This Privacy Policy is published by HRHKILLO Enterprise (OPC) Private Limited ("HRHKILLO", "we", "us") in compliance with the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and the Digital Personal Data Protection Act, 2023 (DPDP Act).
1. Information We Collect
(a) Information you provide
- Identity & contact: name, email, phone number, postal address, country.
- Project details: service required, budget, project description, files/assets you upload.
- Billing details: GSTIN, PAN (if claiming input credit), billing address.
- Communication: messages, queries, support tickets.
(b) Information collected automatically
- IP address, browser type and version, device type, OS, referring URL.
- Pages visited, time spent, click patterns (via standard server logs).
- Cookies and similar technologies for session management and analytics.
(c) Information from third parties
- Payment gateways (e.g., Cashfree, Razorpay) provide transaction confirmation. We do not store full card numbers, CVV, or banking credentials on our servers.
- Public records (MCA, GST portal) for B2B verification when applicable.
2. Purpose of Collection
- To respond to enquiries and provide quotations.
- To deliver contracted services, send invoices, and manage projects.
- To process payments through authorised gateways.
- To send transactional, support, and (with consent) marketing communications.
- To comply with legal, tax, and regulatory obligations (Companies Act, GST, Income Tax, KYC/AML).
- To prevent fraud, abuse, and security incidents.
- To improve our website and services.
3. Lawful Basis & Financial Compliance
We process personal data on one or more of the following bases: (a) your consent; (b) the performance of a contract with you; (c) compliance with a legal obligation; (d) our legitimate business interests, balanced against your rights.
Financial & RBI Compliance: In accordance with the Reserve Bank of India (RBI) guidelines regarding digital payments, KYC (Know Your Customer), and AML (Anti-Money Laundering) directives, we collect necessary billing and identity information. As an IT services provider, all our financial activities, pay-ins, and payouts are strictly processed through RBI-authorised Payment Aggregators and regulated banking channels. We do not store sensitive payment credentials (such as full credit card numbers or UPI PINs) on our servers.
4. Sharing & Disclosure
We do not sell your personal information. We may share limited data with:
- Service providers bound by contractual confidentiality (cloud hosting — Google Cloud / Firebase; email — SMTP/Nodemailer; payment gateways).
- Government / law-enforcement authorities when legally required.
- Professional advisers (auditors, legal counsel) under confidentiality.
- Successors in the event of merger, acquisition, or asset sale, with appropriate notice.
5. Cookies
We use minimal cookies for session continuity and preference storage. The Website does not use third-party advertising cookies. You can disable cookies via your browser settings; some features may stop working.
6. Data Retention
- Lead enquiries: up to 3 years from last contact.
- Active client records: for the duration of the engagement plus 8 years (statutory book-keeping under the Companies Act & Income Tax Act).
- Server access logs: up to 180 days.
7. Security
- HTTPS/TLS encryption for all data in transit.
- Data stored in secure Google Cloud / Firebase data centres (Asia/India region) with role-based access.
- Strong password / MFA on internal systems.
- Limited employee access on a strict need-to-know basis.
- Regular security reviews and patching.
While we use industry-standard practices, no method of transmission over the internet is 100% secure. You share information at your own risk.
8. Your Rights (under the DPDP Act, 2023)
- Right to access a summary of your personal data we hold.
- Right to correction and erasure of inaccurate/outdated data.
- Right to grievance redressal.
- Right to nominate another individual to exercise rights in case of incapacity.
- Right to withdraw consent at any time (subject to lawful contractual obligations).
To exercise any of these rights, email support@hrhkillo.com with the subject line "Data Rights Request".
9. Children's Data
Our services are not directed at children below the age of 18. We do not knowingly collect data from minors. If you believe a minor has provided us data, contact us so we can delete it.
10. International Transfers
Personal data is primarily stored in India. If transferred outside India (e.g., for cloud backup), we ensure equivalent protection through reputable providers (Google Cloud / Firebase) and contractual safeguards.
11. Grievance Officer
In accordance with the Information Technology Act, 2000 and the DPDP Act, 2023:
Name: Director — HRHKILLO Enterprise (OPC) Pvt Ltd
Email: support@hrhkillo.com
Phone: +91 94948 68267
Address: 16-469/3, Hanumanthavaka, Arilova, Visakhapatnam — 530040, AP, India
Response time: Acknowledgement within 48 hours; resolution within 30 days.
12. Changes to this Policy
We may update this policy from time to time. The "Last updated" date reflects the latest revision. Material changes will be highlighted on the homepage or via email where appropriate.