Privacy Policy

Last updated: January 2026

ByteAstra Studio LLP ("we", "our", or "us") is deeply committed to protecting your privacy. Your privacy is fundamental to our mission, and we believe that strong privacy protections build trust and respect. This Privacy Policy explains how we collect, use, process, store, and protect your information when you use our Software-as-a-Service (SaaS) products, mobile applications, web applications, and related services (collectively, the "Services").

Our Privacy Philosophy

Privacy is not an afterthought—it's a core principle. We collect only what is necessary to provide you with exceptional service. We never sell your personal information. We minimize data collection, use strong encryption, and give you control over your data. Your information belongs to you, and we are transparent about how we use it.

Information We Collect

We collect and process the following categories of information only as necessary to provide and improve our Services:

2.1 Information You Provide

• Account Information: Email address, username, password (hashed and encrypted), and profile information you choose to provide
• User Content: Data, files, content, and materials you create, upload, store, or share within our Services
• Communication Data: Messages, feedback, support requests, and other communications you send to us
• Payment Information: Processed securely through third-party payment processors (Apple, Google, Stripe). We do not store full payment card details on our servers

2.2 Automatically Collected Information

• Usage Data: Information about how you interact with our Services, including features used, actions taken, time spent, and navigation patterns
• Device Information: Device type, model, operating system version, unique device identifiers, IP address, browser type and version
• Log Data: Server logs, error reports, crash logs, and performance metrics
• Location Data: General location information (city/region level) derived from IP address, only when necessary for service functionality

2.3 Information from Third-Party Services

If you choose to connect your account with third-party services (such as cloud storage providers), we may receive information from those services as authorized by you.

How We Use Your Information

We use your information solely for the following purposes:

• Service Delivery: To provide, operate, maintain, and improve our Services
• Account Management: To create and manage your account, authenticate your identity, and process transactions
• Communication: To send you service-related notifications, respond to your inquiries, and provide customer support
• Security & Safety: To detect, prevent, and address security threats, fraud, abuse, and illegal activities
• Legal Compliance: To comply with applicable laws, regulations, legal processes, and enforceable governmental requests
• Service Improvement: To analyze usage patterns, diagnose technical issues, and enhance the functionality and performance of our Services
• Personalization: To personalize your experience, remember your preferences, and customize content and features

We do not: Sell, rent, or lease your personal information to third parties. We do not use your content for advertising purposes or share it with advertisers. We do not use your information to build advertising profiles.

Data Sharing and Disclosure

We respect your privacy and share your information only in the following limited circumstances:

4.1 Service Providers

We may share information with trusted third-party service providers who perform services on our behalf, such as:

• Cloud hosting and infrastructure providers
• Payment processors
• Email and notification services
• Analytics providers (with anonymized or aggregated data)
• Customer support tools

These service providers are contractually obligated to protect your information and use it only for the purposes we specify. They are prohibited from using your information for their own purposes.

4.2 Legal Requirements

We may disclose your information if required by law, regulation, legal process, or governmental request, or to protect our rights, property, or safety, or that of our users or others.

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change and ensure your information remains protected under this Privacy Policy.

4.4 With Your Consent

We may share your information with your explicit consent or at your direction.

Data Security

We implement comprehensive technical, administrative, and physical security measures to protect your information from unauthorized access, disclosure, alteration, or destruction:

• Encryption: All data in transit is encrypted using industry-standard TLS/SSL protocols. Data at rest is encrypted using AES-256 encryption
• Access Controls: Strict access controls and authentication mechanisms limit access to your information to authorized personnel only
• Secure Infrastructure: Our services are hosted on secure, industry-leading cloud infrastructure with regular security audits
• Regular Security Audits: We conduct regular security assessments, vulnerability scans, and penetration testing
• Incident Response: We maintain incident response procedures to promptly address and mitigate security incidents
• Employee Training: Our team is trained on privacy and security best practices

While we implement robust security measures, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security, but we are committed to protecting your information.

Data Storage and Location

Your information is stored on secure servers located in [Data Center Locations]. We may transfer and store your information in other countries where our service providers operate. By using our Services, you consent to the transfer of your information to these locations. We ensure that appropriate safeguards are in place to protect your information in accordance with this Privacy Policy and applicable data protection laws.

Data Retention

We retain your information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law:

• Account Data: Retained while your account is active and for a reasonable period after account deletion to comply with legal obligations
• User Content: Retained until you delete it or request deletion, unless legal obligations require longer retention
• Log Data: Retained for up to 12 months for security and operational purposes, then anonymized or deleted
• Marketing Communications: Retained until you opt out or request deletion

Upon account deletion or data deletion request, we will delete or anonymize your information within 30 days, except where retention is required by law.

Your Privacy Rights

You have comprehensive rights regarding your personal information. Depending on your location, these may include:

• Right to Access: Request a copy of your personal information we hold
• Right to Rectification: Request correction of inaccurate or incomplete information
• Right to Erasure: Request deletion of your personal information ("right to be forgotten")
• Right to Restrict Processing: Request limitation of how we process your information
• Right to Data Portability: Request a copy of your data in a structured, machine-readable format
• Right to Object: Object to processing of your information for certain purposes
• Right to Withdraw Consent: Withdraw consent where processing is based on consent
• Right to Opt-Out: Opt out of marketing communications at any time
• Right to Lodge a Complaint: File a complaint with a supervisory authority if you believe we have violated your privacy rights

To exercise these rights, please contact us at support@byteastra.com. We will respond to your request within 30 days, or as required by applicable law.

Cookies and Tracking Technologies

We use cookies, web beacons, and similar tracking technologies to enhance your experience, analyze usage, and improve our Services. These technologies help us:

• Remember your preferences and settings
• Authenticate your identity
• Analyze how our Services are used
• Detect and prevent security threats

You can control cookies through your browser settings. However, disabling cookies may limit certain features of our Services. We use both session cookies (temporary) and persistent cookies (remain until deleted or expired).

We do not use third-party advertising cookies or tracking technologies that collect information across websites for advertising purposes.

Third-Party Services

Our Services may contain links to or integrate with third-party services, websites, or applications. These third parties have their own privacy policies and practices. We are not responsible for the privacy practices of third-party services. We encourage you to review their privacy policies before providing any information to them.

When we integrate third-party services, we do so with privacy in mind and share only the minimum information necessary for the integration to function.

International Data Transfers

If you are located outside [Country], your information may be transferred to and processed in [Country] or other countries where our service providers operate. We ensure appropriate safeguards are in place for international transfers, including:

• Standard contractual clauses approved by data protection authorities
• Adequacy decisions by relevant authorities
• Other appropriate legal mechanisms to ensure adequate protection

Children's Privacy

Our Services are not intended for children under the age of 13 (or the minimum age in your jurisdiction). We do not knowingly collect personal information from children. If we become aware that we have collected information from a child without parental consent, we will take steps to delete that information promptly. If you believe we have collected information from a child, please contact us immediately.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us to request deletion of that information.

California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

• Right to know what personal information we collect, use, disclose, and sell
• Right to delete personal information we hold about you
• Right to opt-out of the sale of personal information (we do not sell personal information)
• Right to non-discrimination for exercising your privacy rights
• Right to correct inaccurate personal information
• Right to limit use and disclosure of sensitive personal information

To exercise these rights, contact us at support@byteastra.com.

European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA) or United Kingdom, you have rights under the General Data Protection Regulation (GDPR). We act as a data controller for your personal information. Our legal basis for processing includes:

• Performance of a contract (providing our Services)
• Legitimate interests (security, service improvement)
• Consent (where applicable)
• Legal obligations (compliance with laws)

You have the right to lodge a complaint with your local data protection authority if you believe we have violated your rights under GDPR.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other reasons. We will notify you of material changes by:

• Posting the updated Privacy Policy on our website with a new "Last updated" date
• Sending you an email notification (if you have an account)
• Displaying a prominent notice in our Services

Your continued use of our Services after such changes constitutes acceptance of the updated Privacy Policy. We encourage you to review this Privacy Policy periodically.

Data Protection Officer

For privacy-related inquiries, data protection requests, or concerns about how we handle your information, you can contact our Data Protection Officer at support@byteastra.com.

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

ByteAstra Studio LLP
Email: support@byteastra.com
Office Address: Bangalore, Karnataka, India
Registered Address: Lucknow, Uttar Pradesh, India

We are committed to addressing your privacy concerns and will respond to your inquiry within 30 days.

Effective Date: January 2026
Last Updated: January 2026
Version: 1.0