Up2peaks Privacy Policy For Better Understanding.

Up2peaks Privacy Policy For Better Understanding.

The M/s Up2peaks privacy policy, while being an Indian Company. Observe & make sure that your data is safe with us. We comply with laws like the DPDP Act, GDPR, & CCPA.

Last Updated – 24-09-2025

As a world-class legal expert with comprehensive knowledge across all fields of law, including data protection, intellectual property, international compliance, and digital regulations, I have drafted this revised Privacy Policy for your Indian-based digital marketing company.

This document is meticulously crafted to ensure full adherence to Indian laws such as the Digital Personal Data Protection Act, 2023 (DPDP Act), the Information Technology Act, 2000 (as amended), the Copyright Act, 1957, and relevant provisions under the Indian Penal Code, alongside global standards including the General Data Protection Regulation (GDPR) for EU data subjects, the California Consumer Privacy Act (CCPA) for California residents, and other applicable international data protection and privacy laws worldwide.

We commit to following every law in this world that pertains to our operations, ensuring ethical, transparent, and lawful handling of personal data and intellectual property. This policy is binding and enforceable under Indian jurisdiction, with disputes governed by the laws of India and subject to the exclusive jurisdiction of the courts in [Your City, e.g., Mumbai], India.

At Up2peaks (“we,” “us,” or “our”), an entity incorporated and operating under the laws of India, we are dedicated to safeguarding your privacy and the integrity of our intellectual property. This Privacy Policy outlines how we collect, use, disclose, protect, and manage your personal information and our website content when you interact with our services, including our website, digital marketing campaigns, social media management, email marketing, analytics services, advertising platforms, SEO optimization, content creation, lead generation, and all other comprehensive digital marketing offerings (collectively, the “Services”).

By accessing or using our Services, including our website, you agree to the terms of this Privacy Policy and acknowledge that any unauthorized use of our content constitutes copyright infringement, subjecting violators to legal action under the Copyright Act, 1957, and international copyright treaties such as the Berne Convention.

Read privacy policy

1. Information We Collect

In compliance with the DPDP Act and global privacy laws, we collect only the information necessary for providing our Services, with explicit consent where required. We collect information you provide directly, information gathered automatically, and data from third parties, categorized as follows:

1.1 Personal Information

  • Contact and Identification Details: Name, email address, phone number, mailing address, Aadhaar number (if voluntarily provided for KYC purposes under Indian law), or other identifiers you submit when engaging with our Services, subscribing to newsletters, filling out contact forms, or inquiring about our digital marketing solutions.
  • Account and Authentication Data: Username, password, biometric data (if applicable for secure access), and other credentials for user accounts on our platform.
  • Financial and Payment Information: Billing details, bank account information, UPI IDs, or payment method details, processed securely via RBI-compliant third-party gateways like Razorpay or Paytm, in line with the Payment and Settlement Systems Act, 2007.
  • Marketing and Preference Data: Preferences for receiving promotional emails, SMS, or targeted ads, including opt-in consents under the Telecom Regulatory Authority of India (TRAI) regulations.
  • User-Generated Content: Feedback, reviews, survey responses, or campaign interactions you provide.

1.2 Automatically Collected Information

  • Usage and Behavioral Data: Details on your interactions, such as pages viewed, time spent, clicks on links, email opens, ad engagements, and search queries, tracked via cookies and analytics tools compliant with Indian IT Rules, 2021.
  • Technical and Device Data: IP address, browser type, operating system, device ID, internet service provider, and hardware details, collected to ensure service functionality and security.
  • Location Data: Approximate geolocation from IP address or precise location (with explicit consent under DPDP Act Section 6) for location-specific marketing, such as geo-targeted ads in compliance with TRAI guidelines.
  • Analytics and Performance Data: Aggregated insights from tools like Google Analytics (with anonymization where required) or Indian alternatives, to measure campaign ROI and user engagement without compromising privacy.

1.3 Information from Third Parties

  • Partner and Platform Data: Data from social media (e.g., Facebook, Instagram), ad networks (e.g., Google Ads), or CRM tools when you interact with our campaigns, obtained with your consent and in accordance with platform-specific privacy policies.
  • Client-Supplied Data: Lists or datasets provided by clients (e.g., leads, customer emails) for campaign execution, processed as a data fiduciary under the DPDP Act, ensuring client data is handled lawfully.
  • Public and Aggregated Sources: Non-personal data from public domains, government registries (e.g., MCA portal for business verification), or aggregated market research, used ethically and without infringing privacy rights.

We do not collect sensitive personal data (e.g., health, religion, or biometric information beyond authentication) unless explicitly required and consented to under law.

2. How We Use Your Information according to the Up2peaks privacy policy

Our use of information is limited to legitimate purposes under Indian and global laws, including:

  • Service Delivery and Execution: To design, implement, and manage full-spectrum digital marketing services, such as SEO, PPC, content marketing, social media strategies, email automation, and performance analytics, ensuring optimal results for clients.
  • Personalization and Targeting: To customize ads, content, and communications based on your preferences, using AI-driven tools compliant with algorithmic transparency requirements under emerging Indian AI regulations.
  • Analytics, Research, and Improvement: To analyze trends, optimize campaigns, and enhance Services, with data anonymized or pseudonymized per DPDP Act guidelines.
  • Communications and Support: To send transactional emails/SMS (e.g., order confirmations), respond to queries, and provide customer service, adhering to TRAI’s unsolicited commercial communications rules.
  • Fraud Prevention and Security: To detect threats, verify identities, and protect against cyber risks under the IT Act, 2000.
  • Legal and Compliance Obligations: To fulfill statutory requirements, such as tax reporting under the Income Tax Act, 1961, audit trails under the Companies Act, 2013, or international data transfer safeguards. Marketing and Business Development: With consent, to promote our Services via newsletters or targeted ads, always providing easy opt-out mechanisms.

All processing is conducted with a lawful basis (consent, contract, legal obligation, or legitimate interest) as per the DPDP Act Section 4 and GDPR Article 6.

3. How We Share Your Information

We share information only as necessary and in strict compliance with data minimization principles:

  • Service Providers and Vendors: With trusted Indian and global partners (e.g., cloud providers like AWS India, email platforms like Mailchimp) bound by data processing agreements under the DPDP Act, ensuring they act as data processors.
  • Clients and Affiliates: Aggregated or anonymized campaign data shared with clients for reporting; personal data only with explicit consent or as a data processor for client campaigns.
  • Business Transactions: In mergers, acquisitions, or asset sales, data may transfer to successors, with notice and continued protection under Indian insolvency laws.
  • Legal and Regulatory Disclosures: To comply with court orders, government authorities (e.g., CERT-In under the IT Act), or international requests via mutual legal assistance treaties. With Consent: For joint ventures, partnerships, or third-party integrations, only upon your explicit approval.

We do not sell, rent, or trade personal data. Cross-border transfers (e.g., to servers in the US or EU) use adequacy decisions, Standard Contractual Clauses, or government-approved mechanisms under DPDP Act Section 16 and GDPR Chapter V, ensuring equivalent protection levels.

4. Copyright and Intellectual Property Protection

All content on our website and Services—including text, images, graphics, logos, videos, marketing materials, code, designs, and databases—is the exclusive intellectual property of [Your Digital Marketing Company Name] and protected under the Copyright Act, 1957 (India), the Designs Act, 2000, and international treaties like the TRIPS Agreement and Berne Convention.

Prohibition on Use: No person, entity, or user is permitted to copy, reproduce, distribute, modify, display, perform, transmit, adapt, or create derivative works from any website content without our prior written consent. Unauthorized use, including scraping, mirroring, or commercial exploitation, constitutes copyright infringement under Section 51 of the Copyright Act, 1957, and may result in civil remedies (e.g., damages, injunctions), criminal penalties (up to 3 years imprisonment and fines under Section 63), and DMCA takedown notices for global enforcement.

We actively monitor for violations using tools compliant with Indian cyber laws and reserve all rights to pursue legal action worldwide. Fair use or exceptions under law (e.g., for criticism or education) are narrowly construed and do not extend to commercial digital marketing purposes.

By using our Services, you grant us a limited, revocable license to use your user-generated content for the intended purposes, but retain your ownership rights.

5. Cookies, Tracking Technologies, and Data Retention

We employ cookies, pixels, beacons, and similar technologies for functionality, analytics, and advertising, in compliance with IT Rules, 2021, and ePrivacy Directive equivalents:

  • Essential cookies for site operation.
  • Analytics cookies for performance tracking.
  • Marketing cookies for targeted ads, with opt-out options.

You may manage preferences via browser settings or our cookie consent banner. We retain data only as long as necessary (e.g., 2 years for marketing data per DPDP Act) or as required by law (e.g., 7 years for financial records under Companies Act), after which it is securely deleted or anonymized.

6. Your Rights and Choices

Under the DPDP Act, GDPR, CCPA, and global equivalents, you have robust rights:

  • Access and Confirmation: Request details on processing.
  • Correction and Completion: Update inaccurate data.
  • Erasure (“Right to be Forgotten”): Delete data, subject to legal retention.
  • Restriction and Objection: Limit processing or object to direct marketing.
  • Portability: Receive data in machine-readable format.
  • Withdraw Consent: At any time, without affecting prior processing.
  • Grievance Redressal: Lodge complaints with our Grievance Officer or the Data Protection Board of India.

Exercise rights by emailing [contact@up2peaks.in]. We respond within 30 days (or 72 hours for urgent GDPR requests). For opt-outs, use unsubscribe links or TRAI’s DND registry.

7. Data Security and Breach Notification

We implement state-of-the-art security measures—encryption (AES-256), access controls, regular audits, and ISO 27001 compliance—to protect data from breaches, as mandated by the IT Act Section 43A and the DPDP Act. In case of a breach, we notify affected users and authorities within 72 hours (per global standards) or 6 hours (per RBI guidelines for financial data).

8. Children’s Privacy and Special Protections

Our Services are not for children under 18. We do not knowingly collect data from minors without parental consent, per the POCSO Act, 2012, and COPPA equivalents. Verified parental consent is required for any such interactions.

9. Third-Party Links and Liability

Links to third-party sites are for convenience; we disclaim liability for their practices. All Services are provided “as is,” with no warranties beyond statutory ones under the Consumer Protection Act, 2019.

10. International Compliance and Governing Law

As an Indian company serving global clients, we adhere to every applicable law worldwide, including sector-specific regulations (e.g., HIPAA for health-related marketing if applicable). This Policy is governed by Indian law; disputes resolved via arbitration under the Arbitration and Conciliation Act, 1996, in New Delhi, India.

11. Changes to This Privacy Policy

Updates will be posted here with the “Last Updated” date. Material changes trigger notifications via email or site notice. Continued use post-update implies acceptance.

12. Contact Us

For queries, rights exercises, or complaints:

Email: contact@up2peaks.in Phone: +91-9958966438 Website: www.up2peaks.in/privacy-policy

Under the DPDP Act, contact our Data Protection Officer at the above. We are committed to resolving issues promptly and transparently.

This Privacy Policy ensures your company operates as a responsible global citizen, fully compliant with all laws. Should you require further legal advice or amendments, consult a qualified attorney. Thank you for entrusting Up2Peaks with your data and business needs.