Privacy Policy

Welcome to Postly.co(“we,” “our,” “us,” or “Postly”). We are committed to protecting the privacy, confidentiality, and security of your personal data.

This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website (https://postlyco.com, the “Website”) and engage our digital marketing, brand architecture, and social media management services.

In compliance with the **Digital Personal Data Protection (DPDP) Act, 2023** (India), the **General Data Protection Regulation (GDPR)** (EU), and other applicable global privacy regulations, Postly acts as the Data Fiduciary (or Data Controller) for the personal data processed under this policy. The user is referred to as the Data Principal (or Data Subject).

We collect several types of information from and about users of our Website, including:

• Personal Identity & Contact Information: Name, business email address, corporate phone number, company name, job title, and physical address.
• Project Brief & Inquiry Details: Information regarding your marketing budgets, business challenges, services needed, and project timelines.
• Technical & Usage Data: Internet Protocol (IP) address, browser type and version, time zone setting, operating system, platform, and information about how you navigate and interact with our Website.
• Marketing & Communications Data: Your preferences in receiving newsletters or marketing updates from us, and communication history.

When you submit an inquiry or project brief through our contact forms, we collect the details you explicitly provide, which include your name, email, phone number, website URL, budget, and details about the services requested (e.g. Social Media Management, Content Strategy, Brand Consulting).

Lead Generation & Advertising Data

We may collect and process information submitted through advertising platforms including Google Ads, Meta Lead Forms, LinkedIn Lead Gen Forms, and other marketing channels. Such information is processed solely for responding to inquiries, providing quotations, and delivering requested services.

WhatsApp & Communication Consent

By providing your phone number, you consent to receive service-related communications, consultation updates, project information, and marketing communications through phone calls, SMS, email, or WhatsApp, subject to your communication preferences and applicable laws.

Purpose of Collection: We process this information to evaluate your inquiry, draft customized project strategy options, communicate responses back to you, and execute contracts.

We use cookies, web beacons, pixels, and similar tracking technologies to collect and analyze usage patterns, diagnose server problems, administer the site, and deliver personalized experiences.

Types of Cookies We Use

• Essential Cookies: Required to enable standard security, page routing, and access.
• Performance & Analytical Cookies: Help us measure visitor volume, page views, bounce rates, and traffic sources to optimize the user flow.
• Marketing & Social Cookies: Track conversions from social ads and build retargeting audiences.

You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. If you disable or refuse cookies, please note that some parts of this site may become inaccessible or not function properly.

We process your personal data for clear, lawful purposes, including:

• To provide, maintain, and optimize our Website and services.
• To respond to your inquiries, schedule consultation calls, and manage customer relations.
• To send you marketing communications, newsletters, and promotional offers (only where you have opted in).
• To analyze site performance, execute A/B testing, and audit technical stability.
• To comply with legal obligations, prevent fraud, and enforce our contracts.

Under international privacy frameworks, we rely on the following legal bases to process your personal data:

• Consent: When you voluntarily fill out contact forms or subscribe to newsletters.
• Performance of a Contract: When processing is necessary to take pre-contractual steps at your request or perform our services under a contract.
• Legitimate Interests: To improve website efficiency, secure our networks, and conduct standard marketing, provided these interests do not override your privacy rights.
• Legal Compliance: To comply with tax laws, reporting rules, or legal mandates.

We use third-party tools and services to optimize our digital operations. These providers process your personal data on our behalf under strict data processing agreements:

• Analytics Tools: Google Analytics (to analyze site usage, navigation, and user traffic sources).
• Advertising Platforms: Meta Pixel & Google Tag Manager (to measure marketing ROI and build retargeting campaigns).
• CRM & Sales Pipeline: Hubspot / Salesforce (to store client accounts and project inquiries).
• Email Marketing: Mailchimp / Sendgrid (to deliver marketing campaigns, newsletters, and email confirmations).

We do not sell, rent, or trade your personal data. We only share your data in the following restricted scenarios:

• Service Providers: With trustworthy third-party vendors who perform services for us (such as hosting, analytics, and CRM management).
• Corporate Transfers: In connection with, or during negotiations of, a merger, sale of company assets, financing, or acquisition.
• Legal Requirements: If required by law, court order, or government authority (e.g., standard DPDP Act audit requests, regulatory filings).
• Protection: To protect the rights, safety, property, and interests of Postly, our clients, or the public.

We implement robust technical and organizational security measures to prevent your personal data from being accidentally lost, used, accessed, altered, or disclosed in an unauthorized way.

All data is encrypted in transit via SSL/TLS and stored securely on servers with access controls restricted to authorized personnel only. However, please remember that no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

We will only retain your personal data for as long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements.

- **Contact/Inquiry Data:** Retained for up to two (2) years after our last contact, unless a client agreement is signed. - **Analytics Data:** Anonymized or deleted automatically after fourteen (14) months. - **Contractual Data:** Retained for seven (7) years following contract termination to comply with tax and audit laws in India.

Under India's **DPDP Act 2023**, the **GDPR**, and other global frameworks, you have specific rights regarding your personal information:

• Right to Access & Information: The right to obtain a summary of personal data processed by us and the list of processors.
• Right to Correction & Completion: The right to correct, complete, or update any inaccurate or misleading data.
• Right to Erasure (Right to be Forgotten): The right to request deletion of your personal data, subject to legal retention overrides.
• Right to Withdraw Consent: The right to withdraw consent at any time. Withdrawal will not affect the lawfulness of processing based on consent before its withdrawal.
• Right to Nominate (DPDP Specific): The right to nominate another individual to exercise your rights in the event of death or incapacity.
• Right to Grievance Redressal: The right to lodge complaints with our Grievance Officer or the Data Protection Board of India.

Children's Privacy

Our Website and services are designed for B2B use and are not directed to individuals under 18. We do not knowingly collect personal data from children. Under the DPDP Act 2023, we do not process children's data or conduct tracking that could harm them. If you believe we have accidentally collected data from a minor, contact us immediately.

International Data Transfers

If you reside outside India, please note that the personal data we collect may be transferred to and processed in India, where our databases are hosted. We utilize appropriate data transfer safeguards, including Standard Contractual Clauses (SCCs), to protect your information and ensure compliance with GDPR and other cross-border transfer laws.

If you have any questions, concerns, complaints, or seek to exercise your rights regarding this Privacy Policy, please contact our designated Grievance Officer:

For general non-legal inquiries, you may also reach our standard support desk at support@postlyco.com or via post to **Postly.co, Pune, Maharashtra, India**.