Get a Free Demo
Home Privacy Policy

Privacy Policy

Website: www.ezatlas.com

Effective Date: January 2026 | Version: 1.0 | Last Reviewed: January 2026

EZATLAS Pvt. Ltd. (“EZATLAS”, “we”, “us”, or “our”) respects your privacy. This Privacy Notice explains, in plain language, what personal data we collect about you when you visit our website (www.ezatlas.com) or interact with us through it, how we use that data, who we share it with, how long we keep it, and the rights you have over it.

This Notice is issued in compliance with applicable data protection laws, including the Digital Personal Data Protection Act, 2023 (India) (“DPDP Act”) and the EU General Data Protection Regulation (“GDPR”) and the UK GDPR, to the extent they apply to our processing of your personal data.

Please read this Notice carefully. If you do not agree with any aspect of it, please do not use our website or share personal data with us.

1. Who We Are

EZATLAS Pvt. Ltd. is a private limited company incorporated in India and registered at:

  • Company Name: EZATLAS Pvt. Ltd.
  • Registered Address: #824, 2nd Floor, HRBR Layout 1st Block Extension, Kalyan Nagar, Bengaluru, Karnataka – 560043, India
  • Email: sales@ezatlas.com
  • Phone: +91 999-001-9278
  • Website: www.ezatlas.com

For the personal data we collect through our website and our interactions with you, EZATLAS acts as the Data Fiduciary (under the DPDP Act) and the Data Controller (under the GDPR), and determines the purposes and means of processing.

Where we provide our software products to enterprise customers under contract, those customers (including their End-Customers) operate the deployed software on their own infrastructure and are themselves the Data Fiduciary / Controller for the personal data they process using our software. This Notice does not govern that processing.

2. Who This Notice Applies To

This Privacy Notice applies to:

  • Visitors to our website (www.ezatlas.com);
  • Individuals who contact us through our website forms (contact form, demo request, newsletter signup, sales enquiries);
  • Prospects, customers, partners, and other third parties whose personal data we collect during business interactions;
  • Job applicants who submit applications or interact with our recruiting process (where applicable through our website);
  • Any other individual whose personal data we process in the course of operating www.ezatlas.com or directly engaging with us.

Separate notices and arrangements apply to our employees, contractors, and to the personal data processed by our customers within their own deployments of our software — those individuals should refer to the relevant employer notice or customer privacy notice.

3. What Personal Data We Collect

3.1 Data You Provide Directly

When you interact with us through our website or other channels, you may provide us with personal data, including:

InteractionPersonal Data You May Provide
Contact formName, email address, company name, phone number, country, and the content of your message.
Demo / product enquiry requestName, business email, company name, job title, country, the product(s) of interest, and any free-text notes you choose to share.
Newsletter signupName and email address; optionally job role or area of interest.
Email or phone contactWhatever personal data you choose to include in your communication (name, contact details, and the substance of your message).
Business meetings, events, demosName, email, employer, job title, business interests, and notes captured during the interaction.

Please do not share special-category personal data (such as health information, religious beliefs, political opinions, biometric or genetic data) with us through our website forms or correspondence — we do not need it for the purposes set out in this Notice and will not process it.

3.2 Data We Collect Automatically

When you visit www.ezatlas.com, we collect limited technical information automatically:

  • Your device’s Internet Protocol (IP) address (which approximates a geographic location);
  • Device and browser information (browser type and version, operating system, screen resolution, language);
  • Pages you visit on our website, time spent on pages, and your navigation path;
  • The website that referred you to ours, if any;
  • Date and time of your visit.

We collect this information using essential and functional cookies and standard server logs, as described in Section 8 (Cookies). We do not use advertising cookies or third-party tracking cookies on our website.

4. Why We Use Your Personal Data (Purposes and Lawful Basis)

We use your personal data only for specific, defined purposes, and only where we have a lawful basis to do so under the DPDP Act and the GDPR.

PurposeWhat We DoLawful Basis
Respond to your enquiryReply to contact-form messages, demo / product requests, and sales / partnership enquiries.

DPDP: legitimate use / your request.

GDPR: performance of pre-contractual steps at your request and our legitimate interests.

Provide demos and pre-sales supportSchedule, deliver, and follow up on product demos.

DPDP: your request.

GDPR: pre-contractual steps and legitimate interests.

Send our newsletterSend periodic email updates about our products, releases, and industry insights.DPDP and GDPR: your consent (you can withdraw it at any time — see Section 9).
Operate and improve our websiteKeep the website working, secure it from misuse, and analyse usage at an aggregate level.

DPDP: legitimate use.

GDPR: legitimate interests in operating a functional, secure website.

Comply with legal obligationsRespond to lawful requests from regulators, law-enforcement agencies, or courts; maintain records required by law.DPDP and GDPR: legal obligation.
Establish, exercise, or defend legal claimsRetain communications and records relevant to a dispute or potential dispute.

GDPR: legitimate interests and (where applicable) legal obligation.

DPDP: legitimate use.

We will not use your personal data for any purpose materially different from those described above without first notifying you and, where required, obtaining your consent.

5. Who We Share Your Personal Data With

We do not sell your personal data. We share it only in the limited circumstances set out below, and only with parties that are bound by confidentiality and appropriate data protection obligations.

  • EZATLAS employees and contractors: Internal personnel who need to access your personal data to respond to your enquiry, deliver demos, manage our customer relationships, or operate our website. Bound by confidentiality and EZATLAS’s internal data protection policies.
  • Service providers (sub-processors): Vetted third-party providers that help us operate the business — for example, our email and collaboration platform, customer-relationship-management (CRM) tool, website-hosting provider, and analytics service. Bound by written contract including data protection terms.
  • Professional advisers: Legal counsel, auditors, accountants, and other advisers, where necessary for the conduct of our business and bound by professional confidentiality.
  • Authorities, regulators, courts: Where required by law, court order, or to protect our rights, property, safety, or that of others.
  • Acquirers (in a business transaction): If EZATLAS is involved in a merger, acquisition, restructuring, or sale of assets, your personal data may be transferred as part of the transaction, subject to standard confidentiality and continuity-of-protection commitments.

We do not share your personal data with advertising networks, data brokers, or any party that would use it for purposes other than those set out in this Notice.

6. International Transfers

EZATLAS is established in India. Some of the service providers we use may be located in, or process personal data in, countries outside India and the European Economic Area (EEA). Where personal data is transferred to such a country, we take steps to ensure that an adequate level of protection is in place, including:

  • Engaging only service providers that offer recognised data protection standards (e.g., certifications such as ISO/IEC 27001 and SOC 2);
  • Where required by the GDPR, relying on adequacy decisions of the European Commission or on Standard Contractual Clauses (SCCs);
  • Where required by the DPDP Act, complying with applicable transfer requirements as notified by the Government of India from time to time;
  • Contractually obligating service providers to apply appropriate security and confidentiality measures.

If you would like more information about the specific safeguards applied to international transfers of your personal data, please contact our Data Protection Officer (Section 12).

7. How Long We Keep Your Personal Data

We keep your personal data only for as long as we need it for the purposes set out in this Notice, or as required by applicable law. Indicative retention periods are set out below; the actual period may be shorter or longer in specific cases.

Category of Personal DataIndicative Retention
Contact-form enquiriesUp to 24 months from your last interaction with us, unless a longer period is required to fulfil your request or by law.
Demo / product enquiry recordsUp to 36 months from your last interaction with us; longer where a business relationship is established.
Newsletter subscriber dataUntil you unsubscribe, after which we retain a minimum record of your unsubscribe request to avoid contacting you again.
Customer relationship recordsDuration of the relationship plus a reasonable period afterwards (typically 7 years) to support customer service, legal obligations, and audit.
Website logs and analytics dataUp to 13 months for analytics; shorter for security logs unless retention is needed for investigation.
Records required by law (tax, accounting, etc.)For the period required by the applicable law (typically 7–8 years under Indian tax and accounting rules).

When personal data is no longer needed, we securely delete or anonymize it.

8. Cookies and Similar Technologies

Cookies are small text files that a website stores on your device when you visit. They allow the website to recognise your device on subsequent visits or while you navigate between pages.

8.1 Cookies We Use

On www.ezatlas.com, we use only essential and functional cookies — we do not use advertising cookies or third-party marketing cookies. Specifically, our cookies fall into two categories:

  • Strictly necessary (essential) cookies: Required for the website to function correctly — for example, to remember whether you have dismissed a banner, to maintain a session state, or to deliver website pages over a secure connection. These cookies cannot be disabled without breaking website functionality.
  • Functional cookies: Help us deliver a better experience — for example, by remembering your language or display preferences. These cookies do not track you across other websites and are not used for advertising.

8.2 No Advertising or Cross-Site Tracking Cookies

We do not use advertising cookies, retargeting cookies, social-media tracking pixels, or other technologies that track you across websites for marketing purposes. We do not sell or share information collected via cookies with advertising networks.

8.3 Managing Cookies

Most web browsers allow you to view, manage, or delete cookies through their settings. Disabling strictly necessary cookies may affect the functionality of our website. To learn how to manage cookies in your browser, please consult your browser’s help documentation.

9. Your Rights

You have rights in respect of the personal data we hold about you. These rights vary slightly depending on the law that applies to you, but in general you have the right to:

  • Access: Ask us to confirm what personal data we hold about you and to receive a copy.
  • Correction: Ask us to correct personal data that is inaccurate or incomplete.
  • Erasure / Deletion: Ask us to delete your personal data, subject to legal retention requirements.
  • Withdraw consent: Where we rely on your consent (e.g., for the newsletter), you can withdraw it at any time.
  • Object: Object to our processing of your personal data on certain grounds, including direct marketing.
  • Restrict processing: Ask us to limit how we use your personal data in defined circumstances (GDPR / UK GDPR).
  • Data portability: Receive your personal data in a structured, commonly used, machine-readable format and have it transmitted to another controller, where technically feasible (GDPR / UK GDPR).
  • Nominate (DPDP): Under the DPDP Act, nominate another individual to exercise your rights in the event of your death or incapacity.
  • Grievance redressal (DPDP): Under the DPDP Act, raise a grievance with our Data Protection Officer in the first instance, and escalate to the Data Protection Board of India if unresolved.
  • Complain to a supervisory authority (GDPR): Under the GDPR / UK GDPR, you may complain to your local data protection authority.

To exercise any of these rights, please contact our Data Protection Officer using the details in Section 12. We will respond as soon as reasonably practicable, and in any event within timelines set by applicable law.

Exercising your rights is free of charge in normal circumstances. We may charge a reasonable fee or refuse to act on a request that is manifestly unfounded or excessive, as permitted by law.

To verify your identity before responding to a rights request, we may ask you for additional information. This is to protect your personal data from being disclosed to someone who is not you.

10. How We Protect Your Personal Data

We take the security of your personal data seriously. We apply technical and organisational measures appropriate to the sensitivity of the data and the nature of the processing, including:

  • An information security programme certified to ISO/IEC 27001:2022 and supported by SOC 2 Type II attestation;
  • Encryption of personal data in transit (TLS 1.2 or higher) and at rest using industry-standard algorithms;
  • Role-based access controls and multi-factor authentication for personnel accessing systems holding personal data;
  • Regular security testing, vulnerability management, and patching of our systems;
  • Personnel training on data protection, confidentiality, and security responsibilities;
  • Incident response procedures for prompt detection, containment, and notification of any personal data breach.

No system is perfectly secure. If we become aware of a personal data breach that is likely to result in risk to your rights, we will notify you and the relevant authorities as required by applicable law.

11. Children’s Data

Our website and services are intended for businesses and adult professionals. We do not knowingly collect personal data from children under the age of 18 (under the DPDP Act) or 16 (under the GDPR, with reference to the lower age threshold in some EU Member States).

If you believe that we have inadvertently collected personal data from a child, please contact our Data Protection Officer (Section 12) and we will take steps to delete it.

12. How to Contact Us

12.1 Data Protection Officer

If you have any questions about this Privacy Notice, want to exercise your rights, or wish to raise a privacy-related concern, please contact our Data Protection Officer:

  • Company/Department: EZATLAS Pvt. Ltd., Attn: Data Protection Officer
  • Email: dpo@ezatlas.com
  • Postal Address: #824, 2nd Floor, HRBR Layout 1st Block Extension, Kalyan Nagar, Bengaluru, Karnataka – 560043, India
  • General Enquiries: sales@ezatlas.com | +91 999-001-9278

12.2 Supervisory Authorities and Grievance Redressal

If you are dissatisfied with our handling of your personal data or your rights request:

  • Under the DPDP Act (India): You may raise a grievance with us in the first instance through the Data Protection Officer. If unresolved, you may approach the Data Protection Board of India (when constituted) in accordance with applicable rules;
  • Under the GDPR or UK GDPR: You may complain to the data protection supervisory authority in your country of residence or workplace;
  • Under other applicable privacy laws: You may have additional avenues of recourse — please refer to the relevant law or contact the applicable regulator.

We would, however, appreciate the opportunity to address your concerns directly before you approach a regulator.

13. Changes to This Privacy Notice

We may update this Privacy Notice from time to time to reflect changes in our practices, our website, or applicable law. The version published on www.ezatlas.com is the current version.

When we make material changes, we will update the “Effective Date” at the start of this Notice and, where appropriate, notify you (for example, through a notice on our website or by email to active newsletter subscribers). We encourage you to review this Notice periodically.

14. Applicable Law

This Privacy Notice is governed by the laws of India. Specific provisions are designed to comply with:

  • The Digital Personal Data Protection Act, 2023 (India);
  • The General Data Protection Regulation (Regulation (EU) 2016/679 — “GDPR”), to the extent applicable to our processing of personal data of individuals in the European Economic Area;
  • The UK General Data Protection Regulation and the UK Data Protection Act 2018, to the extent applicable to our processing of personal data of individuals in the United Kingdom;
  • Any other privacy and data protection laws applicable to specific interactions with you.

Where there is a conflict between this Notice and applicable mandatory law, the mandatory law prevails.

EZATLAS Pvt. Ltd. | #824, 2nd Floor, HRBR Layout 1st Block Extension, Kalyan Nagar, Bengaluru, Karnataka – 560043, India

www.ezatlas.com | sales@ezatlas.com | dpo@ezatlas.com