Privacy policy

This Privacy Policy describes how Horrazon Intelligence Private Limited ("Horrazon," "we," "us") processes personal data for the Horrazon.ai platform when you interact with our marketing websites, communications, trial or production software, professional services, and related channels (collectively, the "Services"). It applies to visitors, registered users, administrators, and authorized contacts of our business customers.

Where Horrazon Intelligence Private Limited processes personal data on behalf of an organization pursuant to a services agreement, supplemental data-processing terms or a Data Processing Agreement ("DPA") may specify roles, subprocessors, technical measures, and transfer mechanisms; in case of conflict on processor obligations, the executed agreement controls for that customer relationship.

• Identity and account: full name, corporate affiliation, job title, work email, telephone numbers, authentication factors, and billing contacts where applicable.
• Usage and telemetry: product interactions, configuration choices, feature adoption metrics, diagnostic logs, approximate location derived from IP addresses, device type, operating system, browser version, and performance or stability signals.
• Commercial correspondence:records of marketing preferences, webinar registrations, event attendance, support tickets, sales conversations, and contractual exchanges.
• Customer content: data that enterprise users upload, synchronize, or generate within workspaces; such content may contain personal data relating to our customers' end users or personnel and is handled per the customer agreement and technical controls elected by the customer.

• Delivering, configuring, securing, benchmarking internally, and improving the Services.
• Authenticating users, enforcing role-based access, and investigating misuse.
• Managing subscriptions, invoicing, tax determination, and enterprise procurement workflows.
• Sending operational notices, security alerts, product updates, and—with separate consent where legally required—marketing communications that you may opt out of.
• Complying with legal obligations, responding to lawful governmental requests subject to review, and asserting or defending legal claims.
• Generating aggregate or de-identified analytics that do not reasonably identify individuals.

Where the GDPR or UK GDPR applies, we rely on contractual necessity for core Services delivery, legitimate interests that are not overridden by your fundamental rights (for example, securing our platform or analyzing aggregated reliability trends), consent where required—particularly for certain cookies or direct marketing—and legal obligation where processing is mandated by statute.

Where the Digital Personal Data Protection Act, 2023 ("DPDP Act") applies to our processing as a Data Fiduciary or Data Processor (as those terms are defined therein), we process digital personal data in accordance with this Policy, applicable consent or legitimate-use grounds permitted under Indian law, and reasonable security safeguards aligned with the volume and sensitivity of data handled through the Services.

Indian residents may contact us using the details in Section 13 to exercise rights available under the DPDP Act—including access, correction, erasure where permitted, grievance escalation, and nomination mechanisms once regulatory rules fully prescribe procedural specifics and timelines. We will verify requests consistent with law and may extend timelines where complexity or conflicting obligations apply.

We engage vetted infrastructure, communications, analytics, and security vendors bound by written obligations comparable to those we uphold. A current list of material subprocessors is available upon reasonable request to enterprise customers or may be published within administrative consoles. We may disclose personal data to regulators, courts, or law-enforcement agencies when legally compelled after assessing jurisdictional validity and narrowing requests where appropriate.

Business transactions such as mergers or acquisitions may involve transfers of personal data with notice as required by applicable law and, where feasible, contractual continuity safeguards for customers.

Personal data may be processed in India and other countries where we or subprocessors maintain facilities. Where transfers originate from jurisdictions requiring supplementary safeguards (such as standard contractual clauses, adequacy decisions, or binding corporate rules), we implement measures consistent with regulator guidance.

We retain personal data only as long as necessary for the purposes described, unless a longer period is required or permitted by law (for example, taxation, dispute limitation statutes, or regulatory inquiries). Retention schedules vary by category; backups may persist for a limited technical cycle before deletion.

Horrazon Intelligence Private Limited maintains administrative, technical, and organizational controls—including access reviews, encryption in transit where supported for Services interfaces, logging, vulnerability management practices, and personnel confidentiality commitments—designed to protect personal data commensurate with risk. No security program eliminates all risk; customers share responsibility for credential hygiene, workspace permissions, and endpoint protection.

Subject to applicable law, you may request access, rectification, deletion, restriction, portability of machine-readable personal data you supplied, or objection to certain processing. Marketing preferences may be managed through unsubscribe links or account settings. To submit a privacy request, contact hello@horrazon.com; we may authenticate requests before fulfilling them. You may lodge a complaint with your local supervisory authority or, where applicable, the Board notified under the DPDP Act once operational.

The Services are directed at organizations and adult professionals. We do not knowingly collect personal data from individuals below sixteen (16) years of age—or the higher minimum age prescribed locally—for contractual purposes. If you believe we have inadvertently processed such data, notify us promptly so we may delete it where verification confirms the circumstances.

We deploy cookies, pixels, local storage, and analogous technologies as described in our Cookie policy. Preference centers or banners—when presented—allow granular choices where legally mandated.

We may amend this Privacy Policy to reflect legal, regulatory, or operational developments. The effective date atop this page will change accordingly; material revisions may be communicated through additional channels where appropriate.

Privacy inquiries and regulatory correspondence should be directed to hello@horrazon.com.