Privacy Policy

OptiAI Tech Pvt Ltd is a technology company incorporated under the Companies Act 2013, registered in Pune, Maharashtra, India. We operate optiaitech.com and our products including Opswake (opswake.com). For data protection purposes, OptiAI Tech is the data controller (under the GDPR) and data fiduciary (under the DPDP Act 2023) for the personal data described in this policy. This policy covers our business customers, their authorised representatives, website visitors, and prospects. Our services are intended for business (B2B) use only. Grievance Officer / Data Protection contact: [Officer Name], privacy@optiaitech.com

Account & contact data: Name, business email, phone, job title, and company details when you contact us, sign up, or enter an engagement. Usage data: Pages visited, features used, session duration, device and browser information, and interaction logs to operate and improve our website and products. Billing data: Processed by our payment providers Razorpay (India) and Stripe (international). We never store raw card numbers. Project data: Information you share about your business and project requirements, which may include personal data of your own staff or customers — for which you are the controller and we act as processor.

Where the GDPR applies, we process personal data on the basis of: performance of a contract, our legitimate interests (operating and improving our products and securing our systems), consent (where required, such as certain cookies and marketing), and legal obligation. Where the DPDP Act 2023 applies, we process personal data based on your consent or for legitimate uses permitted under the Act. You may withdraw consent at any time (see 'Your rights').

To respond to enquiries and provide project scoping. To provide, operate, and improve our services and products. To send essential service communications. To comply with legal obligations. We never sell your personal data. We do not use your data for third-party advertising.

We use strictly necessary cookies to run the site, and analytics cookies to understand usage. Non-essential cookies are set only with your consent, which you can manage or withdraw via our cookie banner or your browser settings.

We share personal data only with vetted service providers acting on our instructions, including AWS (hosting), and Razorpay and Stripe (payments). Each is bound by contract to protect your data. We may also disclose data where required by law or to protect our rights. We do not sell or rent personal data.

As we serve customers globally, some data may be processed outside your country, including outside India and the EEA (for example, by Stripe). Where we transfer personal data internationally, we rely on appropriate safeguards such as Standard Contractual Clauses or an equivalent lawful transfer mechanism.

Our primary application data is hosted in AWS Mumbai (ap-south-1) in India. Certain processors — notably international payment processing via Stripe — may process limited data outside India under the safeguards described above.

We retain personal data only as long as needed for the purposes above, for the duration of our relationship, and thereafter as required to meet legal, tax, and accounting obligations. We then delete or anonymise it.

We apply technical and organisational measures including encryption in transit, access controls, and least-privilege practices. No method of transmission or storage is fully secure, but we work to protect your data and will notify you and relevant authorities of qualifying breaches as required by law.

Our services are for business use and are not directed to children. We do not knowingly collect personal data of individuals under 18. Where the DPDP Act applies, we do not process children's data without verifiable parental consent and do not track or target advertising at children.

Subject to applicable law, you may request to access, correct, update, or delete your personal data, port it, object to or restrict certain processing, and withdraw consent. Under the DPDP Act you may also nominate another individual to exercise your rights. Email privacy@optiaitech.com with subject 'Data Rights Request'. We aim to respond within 30 days, and sooner where required. If you are in the EU/UK, you may lodge a complaint with your local supervisory authority. In India, you may complain to the Data Protection Board once operational.

We may update this policy. Material changes will be communicated via email or site notice with 30 days' notice.