Privacy Policy

Last updated: 23 April 2026

Who we are

Kodetra Technologies Pvt. Ltd. (“Kodetra,” “we,” “us,” or “our”) is a private limited company incorporated in India. Our registered office is in Panipat, Haryana. This Privacy Policy explains how we collect, use, and protect personal data when you interact with our website at kodetra.com and our related services.

What this policy covers

This policy applies to:

• Our website at kodetra.com
• Data submitted through our contact and partnership forms
• Newsletter subscriptions to ContentBuffer collected via this site
• Calendar bookings made with us
• Communications sent to info@kodetra.com, support@kodetra.com, and partners@kodetra.com

This policy does notcover our products — QuickAutoReply, Linq List, ContentBuffer, Codebrinery, and WatchLayer each have their own separate privacy policies, which you'll find on those products' own sites.

Personal data we collect

From you directly, when you:

• Submit the contact form: your name, email address, company (if provided), project type, budget range (if provided), timeline (if provided), and the description you write.
• Submit the partnerships form: the same fields, plus your website URL, LinkedIn URL, partnership type, proposed duration, and any files you attach.
• Subscribe to the newsletter: your email address.
• Book a discovery call: your name, email, scheduled time, and anything you add in the booking form.
• Email us directly: the contents of your email and any attachments.

Automatically, when you visit:

• Technical information: your approximate location (derived from IP, never stored raw), browser type, device type, referring URL, and pages visited. We use this for aggregate analytics, not to identify you.
• Cookies and similar technologies: we use only essential cookies by default. Non-essential analytics cookies require your explicit consent.

From third parties:

• Calendar provider (Cal.com or equivalent): booking details are forwarded to us via webhook.
• We do not purchase, rent, or otherwise acquire personal data from third-party data brokers.

Why we collect this data — the purpose limitation

Under the Digital Personal Data Protection Act 2023, we're required to tell you specifically why we collect each type of data. We process personal data for these specific, enumerated purposes:

• To respond to your inquiry or booking — your form submissions and emails are processed so we can reply to you, scope potential engagements, and maintain records of business correspondence.
• To deliver the newsletter you subscribed to — your email is used to send ContentBuffer issues until you unsubscribe.
• To improve our website— aggregate analytics help us understand which pages work and which don't. This processing is pseudonymized and doesn't identify individuals.
• To protect against spam and abuse — we analyze submissions to detect automated spam and bad-faith inquiries. This uses Cloudflare Turnstile and internal filters.
• To comply with legal obligations — Indian law requires us to keep certain business records for defined periods. Personal data in those records is retained accordingly.

We do not use your data for: selling to third parties, training AI models on your personal communications, ad targeting, or any purpose not listed above.

Legal basis for processing

Under the DPDP Act, we process personal data on these lawful grounds:

• Your consent — for newsletter subscriptions, analytics cookies, and any processing we explicitly ask you to agree to.
• Legitimate use— for responding to inquiries, providing services you've engaged us for, and defending our legal interests, as defined in the Act.
• Legal obligation — where Indian law requires us to retain or process data.

Who we share data with — third-party processors

We share personal data only with service providers who help us operate our business. Each processor is bound by contract to handle your data only for the purposes we specify. Current processors:

• Database provider — stores all inquiry, partnership, subscriber, and booking data.
• Cloud hosting provider — runs our website and admin portal.
• Transactional email provider — sends confirmation emails, digests, and replies from our portal.
• Newsletter platform — delivers ContentBuffer issues.
• Calendar provider — manages discovery call bookings (Cal.com or equivalent).
• Analytics provider — aggregate website analytics. Currently Plausible, which does not use tracking cookies and does not collect personal data.
• Anti-spam provider — Cloudflare Turnstile, for distinguishing humans from automated bots.

We do not share personal data with third parties for their own marketing or analytics purposes.

International data transfers

Some of our processors may store data outside India. Where that happens, we ensure appropriate contractual protections are in place.

How long we keep your data — retention

• Inquiries and partnership submissions: retained for up to 7 years after the last interaction, in line with Companies Act record-keeping requirements for business correspondence. You can request earlier deletion using the process below.
• Newsletter subscribers: retained until you unsubscribe. Unsubscribed records are kept for up to 12 months afterward for deliverability analysis, then deleted.
• Bookings: retained for 3 years after the booking date.
• Audit logs (admin portal): retained indefinitely for security and compliance purposes. Contains administrator actions, not your personal data directly.
• Analytics data: aggregate only, retained indefinitely. Individual-level data is not stored.
• Backups: personal data in encrypted backups is retained for up to 90 days before rotation.

Your rights under the DPDP Act

You have the following rights regarding your personal data:

• Right to access — ask us what personal data we hold about you.
• Right to correction and erasure — ask us to correct inaccurate data or delete data we no longer have a legitimate basis to hold.
• Right to consent withdrawal — where processing is based on your consent, you can withdraw that consent at any time.
• Right to grievance redressal— if you're unsatisfied with how we handle your data or respond to a rights request, you can escalate through our grievance process (see below) and ultimately to the Data Protection Board of India.
• Right to nominate — you can nominate another person to exercise your rights in the event of death or incapacity, per the DPDP Act.

To exercise any of these rights, email info@kodetra.com with “Data Request” in the subject line. We'll respond within 30 days.

Grievance officer

Under the DPDP Act and the Information Technology Rules, we're required to designate a grievance officer to handle data-related complaints.

Grievance Officer: Kodetra founder
Email: info@kodetra.com
Response time: within 15 working days of receipt.

For details of how to file a grievance and what happens next, see our Grievance Redressal page.

Cookies and tracking

We use the minimum number of cookies needed to run the site:

• Essential cookies — session management, CSRF protection, theme preference. Always on; cannot be disabled without breaking site function.
• Analytics cookies— none, by default. Our analytics provider (Plausible) does not use tracking cookies. If we ever add cookie-based analytics, you'll see a consent banner and can opt in or out granularly.
• Third-party embeds — if you watch an embedded video or interact with a third-party widget, that third party may set its own cookies. We disclose this at the point of interaction.

We honor the Global Privacy Control (GPC) signal from browsers where applicable.

Security

We take reasonable security measures to protect your data:

• Encryption in transit (TLS) for all data flowing to and from our servers.
• Encryption at rest for personal data in our database, where feasible.
• Access controls on our admin portal (email + password + two-factor authentication).
• IP-address rate limiting and anti-spam filters on all public forms.
• Audit logging of all administrator actions.
• Regular backups.

No system is perfectly secure. If a security incident affects your personal data, we'll notify you and the Data Protection Board as required by the DPDP Act.

Children

Our services are intended for people aged 18 and above. We do not knowingly collect personal data from children. If you believe we've inadvertently collected a child's data, contact us and we'll delete it.

Changes to this policy

We may update this policy from time to time. Changes will be reflected in the “Last updated” date at the top. Material changes — ones that expand our data use or reduce your rights — will be notified to active newsletter subscribers by email, and an in-page banner will be shown for 30 days.

Contact

Kodetra Technologies Pvt. Ltd.
Panipat, Haryana, India
info@kodetra.com