This page is a structured template. Final copy must be drafted using a DPDP-Act-compliant generator and reviewed by counsel before launch (per project brief §6).
01
Introduction
This Privacy Policy explains how IVS Group ("we", "us", "our") collects, uses, shares, and protects personal data when you visit our website at ivsgroup.in, contact us via the contact form, or otherwise engage with the group.
IVS Group is a common strategic identity for a portfolio of independently operating companies promoted and majority-controlled by Mr. Vikas Ramniwas Sharma. Each group company is a separate legal entity with its own data practices.
Lawyer to draft
Identify the specific legal entity acting as Data Fiduciary for this website (likely the group's lead operating company or a designated services entity). Confirm registered address, contact, and DPDP grievance officer details. Clarify the relationship between this notice and the policies of individual group companies.
02
Personal data we collect
We may collect the following categories of personal data when you interact with this website:
Contact-form data — name, email address, organisation, reason for inquiry, and message content (submitted to a single inbox).
Technical data — IP address, browser type, device information, and pages visited.
Analytics data — aggregated, cookieless usage data via [analytics provider — TODO].
Lawyer to draft
Enumerate categories in line with DPDP Act §4–§7. Confirm whether sensitive personal data is collected. Specify all data sources, including third-party integrations.
03
Purpose of processing
We process personal data to:
Respond to your inquiry submitted via the contact form.
Route media, partnership, investor, and general inquiries to the right person.
Maintain and improve the website.
Meet our legal and compliance obligations.
Lawyer to draft
Map each data category to a specific lawful purpose. Confirm no purpose is broader than necessary for the stated objective.
04
Legal basis & consent
We process personal data on the basis of your consent, given when you submit the contact form, and for legitimate uses permitted under the DPDP Act, 2023.
Lawyer to draft
Articulate the specific lawful bases relied upon under DPDP §6 and §7. Confirm consent-capture mechanics (clear-and-affirmative, withdrawable). Cover any 'legitimate use' exceptions claimed.
05
Sharing & disclosure
We do not sell personal data. We may share personal data with:
Group companies for the purpose of routing your inquiry.
Service providers acting as Data Processors on our behalf (e.g. email, hosting, form-handler).
Authorities where required by law.
Lawyer to draft
List specific named processors. Confirm data-processing agreements are in place. Address inter-group-company sharing carefully — each group company is a separate legal entity.
06
Retention
We retain personal data only for as long as necessary for the purposes set out above, or for the period required by applicable law.
Lawyer to draft
Provide specific retention periods by data category. Address the DPDP Act's 'deletion upon purpose completion' requirement.
07
Security
We apply reasonable technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure, and destruction.
Lawyer to draft
Describe security measures at an appropriate level of generality. Address breach-notification procedures per DPDP §8(6).
08
Your rights under the DPDP Act, 2023
As a Data Principal, you have the right to:
Access — request a summary of personal data we hold about you.
Correction & erasure — request that inaccurate data be corrected or that data no longer needed be erased.
Withdrawal of consent — withdraw consent for processing at any time.
Grievance redressal — file a complaint with our grievance officer (see §13).
Nominate — nominate another individual to exercise these rights on your behalf.
Lawyer to draft
Map each right to the specific DPDP provision and confirm the exercise mechanism (form, email, response timelines).
09
Cookies & analytics
This site uses cookieless analytics. We do not deploy advertising or tracking cookies. The site uses functional cookies only where strictly necessary for it to operate.
Lawyer to draft
Confirm analytics provider (Vercel Analytics or Plausible per project brief §7). Confirm whether a cookie banner is required under the chosen setup.
10
Children & persons with disabilities
This website is not directed to children under 18 or to persons with disabilities. We do not knowingly process personal data of such persons without verifiable consent of a parent or lawful guardian, as required by the DPDP Act.
Lawyer to draft
Mirror the exact language required under DPDP §9 for processing data of children and persons with disabilities.
11
Cross-border transfers
Personal data may be processed in or transferred to countries other than India for legitimate operational purposes. We rely on the framework permitted under the DPDP Act, 2023.
Lawyer to draft
Identify any hosting or processor outside India. Confirm transfers comply with notifications under DPDP §16.
12
Changes to this policy
We may update this Privacy Policy from time to time. Material changes will be reflected in the "Last updated" date at the top of this page.
13
Grievance officer
If you have a concern or complaint about how your personal data is being handled, please contact our Grievance Officer:
To fill
[Grievance Officer name — TODO] · [Designation — TODO] · [Email — TODO] · [Postal address — TODO]. We will acknowledge your complaint within the period prescribed by the DPDP Act and respond as soon as reasonably practicable.
14
Contact us
For any privacy-related questions, please reach us through the contact page.