MavionTech Privacy Policy
Scope
This Policy applies to personal data collected when you visit our websites, use our products, register for services, make purchases, communicate with support or marketing, or otherwise interact with MavionTech. It covers customers, prospects, job applicants, partners, suppliers and end users.
Data we collect
We collect data strictly necessary for the stated purposes. Categories include:
- Identity & contact: name, business title, email, phone, company.
- Account & credentials: username, hashed passwords, authentication metadata.
- Transactional: billing, invoices, purchase history (payments handled by PCI-compliant providers).
- Device & usage: IP, browser/OS, device identifiers, analytics, logs, crash reports.
- Communications: support tickets, emails, chat transcripts, marketing preferences.
- Sensitive data: only when necessary and with explicit consent or lawful basis.
Purposes & legal bases
We process personal data to:
- Provide and operate services, fulfil contracts and deliver products.
- Respond to enquiries and provide customer support.
- Process payments and prevent fraud.
- Improve products and analyze usage.
- Send marketing communications where permitted (consent or legitimate interest).
- Comply with legal obligations and protect rights.
GDPR / UK GDPR mapping
| Purpose | Legal basis |
|---|---|
| Contract performance (deliver services) | Performance of a contract |
| Security, fraud prevention, legal compliance | Legal obligation or legitimate interests |
| Analytics & product improvement | Legitimate interests (balancing assessment) or consent where required |
| Direct marketing | Consent (where required) or opt-out options for applicable jurisdictions |
For CCPA/CPRA: categories of personal information collected correspond to rights to know, delete and opt-out of sale. We do not knowingly sell personal data of California consumers without notice.
International transfers
We operate globally. When transferring personal data outside the EEA/UK or other restricted jurisdictions, we rely on adequacy decisions, Standard Contractual Clauses (SCCs), binding corporate rules, and technical safeguards such as encryption and access controls.
Contact communications@maviontech.com for a copy of applicable transfer safeguards.
Retention
We retain personal data only as long as necessary for the purposes listed, plus legal, tax and audit requirements. Examples:
- Active account records: retained for account duration + business retention period (commonly up to 7 years for financial records).
- Support correspondence: retained to resolve issues and improve services (typically 2–5 years unless otherwise required).
- Marketing opt-outs and suppression lists: retained to respect your choices indefinitely.
Specific deletion requests will be handled subject to legal and contractual constraints.
Security
We apply technical and organisational measures including:
- TLS encryption in transit; encryption at rest for sensitive datasets where applicable.
- Access controls, role-based permissions and least-privilege principles.
- Regular security reviews, vulnerability testing and incident response procedures.
- Data minimisation, logging and retention controls.
In the event of a personal data breach affecting regulated data subjects, we will notify supervisory authorities and affected individuals in accordance with applicable law.
Automated decision-making
If we use automated processing or profiling that has legal or similarly significant effects, we will provide meaningful information about the logic involved, its significance and envisaged consequences. Legal safeguards (right to human review, right to object) apply where required.
Children
Our services are not directed to children under local minimum ages (commonly 13–16). We do not knowingly collect data from children without parental consent. If discovered, we will promptly delete such data.
Your rights
Subject to local law, you may have rights including:
- Access — obtain a copy of personal data we hold about you.
- Rectification — correct inaccurate or incomplete data.
- Erasure — request deletion where lawful retention is not required.
- Restriction — ask us to limit processing in certain circumstances.
- Portability — receive your data in a structured, machine-readable format.
- Objection — object to processing based on legitimate interests or for direct marketing.
- Withdraw consent — where processing is based on consent.
Some rights may be limited by legal obligations or identity verification requirements.
How to exercise your rights
To submit a request, contact: communications@maviontech.com with subject "Privacy Request" and include:
- Your name and contact details
- Description of the request and affected data categories
- Proof of identity (to prevent unauthorized disclosures)
We will acknowledge and respond within applicable legal timeframes (commonly 30 days; may extend where law permits).
Complaints & supervisory authorities
If unsatisfied you may lodge a complaint with your local data protection authority (for example: ICO in the UK, an EU Member State supervisory authority, or the California Attorney General for CCPA/CPRA matters).
Contact & data controller
Data Controller: MavionTech Pvt. Ltd.
Address: 505 Zen Business Center, Bhumkar Chowk, Wakad, Pune, Maharashtra, India • 411057
Primary contact: communications@maviontech.com
Data Protection Officer (DPO): dpo@maviontech.com
For B2B enquiries include your company name and any relevant account identifiers to help us locate records efficiently.
Third-party services & links
Our sites may link to third-party services with independent privacy policies. We are not responsible for third-party practices; review their policies before sharing personal data.
Changes to this policy
We may update this Policy for legal, technical or business reasons. Material changes will be posted with an updated effective date and, where required, notified to users.
Last updated: 2025-12-09