Privacy Policy
How we protect
your data.
Effective: 28 April 2026 · Version 2.0
1. Introduction and Scope
Sicora Technologies Pvt. Ltd. ("Sicora", "we", "our", or "us"), a private limited company incorporated under the Companies Act, 2013, with its registered office in Pimpri-Chinchwad, Maharashtra, India, operates the website sicora.in (the "Site").
This Privacy Policy governs the collection, use, storage, disclosure, and protection of personal data obtained from individuals ("you", "your") who interact with the Site or communicate with us. It is published in compliance with:
- The Digital Personal Data Protection Act, 2023 (DPDP Act) and rules framed thereunder;
- The Information Technology Act, 2000 and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, to the extent applicable; and
- Generally accepted principles of data privacy and fair information practices.
By accessing the Site or communicating with us, you acknowledge that you have read and understood this Policy and consent to the practices described herein.
2. Definitions
For the purposes of this Policy:
- "Personal Data" means any data about an individual who is identifiable by or in relation to such data, as defined under Section 2(t) of the DPDP Act.
- "Processing" means any operation or set of operations performed on personal data, including collection, storage, use, and disclosure.
- "Data Principal" means the individual to whom the personal data relates (i.e., you).
- "Data Fiduciary" means the entity that determines the purpose and means of processing (i.e., Sicora).
- "Consent Manager" means a person registered with the Data Protection Board of India who enables a Data Principal to give, manage, review, and withdraw consent through an accessible, transparent, and interoperable platform.
3. Categories of Data Collected
We collect only the minimum personal data necessary to achieve the purposes outlined in this Policy. The categories are:
(a) Voluntarily Provided Data: When you email us at any of our published addresses, you may disclose:
- Your full name
- Your email address
- Your company or organizational affiliation
- Your professional title or role
- The content and subject matter of your communication
(b) Automatically Collected Technical Data: By virtue of visiting the Site, certain technical data is necessarily transmitted to our hosting infrastructure. This includes your IP address, browser type and version, operating system, referring URL, timestamp of access, and request path. This data is processed transiently by Cloudflare's content delivery network and is not logged or stored by Sicora for any purpose beyond the technical delivery of the Site.
We categorically do not collect:
- Sensitive personal data (financial account credentials, government-issued identifiers, health or biometric data, genetic data, caste or religious affiliation, political opinions, sexual orientation);
- Any data through cookies, tracking pixels, analytics scripts, or behavioural profiling technology;
- Any data from individuals under 18 years of age (see Section 10).
4. Purpose and Legal Basis for Processing
We process your personal data solely for the following purposes and on the following lawful bases:
| Purpose | Lawful Basis |
|---|---|
| Responding to your inquiries, pricing requests, and partnership proposals | Consent (Section 4 of DPDP Act) — implied by your act of contacting us |
| Sending updates about our product launch, features, and availability | Consent — you may withdraw at any time by replying "unsubscribe" |
| Protecting the security and integrity of the Site | Legitimate interest — network security, fraud prevention, abuse detection |
| Complying with legal obligations under Indian law | Legal obligation — regulatory, judicial, or law-enforcement compliance |
5. Cookies and Tracking Technology
The Site does not deploy any cookies (HTTP, session, persistent, or otherwise), web beacons, pixel tags, browser fingerprinting scripts, analytics libraries, or advertising trackers. There is no mechanism by which we monitor, profile, or track your browsing behaviour across this Site or any other website.
The Site loads typefaces from Google Fonts (fonts.googleapis.com and fonts.gstatic.com). Google may log the HTTP request for font-file delivery, caching, and abuse-prevention purposes. Google's handling of such data is governed by its own privacy policy. We do not transmit any personal data to Google through this mechanism.
The Site is hosted on Cloudflare Pages. Cloudflare processes IP addresses and HTTP request metadata as part of its content delivery and DDoS mitigation infrastructure. Cloudflare's data processing is governed by its Data Processing Addendum and Privacy Policy, available at cloudflare.com.
6. Data Storage, Security, and Retention
Storage: Email correspondence is stored on access-controlled mail servers with encryption in transit (TLS 1.3) and at rest (AES-256). Access to email systems is restricted to authorised personnel with a legitimate business need and is protected by multi-factor authentication, access logging, and periodic access reviews.
Security: We implement and maintain reasonable security practices and procedures as required under Section 8 of the DPDP Act and Rule 8 of the IT Rules, 2011, including but not limited to:
- Encryption of data in transit and at rest;
- Access control and least-privilege policies;
- Regular security assessments and vulnerability management;
- Incident response and data breach notification procedures.
Notwithstanding these measures, no method of electronic storage or transmission is absolutely secure. In the event of a personal data breach, we will notify affected Data Principals and the Data Protection Board of India as required under Section 8(6) of the DPDP Act.
Retention: We retain personal data only for as long as is necessary to fulfil the purpose for which it was collected, or as required by applicable law. Email correspondence is typically retained for the duration of the business relationship plus a period of three (3) years thereafter. You may request earlier deletion at any time (see Section 8).
7. Data Sharing and Disclosure
We do not sell, rent, licence, or trade personal data to any third party for monetary or other valuable consideration.
We may disclose personal data only in the following limited circumstances:
- Service Providers: To Cloudflare, Inc. for hosting and content delivery, and to our email service provider for mail delivery and storage. These providers are contractually bound to process data only on our instructions and to maintain confidentiality and security commensurate with this Policy.
- Legal Compliance: To courts, law enforcement agencies, regulatory bodies, or government authorities, if required by a valid legal order, subpoena, or statutory obligation under Indian law.
- Business Transfer: To a successor entity in the event of a merger, acquisition, restructuring, or sale of all or substantially all of Sicora's assets, provided the successor agrees to be bound by terms substantially similar to this Policy.
- With Your Consent: To any other party, with your explicit prior consent.
8. Your Rights Under the DPDP Act
As a Data Principal under the DPDP Act, you have the following rights, which may be exercised by contacting us at the address in Section 12:
- Right to Access and Confirm — You may request confirmation of whether we are processing your personal data and obtain a summary of the data being processed, the processing activities, and the identities of any parties with whom the data has been shared (Section 11).
- Right to Correction and Erasure — You may request the correction of inaccurate or incomplete personal data and the erasure of personal data (Section 12). Upon receiving such a request, we will take reasonable steps to comply within the prescribed timeline.
- Right to Withdraw Consent — You may withdraw your consent to the processing of your personal data at any time (Section 6(4)). Withdrawal will not affect the lawfulness of processing carried out before the withdrawal. Upon withdrawal, we will cease processing within a reasonable period unless retention is required by law.
- Right to Grievance Redressal — You have the right to lodge a complaint with us (see Section 12) and, if unsatisfied with our response, with the Data Protection Board of India established under the DPDP Act (Section 13).
- Right to Nominate — You may nominate another individual to exercise your rights in the event of your death or incapacity (Section 14).
We will respond to all valid requests within the timeline prescribed by the DPDP Act and applicable rules. We may require verification of your identity before processing any request.
9. Cross-Border Data Transfers
Our hosting infrastructure is provisioned through Cloudflare's global content delivery network. As a result, technical data (IP addresses, HTTP request metadata) may be processed on servers located outside India, including in the United States, Europe, and the Asia-Pacific region.
We rely on Cloudflare's contractual commitments, including its Data Processing Addendum incorporating Standard Contractual Clauses, to ensure that any cross-border transfer of personal data is subject to an adequate level of protection as required under Indian law. On the effective date of the DPDP Act's provisions governing cross-border transfers, we will comply with any additional safeguards or restrictions prescribed thereunder.
10. Children's Privacy
The Site is not directed to individuals under the age of 18, and we do not knowingly collect personal data from children. The DPDP Act imposes specific obligations for processing the data of children (defined as individuals under 18 years), including the requirement to obtain verifiable parental consent. As our Site does not target, market to, or knowingly interact with children, we do not engage in such processing.
If we become aware that we have inadvertently collected personal data from a child without parental consent, we will delete it promptly. To report such an instance, contact us at the address in Section 12.
11. Changes to This Policy
We may revise this Privacy Policy from time to time to reflect changes in our practices, technology, legal obligations, or regulatory requirements. The revised Policy will be posted on this page with an updated effective date and version number.
If the revisions are material, we will make reasonable efforts to notify individuals who have provided us with their email address at least fifteen (15) days before the changes take effect. Your continued interaction with the Site or continued communication with us after the effective date constitutes acceptance of the revised Policy.
12. Grievance Redressal and Contact
For any questions regarding this Privacy Policy, to exercise your data rights, or to register a complaint or grievance, please contact our designated Grievance Officer:
Grievance Officer
Sicora Technologies Pvt. Ltd.
Pimpri-Chinchwad, Maharashtra — 411 017
India
Email: sales@sicora.in
We will acknowledge your grievance within seven (7) working days and endeavour to resolve it within thirty (30) days. If you are not satisfied with our response, you may escalate your complaint to the Data Protection Board of India once it is constituted and operational.