Privacy Policy
Last updated: 6 July 2026
This Privacy Policy explains how Rosnil (“Rosnil”, “we”, “us”) collects, uses, and protects information when you use the Rosnil platform and its products (collectively, the “Services”). We are committed to handling your data lawfully and transparently, including under India’s Digital Personal Data Protection Act, 2023 (DPDP).
Information we collect
- Account data — name, email, organization, and authentication credentials (passwords are stored only as salted hashes; we never store them in plain text).
- Usage data — actions you take in the Services, request metadata, device/browser information, and IP address, used to operate, secure, and improve the Services.
- Content you provide — data you enter or connect to run the Services (for example, campaign, source, or governance data).
- Audit and security logs — records of sensitive actions (sign-in, administrative changes) kept to protect your account.
How we use information
- To provide, maintain, and secure the Services.
- To authenticate you and enforce access and tenant isolation.
- To detect, prevent, and investigate abuse, fraud, and security incidents.
- To communicate service, security, and account notices.
- To comply with legal obligations.
Legal basis
We process personal data on the basis of your consent, the performance of our contract with you, our legitimate interests in operating and securing the Services, and compliance with applicable law.
Sharing
We do not sell your personal data. We share it only with service providers who process it on our behalf under confidentiality obligations, or where required by law. Each product tenant’s data is isolated; we do not share one customer’s data with another.
Retention
We keep personal data only as long as needed for the purposes above or as required by law, after which it is deleted or anonymized.
Security
We apply administrative, technical, and organizational safeguards — including encryption in transit, scoped access controls, rate limiting, audit logging, and regular backups. No system is perfectly secure, but we work to protect your data and to respond promptly to incidents.
Your rights
Subject to applicable law (including the DPDP Act), you may:
- Access and obtain a copy of your personal data.
- Correct or update inaccurate data.
- Request erasure of your data.
- Withdraw consent, and nominate a representative where permitted.
- Raise a grievance with our Data Protection contact.
To exercise these rights, contact privacy@rosniltech.com.
Children
The Services are not directed to children and are not intended for use by anyone who cannot form a binding contract under applicable law.
International transfers
Where data is processed outside your country, we take steps to ensure it remains protected consistent with this Policy and applicable law.
Changes
We may update this Policy from time to time. Material changes will be notified through the Services or by email, and the “Last updated” date above will change.
Contact
Data Protection contact: privacy@rosniltech.com.