Codly India Private Limited is committed to protecting your privacy and handling your personal data with transparency and care.
📅 Last Updated: May 25, 2025
🇮🇳 Governed by Indian IT Act 2000 & GDPR
01Who We Are
Codly India Private Limited ("Codly India", "we", "us", "our") is a custom software development company headquartered in Siliguri, West Bengal, India. We build mobile apps, AI solutions, SaaS platforms, web applications, and business automation systems for clients globally.
This Privacy Policy applies to our website at https://codly.in, our client portal, and all services we offer. By using our website or engaging our services, you agree to the practices described in this policy.
📬 Data Controller: Codly India Private Limited, Siliguri, West Bengal — 734001, India.
📧 Privacy Contact: privacy@codly.in | +91 6297 247 367
02Data We Collect
We collect only the data necessary to provide our services and improve your experience. We collect data through:
Contact & Quote Forms: Name, email address, phone number, company name, project description, and budget range when you submit forms on our website.
Account Registration: Email, password (hashed, never stored in plain text), and optional profile information for client portal accounts.
WhatsApp Communication: Messages, attachments, and contact details shared when you contact us via WhatsApp.
Job Applications: Name, email, phone, resume/CV, cover letter, portfolio links, and experience details submitted through our careers form.
Cookies & Analytics: IP address, browser type, device type, pages visited, time on site, and referral source — collected via cookies and analytics tools.
Payment Information: We do not store card details. Payments are processed by Razorpay, Stripe, or PayPal, which are PCI-DSS compliant.
03How We Use Your Data
Your data is used strictly for the following purposes:
Service Delivery: To communicate, prepare proposals, manage projects, and deliver the services you have engaged us for.
Account Management: To maintain your client portal account, project history, and invoices.
Lead Follow-up: To respond to inquiries, send proposals, and schedule consultations — based on your explicit request.
Marketing Communications: With your consent only, we may send newsletters, product updates, or case studies. You can unsubscribe at any time.
Legal Compliance: To comply with Indian laws, tax regulations, court orders, or regulatory requirements.
Website Improvement: Anonymised analytics data to understand how visitors use our site and improve user experience.
We never sell, rent, or trade your personal data to third parties for their marketing purposes.
04Data Sharing & Third Parties
We share your data only in the following limited circumstances:
Service Providers: Trusted tools we use to operate our business — such as cloud hosting (AWS, Google Cloud), email (Google Workspace), project management (Jira, Notion), and analytics (Google Analytics). These providers are bound by data processing agreements.
Payment Processors: Razorpay, Stripe, or PayPal — for secure payment processing. We share only the minimum data required for the transaction.
Legal Requirements: If required by law, court order, or government authority in India or applicable jurisdictions.
Business Transfers: In the event of a merger, acquisition, or asset sale, your data may be transferred. We will notify you in advance and obtain consent where required.
All third-party data processors are contractually bound to keep your data confidential and use it only for the purposes we specify.
05Cookies & Tracking Technologies
We use cookies and similar technologies on our website. You can control cookies through the cookie consent banner displayed on your first visit.
Essential Cookies: Necessary for the website to function (session management, security). Cannot be disabled.
Analytics Cookies: Google Analytics — tracks page views, session duration, and traffic sources in anonymised form. You can opt out via the cookie banner or Google's opt-out tool.
Preference Cookies: Remembers your dark mode preference, cookie consent choice, and WhatsApp popup suppression.
Marketing Cookies: Only set with your explicit consent. Used for retargeting ads on Google and Meta platforms.
Cookies expire between 30 minutes (session cookies) and 1 year (preference cookies). You can delete cookies at any time through your browser settings.
06Data Storage & Security
Your data is stored on secured servers located in India and/or within the EU/US via trusted cloud providers. We implement industry-standard security measures including:
🔐 TLS 1.3 encryption for all data in transit (HTTPS enforced site-wide)
🔒 AES-256 encryption for sensitive data at rest
🔑 Bcrypt hashing for all passwords (never stored in plain text)
🛡️ Role-based access control (RBAC) — team members access only what they need
🔍 Regular security audits and vulnerability testing
🗂️ Database backups with point-in-time recovery
Data Retention: We retain your data for as long as necessary to provide our services. Contact form submissions are retained for 3 years. Client project data is retained for 7 years for legal/tax compliance. You can request deletion at any time.
In the event of a data breach that affects your personal data, we will notify you and relevant authorities within 72 hours as required by GDPR Article 33.
07Your Rights
Depending on your location, you may have the following rights regarding your personal data:
Right to Access: Request a copy of the personal data we hold about you.
Right to Rectification: Request correction of inaccurate or incomplete data.
Right to Erasure ("Right to be Forgotten"): Request deletion of your personal data, subject to legal obligations.
Right to Restrict Processing: Request that we limit how we use your data in certain circumstances.
Right to Data Portability: Receive your data in a structured, machine-readable format.
Right to Object: Object to processing based on legitimate interests or for direct marketing.
Right to Withdraw Consent: Withdraw consent at any time for consent-based processing (e.g., marketing emails).
To exercise any of these rights, email us at privacy@codly.in or message us on WhatsApp. We will respond within 30 days as required by GDPR.
08Children's Privacy
Our services are not directed to individuals under the age of 18 years. We do not knowingly collect personal data from minors. If you believe we have inadvertently collected data from a child, please contact us immediately at privacy@codly.in and we will delete such data promptly.
09Third-Party Links
Our website may contain links to external websites (e.g., Google Maps, LinkedIn, Instagram, WhatsApp). We are not responsible for the privacy practices of these third-party sites. We encourage you to read their privacy policies before sharing any personal data.
10Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make significant changes, we will:
Update the "Last Updated" date at the top of this page
Display a notice on our website for 30 days
Send an email notification to registered users for material changes
We encourage you to review this policy periodically. Continued use of our services after changes take effect constitutes acceptance of the revised policy.
11Contact Us / Data Protection
If you have any questions, concerns, or requests regarding this Privacy Policy or the handling of your personal data, please contact us through any of the following channels:
📧 Email: privacy@codly.in
💬 WhatsApp: +91 6297 247 367
📮 Post: Codly India Private Limited, Siliguri, West Bengal — 734001, India
We take all privacy concerns seriously and will respond within 30 business days. If you are unsatisfied with our response, you have the right to lodge a complaint with the relevant data protection authority in your country.
💬
Have a Privacy Question?
We're always transparent. Message us on WhatsApp and we'll respond within the hour during business hours.