🔐 Privacy Policy

Innovez Cyber Pvt. Ltd.
Last Updated: 20th March 2026

Introduction

Innovez Cyber Pvt. Ltd. (“Innovez Cyber”, “we”, “our”, “us”) is committed to protecting personal and business data with the highest standards of security, transparency, and integrity.

Our approach is driven by innovation and powered by integrity, and we continuously focus on engineering trust and securing the future.

Scope

This Privacy Policy applies to:

  • Website visitors
  • Prospective and existing clients
  • Vendors, partners, and third parties

For enterprise clients, this policy should be read alongside applicable agreements such as Master Service Agreement (MSA), Non-Disclosure Agreement (NDA), and Data Processing Addendum (DPA).

Nature of Services and Future Offerings

Innovez Cyber currently operates as a cybersecurity services provider, offering:

  • Managed Detection & Response (MDR)
  • Security Operations (SOC)
  • Cloud & Identity Security
  • Vulnerability Management
  • Security Advisory & Architecture

As part of our innovation roadmap, Innovez Cyber may develop proprietary cybersecurity tools, platforms, or software solutions in the future.

Any such future offerings will:

  • Be governed by updated privacy and data protection terms
  • Maintain equal or higher security and compliance standards
  • Be introduced with full transparency regarding data usage and processing

Categories of Data

Personal Data

  • Name, email address, phone number
  • Organization, designation, and professional details
Client Data (Enterprise Context)
  • Security logs, alerts, and telemetry
  • User activity relevant to threat detection
  • System configurations and metadata
  • Incident and forensic investigation data

Purpose of Processing

Data is processed strictly for:

  • Cybersecurity service delivery and operations
  • Threat detection, investigation, and response
  • Contractual obligations
  • Compliance with legal and regulatory requirements

Legal and Regulatory Alignment

Innovez Cyber aligns with applicable data protection laws and frameworks, including:

  • India Digital Personal Data Protection Act (DPDP Act)
  • General Data Protection Regulation (GDPR) (where applicable)
  • Industry standards such as ISO 27001, ISO/IEC 42001, and NIST frameworks

Data Ownership & Role Definition

  • Clients retain full ownership and control of their data
  • Innovez Cyber acts as a data processor (where applicable)
  • Data is processed strictly based on documented client instructions
  • Data is not used for any unauthorized or secondary purposes

AI & Responsible Data Processing (ISO 42001 Alignment)

Where AI technologies are used:

  • AI is applied only for security analytics, detection, and automation
  • No automated decision-making with legal or significant impact occurs without human oversight
  • Client data is not used for AI model training without explicit written consent
  • Data minimization, anonymization, and ethical AI principles are enforced

Our goal is to ensure AI is used responsibly, transparently, and securely.

Security Measures

We implement enterprise-grade security controls, including:

  • Encryption (TLS 1.2+ / AES-256 where applicable)
  • Zero Trust Architecture principles
  • Role-Based Access Control (RBAC)
  • Continuous monitoring, logging, and alerting
  • Secure administrative access and audit trails

Sub-processors

Innovez Cyber may engage trusted sub-processors for service delivery.

  • All sub-processors are contractually bound
  • Security and compliance due diligence is performed
  • Equivalent data protection obligations are enforced

A list of sub-processors may be provided upon request.

Data Residency & International Transfers

Data may be processed in secure cloud environments across regions (e.g., India, EU, or other global regions), depending on service architecture.

For international transfers, we ensure:

  • Adequate safeguards and contractual protections
  • Compliance with applicable data protection regulations

Data Retention

Data is retained based on:

  • Contractual agreements
  • Legal and regulatory requirements
  • Operational necessity

Data is securely deleted or anonymized when no longer required.

Data Subject Rights

Depending on applicable laws, individuals may:

  • Access, correct, or delete their data
  • Withdraw consent
  • Object to processing
  • Request data portability

Requests can be submitted to:
📧info@innovezcyber.com

Data Breach Notification

In the event of a data breach:

  • Clients will be notified without undue delay, depending on severity and contractual obligations
  • Incident details, impact assessment, and remediation steps will be communicated
  • Regulatory obligations will be fulfilled as required

Cookies & Tracking

We use cookies and similar technologies to enhance functionality, performance, and security.

Users may manage cookie preferences through browser settings.
A detailed Cookie Policy may be provided separately where required.

Children’s Privacy

Our services are not intended for individuals under 18 years of age.

Governing Law & Jurisdiction

This Privacy Policy shall be governed by the laws of India.

For international clients, applicable local data protection laws and contractual obligations will also be considered.

Updates to This Policy

We may update this Privacy Policy periodically to reflect:

  • Changes in services
  • Regulatory updates
  • Introduction of new technologies or product offerings

Contact Information

📧 Email: info@innovezcyber.com
🌐 Website: www.innovezcyber.com

🛡️ Our Commitment

Driven by Innovation. Powered by Integrity.
Engineering Trust. Securing the Future.

At Innovez Cyber, we protect data with the same rigor we apply to securing enterprises.