Privacy Policy
Last updated: 10 July 2026
Important — Data Security Disclaimer & Limitation of Liability
No method of transmission over the internet or electronic storage is 100% secure. While we implement reasonable technical and organizational measures to protect data, we cannot and do not guarantee the absolute security of any data. You provide and store data entirely at your own risk.
TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, AUTOGENIQ, ITS FOUNDERS, DIRECTORS, OFFICERS, EMPLOYEES, CONTRACTORS, AGENTS, LICENSORS, AND SERVICE PROVIDERS SHALL NOT BE LIABLE FOR ANY DATA BREACH, DATA LEAK, UNAUTHORIZED ACCESS, LOSS, CORRUPTION, THEFT, INTERCEPTION, OR DISCLOSURE OF ANY DATA OR INFORMATION — INCLUDING PERSONAL, FINANCIAL, TAX, OR CLIENT DATA — HOWEVER CAUSED, WHETHER BY HACKING, CYBER-ATTACK, MALWARE, THIRD-PARTY ACTIONS, SYSTEM FAILURE, HUMAN ERROR, OR OTHERWISE, AND SHALL NOT BE LIABLE FOR ANY RESULTING DAMAGES, PENALTIES, FINES, OR LOSSES OF ANY KIND.
You are responsible for obtaining all necessary consents from your clients and data subjects, for maintaining your own backups, and for keeping your account credentials secure.
1.Introduction
This Privacy Policy explains how AutoGenIQ ("AutoGenIQ", "we", "us", or "our") collects, uses, discloses, stores, and protects information in connection with the AutoGenIQ website, applications, platform, and related services (collectively, the "Service"). It should be read together with our Terms of Service.
By using the Service, you consent to the practices described in this Privacy Policy. If you do not agree, please do not use the Service. This Policy is published in compliance with, among other laws, the Information Technology Act, 2000, the applicable rules thereunder, and the Digital Personal Data Protection Act, 2023 (the "DPDP Act") of India.
2.Roles: Controller and Processor
For personal data of your own clients and data subjects that you upload to or process through the Service ("Customer Data"), you act as the data fiduciary/controller and AutoGenIQ acts as a data processor acting on your instructions. You are responsible for having a lawful basis and all necessary consents for processing such data.
For data we collect directly from you as our customer or website visitor (such as account and billing details), AutoGenIQ acts as the data fiduciary/controller.
3.Information We Collect
We collect the following categories of information:
- Account & identity information: name, email address, phone number, firm name, role, and login credentials.
- Billing & transaction information: billing address, GSTIN, payment method details (processed by third-party payment processors), and transaction history.
- Customer Data:data, documents, and information you or your users upload or generate, which may include your clients' personal, financial, and tax information.
- Usage & device data: IP address, browser type, device identifiers, operating system, pages viewed, features used, timestamps, and referring URLs.
- Cookies & similar technologies: as described in the Cookies section below.
- Communications: information you provide when you contact us, book a demo, or respond to surveys.
4.How We Use Information
We use information to:
- provide, operate, maintain, and secure the Service;
- create and manage your account and authenticate users;
- process payments and manage subscriptions;
- send transactional messages, service updates, security alerts, and administrative notices;
- respond to your enquiries and provide customer support;
- monitor, analyze, and improve the performance, functionality, and security of the Service;
- detect, prevent, and address fraud, abuse, security incidents, and technical issues; and
- comply with legal obligations and enforce our Terms of Service.
We may send you marketing communications where permitted by law; you can opt out at any time using the unsubscribe link or by contacting us.
5.Legal Bases for Processing
We process personal data on one or more of the following bases, as applicable: (a) your consent; (b) performance of a contract with you; (c) compliance with a legal obligation; (d) our legitimate interests in operating, securing, and improving the Service, where such interests are not overridden by your rights; and (e) other bases permitted under the DPDP Act and applicable law.
6.How We Share Information
We do not sell your personal data. We may share information in the following circumstances:
- Service providers & sub-processors: with trusted third parties who perform services on our behalf (such as cloud hosting, payment processing, analytics, email delivery, and customer support), bound by confidentiality and data protection obligations.
- Within your organization: with other authorized users of your account, as configured by you.
- Legal & regulatory: where required to comply with applicable law, legal process, or a lawful request by public authorities.
- Business transfers: in connection with a merger, acquisition, financing, reorganization, or sale of assets, subject to appropriate confidentiality protections.
- With your consent: in other cases with your direction or consent.
7.Data Storage, Location & Transfers
We store data using reputable cloud infrastructure providers. Data may be stored and processed in India and/or in other countries where our service providers operate. Where data is transferred across borders, we take steps to ensure it is handled in accordance with this Policy and applicable law, and subject to any restrictions notified by the Government of India under the DPDP Act.
8.Data Security
We implement reasonable technical and organizational measures designed to protect data against unauthorized access, loss, misuse, and alteration. These may include encryption in transit, access controls, authentication, and monitoring. However, as stated in the disclaimer above, no system is completely secure and we cannot guarantee absolute security.
You are responsible for maintaining the confidentiality of your credentials and for the security of the devices and networks you use to access the Service. To the maximum extent permitted by law, the AutoGenIQ Parties are not liable for any data breach, leak, or unauthorized access, including any resulting damages, penalties, or losses.
9.Data Retention
We retain personal data for as long as necessary to provide the Service, comply with our legal obligations, resolve disputes, and enforce our agreements. Customer Data is retained for the duration of your subscription and, unless otherwise required or permitted by law, deleted or anonymized within a reasonable period following termination of your account. You are responsible for exporting your data before termination.
10.Your Rights
Subject to applicable law, including the DPDP Act, you may have the right to:
- access and obtain a copy of your personal data;
- request correction or updating of inaccurate or incomplete data;
- request erasure of your personal data where legally applicable;
- withdraw consent where processing is based on consent;
- nominate another individual to exercise your rights in the event of death or incapacity; and
- make a grievance or complaint regarding the processing of your data.
To exercise these rights, contact us using the details below. If your data is held on behalf of a firm using the Service, we may direct your request to that firm, who acts as the data fiduciary/controller. We may need to verify your identity before acting on a request.
11.Cookies & Tracking Technologies
We and our service providers use cookies and similar technologies to operate the Service, remember your preferences, analyze usage, and improve performance. You can control cookies through your browser settings; however, disabling some cookies may affect the functionality of the Service.
12.Third-Party Links & Services
The Service may contain links to, or integrations with, third-party websites and services that are not operated by us. This Privacy Policy does not apply to those third parties, and we are not responsible for their privacy practices. We encourage you to review the privacy policies of any third-party services you use.
13.Children's Privacy
The Service is not directed to children and is intended for use by professionals aged 18 and above. We do not knowingly collect personal data from children. Where we process a child's personal data as part of Customer Data, you are responsible for obtaining verifiable consent from a parent or lawful guardian as required by the DPDP Act.
14.Data Breach Notification
In the event of a personal data breach affecting your data, we will take reasonable steps to investigate and mitigate it and will notify affected parties and relevant authorities where and to the extent required by applicable law. Nothing in this section expands the liability disclaimed elsewhere in this Policy or in our Terms of Service.
15.Changes to this Privacy Policy
We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date above and, where changes are material, take reasonable steps to notify you. Your continued use of the Service after changes take effect constitutes acceptance of the revised Policy.
16.Grievance Officer & Contact
If you have questions, concerns, or complaints about this Privacy Policy or our handling of your data, or wish to exercise your rights, please contact us at:
AutoGenIQ — Grievance Officer
Email: privacy@autogeniq.in
We will acknowledge and address grievances within the timeframes required by applicable law.