Privacy Policy
What we collect, why we collect it, how long we keep it, and how to make us delete it. Written under the Digital Personal Data Protection Act, 2023.
Last updated: 15 July 2026.
This policy explains what personal data PRS India ("we", "us") collects through prsindia.in, why we collect it, how long we keep it, and what you can require us to do with it. It is written to be read, not to be survived. If anything here is unclear, write to hello@prsindia.in and we will explain it in plain terms.
We are a software development company with our registered office at Sun Light Colony, Ashram, New Delhi 110013, India. For the purposes of the Digital Personal Data Protection Act, 2023 (the "DPDP Act"), we are the Data Fiduciary for the personal data described below.
What we collect
Information you give us directly
The contact form on this site asks for your name, email address, and your message. It optionally asks for your phone number, your company, the service you are interested in and an indicative budget. We also record the page you submitted from and the IP address the submission came from, because that is how we identify and discard automated spam.
The newsletter form collects your email address and nothing else.
Job applications submitted through the careers section collect the information you choose to put in them: typically your name, contact details, CV and links to your work.
If you email us or call us, we hold whatever you tell us in that conversation for as long as it is useful to the matter you raised.
Information collected automatically
We use a privacy-respecting analytics tool to count page views and understand which pages people find useful. It records the page URL, the referring site, an approximate location derived from your IP address (city level, not street level), and your device and browser type. It does not build a profile of you across other websites, and we do not sell or share this data with advertising networks.
Our servers keep standard access logs — IP address, timestamp, requested URL, user agent — which we use to detect abuse and to diagnose faults.
What we do not collect
We do not run advertising pixels, we do not operate a data broker relationship, and we do not collect sensitive personal data — health, financial account details, biometrics, caste, religion — through this website. Please do not send us any of it through the contact form. If you do, we will delete it.
Why we are allowed to process it
Under the DPDP Act we may process your personal data where you have given consent, or where the processing is for a "legitimate use" recognised by the Act. In practice:
- Answering your enquiry. When you submit the contact form you are voluntarily providing your data for the specified purpose of us getting back to you. We use it to reply, to understand your requirement and, if it goes further, to prepare a proposal.
- Delivering a project. If you become a client, we process the contact details of your team to perform the contract between us.
- Recruitment. If you apply for a role, we process your application to assess you for it.
- Newsletter. Only with your explicit consent, which you can withdraw from any email in one click.
- Security and analytics. To keep the site available, to prevent abuse, and to understand aggregate usage.
We do not use your data for automated decision-making, and we do not profile you.
How long we keep it
- Contact form submissions that do not become projects: 24 months, then deleted.
- Client records: for the duration of the engagement and for 8 years afterwards, which is what Indian tax and company law requires us to keep.
- Job applications: 12 months, so that we can come back to you if a suitable role opens. Tell us to delete it sooner and we will.
- Newsletter subscriptions: until you unsubscribe, and for 30 days afterwards so that we can honour the unsubscribe.
- Server access logs: 90 days.
- Analytics data: retained in aggregate; it is not tied to an identifiable person.
Who else sees it
We keep this list short on purpose. Personal data collected through this site may be processed by:
- Our hosting and cloud provider, which stores the database this site runs on. Data is hosted in India.
- Our email provider, which carries the messages between you and us.
- Our analytics provider, for the aggregate usage data described above.
- Our CRM and project tools, if your enquiry progresses to a live conversation.
Each of these is bound by a contract that restricts them to processing the data on our instructions. We do not sell your personal data. We do not share it with advertisers. We will disclose it to a public authority only where we are legally compelled to, and we will tell you if that happens unless we are prohibited from doing so.
Some of these providers may process data outside India. Where that happens, we rely on contractual safeguards and on transfers to jurisdictions not restricted by the Central Government under the DPDP Act.
Your rights under the DPDP Act
As a Data Principal under the DPDP Act, 2023 you have the right to:
- Access a summary of the personal data we hold about you and how we are processing it.
- Correction and erasure of data that is inaccurate, incomplete, or no longer necessary for the purpose it was collected for.
- Withdraw consent at any time, as easily as you gave it. Withdrawing consent does not make our earlier processing unlawful, but we will stop processing on that basis going forward.
- Nominate another individual to exercise these rights on your behalf in the event of your death or incapacity.
- Grievance redressal — to complain to us first, and to escalate to the Data Protection Board of India if we do not resolve it.
To exercise any of these, write to hello@prsindia.in. We will respond within 30 days. We will not charge you for it and we will not make you justify the request.
Cookies
This site sets a session cookie and a CSRF token cookie. Both are strictly necessary: the first keeps you associated with your own form submission, the second stops a third-party site from submitting the form on your behalf. Neither tracks you and neither persists beyond your session.
Our analytics does not set a cookie and does not use a persistent identifier.
We do not run third-party advertising or retargeting cookies. If that ever changes, we will ask for your consent before setting them, and this section will say so.
Grievance officer
If you think we have handled your personal data badly, tell us and we will fix it.
Grievance Officer
PRS India
Sun Light Colony, Ashram, New Delhi 110013, India
Email: hello@prsindia.in
Phone: +91 9060 444 332
We acknowledge every grievance within 72 hours and aim to resolve it within 30 days. If you are not satisfied with our response, you may complain to the Data Protection Board of India.
Children
This site is not directed at children and we do not knowingly collect the personal data of anyone under 18. If you believe a child has given us their data, write to us and we will delete it.
Changes to this policy
If we change how we handle your data in a way that materially affects you, we will update this page and change the date at the top. Where the law requires it, we will ask for your consent again rather than assume it.
Questions about your data?
Write to hello@prsindia.in and a person will answer. We do not route privacy requests through a form.