Privacy Policy / Notice
Effective Date: 10 April 2026
Effective Date: 10 April 2026
Audilytics Solutions Private Limited ("Audilytics", "we", "us") operates the website https://www.audilyticssolutions.com and provides a Governance, Risk, and Compliance (GRC) SaaS and License platform to clients across regulated sectors, including but not limited to Banking, Financial Services, Insurance (BFSI), Securities, and other entities subject to statutory data protection obligations.
This notice is structured to clearly distinguish between:
Applies to data we collect directly from you (e.g., website visitors, sales/demo inquiries, marketing interactions).
Applies to data uploaded by our Clients into the platform. The Client (the Regulated Entity) is the Data Fiduciary / Business / Controller. Audilytics acts strictly as a Processor / Service Provider on their behalf.
This notice is designed to comply with:
When you interact with https://www.audilyticssolutions.com or our representatives, we collect:
Under the CCPA/CPRA, we disclose the following categories of personal information collected about California residents in the preceding 12 months:
| Category | Examples | Collected | Disclosed | Sold/Shared |
|---|---|---|---|---|
| Identifiers | Name, email address, IP address, business contact details, Job title / designation, organization name | Yes | Yes | No |
| Commercial Info | Records of products/services inquired about or purchased | Yes | Yes | No |
| Internet Activity | Device Information, Browser Type, Browsing history, interaction with our website logs | Yes | Yes | No |
| Geolocation | Approximate location derived from IP address | Yes | Yes | No |
| Professional Info | Job title / designation, organization name, industry | Yes | Yes | No |
| Sensitive Info | Financial account credentials (if provided) | No | No | No |
We do not sell or share personal information as defined under the CCPA/CPRA, nor do we use sensitive personal information for purposes other than those permitted by law.
We process this limited data based on:
You have the following rights regarding the data we hold as a Fiduciary / Business:
| Right | DPDP | GDPR | CCPA/CPRA |
|---|---|---|---|
| Right to Know / Access | Yes | Yes | Yes |
| Right to Correction | Yes | Yes | Yes |
| Right to Deletion / Erasure | Yes | Yes | Yes |
| Right to Data Portability | No | Yes | Yes (limited) |
| Right to Opt-Out of Sale/Sharing | No | No | Yes |
| Right to Limit Use of Sensitive PI | No | No | Yes |
| Right to Withdraw Consent | Yes | Yes | N/A |
| Right to Non-Discrimination | No | No | Yes |
To exercise these rights, contact the Grievance Officer identified in Section 12.
You may request, up to twice in a 12-month period, details about the categories and specific pieces of personal information we have collected about you.
You may request deletion of personal information we have collected, subject to certain exceptions.
You may request correction of inaccurate personal information.
We do not sell or share personal information; however, you may still submit an opt-out preference signal.
We do not use sensitive personal information for purposes requiring a "Limit the Use" link.
We will not discriminate against you for exercising any CCPA rights.
California residents may designate an authorized agent to submit requests on their behalf. We may require the agent to provide proof of written authorization and verify their identity directly with us, unless the agent holds a valid power of attorney.
When a Client (e.g., a Bank, Insurance Company, NBFC, MFI or other Regulated Entity) uses the Audilytics platform to process information related to Audit, Risk, Events, Governance, Compliance, Operational Risk, Incident, or Fraud Management:
We do not control the purpose or means of processing Client data. We act exclusively on the documented instructions of the Client as outlined in our governing Proposals or Contract or Agreements.
We will never sell or share Client personal information as defined under the CCPA/CPRA.
We will never use Client data for our own business purposes, product improvement analytics (unless anonymized and aggregated), or marketing.
We process Client data solely for the specific business purposes outlined in our written Proposals or Contract or Agreement with the Client.
We maintain robust technical and organizational measures appropriate to the sensitivity of data handled by regulated entities.
We will provide reasonable assistance to Clients in fulfilling their statutory obligations regarding data subject requests and breach notifications, including CCPA consumer rights requests.
We enter into written Proposals or Contracts or Agreements with all Clients that comply with the requirements of the CCPA/CPRA for service providers, including prohibitions on selling or sharing personal information and combining data across sources.
We recognize that regulated entities are subject to specific data localization and residency mandates.
Audilytics ensures that Client data is hosted and processed within the geographic region agreed upon contractually (e.g., India for Indian Regulated Entities, EEA for EU-based Regulated Entities, United States for US-based Regulated Entities).
Where global support necessitates a cross-border transfer, Audilytics relies on legally approved transfer mechanisms such as EU Standard Contractual Clauses (SCCs) and implements supplementary safeguards to ensure compliance with applicable law.
If you are an end-user, employee, or customer of an Audilytics Client and have questions about your personal data, you must contact that Client directly. Audilytics is contractually prohibited from responding directly to individual data subjects regarding Client-owned data. If we receive a request intended for a Client, we will promptly forward it to the Client and provide reasonable assistance in responding.
For queries regarding Audilytics' direct data collection (Part A) or this Privacy Notice:
Email: info@audilyticssolutions.com
Website: https://www.audilyticssolutions.com
Address: I - 603, AMBER HEIGHTS, B-CABIN ROAD, AMBERNATH EAST, THANE -421501, INDIA
Our Services are not directed at individuals under the age of 18 (or under 16 for CCPA purposes regarding opt-in consent for sale/sharing). We do not knowingly collect children's data as a Fiduciary / Business. Clients are responsible for ensuring compliance with applicable laws regarding the processing of children's data within their own systems.
We may update this Notice to reflect changes in law, technology, or our business operations. The latest version will always be available on our website. Material changes will be communicated to registered users via email.
Pursuant to California law, the following metrics reflect requests received from California residents during the preceding calendar year regarding data for which Audilytics acts as a Business (Part A only):
| Request Type | Received | Complied With | Denied | Average Response Time |
|---|---|---|---|---|
| Requests to Know | To be updated annually | — | — | — |
| Requests to Delete | To be updated annually | — | — | — |
| Requests to Opt-Out | To be updated annually | — | — | — |
Metrics will be updated annually. Requests directed to our Clients (Part B) are not included herein.
Disclaimer: This Privacy Notice provides a general overview of our data protection practices. It does not replace or supersede the specific Data Processing Agreement (DPA) executed between Audilytics and its Clients. Clients retain sole responsibility for securing and configuring their instance of the platform in compliance with their specific regulatory environment. Audilytics does not determine whether a Client meets CCPA applicability thresholds; Clients are responsible for assessing their own compliance obligations.