — see Section 7.

2.3 Information from third parties

We may receive information about you from referral partners, LinkedIn Lead Gen Forms, or publicly available professional directories if you have expressed interest in services similar to ours.

3. How We Use Your Information

We use the information we collect to:

• Respond to enquiries and provide the services you request.
• Send transactional communications (quotes, project updates, invoices).
• Send marketing communications about our services, case studies, and insights — only where you have opted in or where we have a legitimate interest, and always with an easy opt-out option.
• Analyse Site usage to improve content, performance, and user experience.
• Comply with applicable laws, regulations, and legal processes, including the Information Technology Act, 2000 and the Digital Personal Data Protection Act, 2023 (DPDP Act).
• Detect fraud, abuse, or security threats and protect the integrity of our systems.
• Process recruitment applications.

4. Legal Basis for Processing

Where the DPDP Act, General Data Protection Regulation (GDPR), or other applicable law requires a lawful basis, we rely on:

• Consent — for marketing emails and optional cookies.
• Contractual necessity — to deliver services and fulfil our obligations under a client agreement.
• Legitimate interests — for Site analytics, security, fraud prevention, and B2B marketing where our interests are not overridden by your rights.
• Legal obligation — where processing is required to comply with applicable law.

5. Sharing Your Information

We do not sell, rent, or trade your personal data. We may share it with:

• Service providers — cloud hosting (AWS, Google Cloud), email delivery, CRM, analytics, and payment processors acting as data processors under contractual obligations.
• Professional advisers — lawyers, accountants, and auditors under obligations of confidentiality.
• Group entities — subsidiaries or affiliates ofVirinchi Software Pvt Ltd for internal business purposes.
• Law enforcement or regulators — where required by applicable law, court order, or government authority, including Indian authorities under the IT Act and DPDP Act.
• Business transfers — in connection with a merger, acquisition, or sale of assets, subject to the acquirer honouring this Privacy Policy.

6. International Data Transfers

Our primary operations are in India. When we transfer personal data outside India (e.g., to cloud providers in the United States or European Union), we apply appropriate safeguards such as Standard Contractual Clauses, adequacy decisions, or other mechanisms recognised under applicable law.

7. Cookies

Our Site uses cookies and similar tracking technologies:

• Strictly necessary cookies — essential for the Site to function (e.g., session management). These cannot be disabled.
• Analytics cookies — help us understand how visitors interact with the Site (e.g., Google Analytics with IP anonymisation enabled). These are only set with your consent.
• Preference cookies — remember your settings (e.g., language, reduced-motion preference).

You can manage cookies through your browser settings at any time. Disabling analytics cookies will not affect core functionality.

8. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected:

• Contact / enquiry data — up to 3 years from last interaction, unless a contract is signed.
• Client project data — for the duration of the engagement plus 7 years (in line with Indian accounting and tax record requirements).
• Recruitment data — 12 months after the position is filled, or as required by law.
• Analytics data — 26 months from collection.

After the applicable retention period, data is securely deleted or anonymised.

9. Your Rights

Subject to applicable law, you may have the following rights regarding your personal data:

• Access — request a copy of the data we hold about you.
• Correction — request rectification of inaccurate or incomplete data.
• Erasure — request deletion of your data where there is no legitimate reason to retain it.
• Objection / restriction — object to or restrict certain types of processing.
• Portability — receive your data in a structured, machine-readable format.
• Withdraw consent — where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any right, email us at [email protected]. We will respond within 30 days (or sooner where required by law). We may ask you to verify your identity before processing the request.

If you are an EU/EEA resident and are not satisfied with our response, you may lodge a complaint with your local supervisory authority. Indian residents may approach the Data Protection Board of India once it is constituted under the DPDP Act.

10. Security

We implement industry-standard technical and organisational measures to protect your personal data against unauthorised access, disclosure, alteration, or destruction. These include TLS encryption in transit, AES-256 encryption at rest for sensitive data, role-based access controls, regular penetration testing, and alignment with ISO/IEC 27001 practices.

No system is 100% secure. In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify you and relevant authorities as required by applicable law.

11. Children's Privacy

Our Site and services are directed at business professionals and are not intended for children under the age of 18. We do not knowingly collect personal data from children. If you believe a child has provided us with their data, please contact us and we will delete it promptly.

12. Third-Party Links

Our Site may contain links to third-party websites. We are not responsible for the privacy practices or content of those sites. We encourage you to read their privacy policies before providing any personal data.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. Material changes will be communicated by updating the “Effective date” at the top of this page. We encourage you to review this policy periodically. Continued use of the Site after an update constitutes your acceptance of the revised policy.

14. Contact Us

For privacy-related queries, data subject requests, or to report a concern, please contact our Privacy Officer: