Privacy Policy

1.1 Information you provide directly

When you contact us, submit a form, book a discovery call, or use our services, we may collect: your name, email address, phone number, company name, job title, and any information you include in your message or inquiry.

1.2 Information collected automatically

When you visit our website, we may collect technical data such as your IP address, browser type, operating system, referring URLs, pages visited, and time spent on pages. This is collected via cookies and similar technologies.

1.3 Information from third parties

We may receive information about you from LinkedIn or other professional platforms if you connect with us through those channels.

We use the information we collect to: respond to your inquiries and service requests; deliver cybersecurity, data privacy, and AI governance consulting services; send service-related communications; improve our website and offerings; comply with legal obligations; and protect the security and integrity of our systems.

Legal basis (for GDPR purposes)

Where applicable, we process your personal data on the basis of: your consent; the performance of a contract; our legitimate interests in operating and improving our business; and compliance with legal obligations.

Rivedix does not sell your personal data. We do not share your information with third parties except: with service providers who assist us in operating our website and delivering services (bound by confidentiality obligations); when required by law, court order, or regulatory authority; to protect the rights, property, or safety of Rivedix, our clients, or the public; or in connection with a merger, acquisition, or sale of assets (in which case you will be notified).

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by applicable law. Contact and inquiry data is typically retained for 3 years from last contact. Client engagement data is retained for 7 years in line with professional record-keeping requirements.

Your rights are designed to give you autonomy over your digital information. Depending on your jurisdiction, you may have the following rights regarding your personal data:

Under DPDP (India)

• Right to Access: You can request a summary of your data, the processing purposes, and the identities of entities that have access to it.
• Right to Correction & Erasure: You can ask us to update inaccurate data or delete information that is no longer necessary.
• Right to Withdraw Consent: You can revoke your consent at any time.
• Right to Nominate: You can designate someone else to exercise your rights on your behalf in case of death or incapacity.
• Right to Grievance Redressal: You have the right to seek resolution for any privacy concerns.

Under GDPR (EU/UK)

Right to access, rectification, erasure, restriction of processing, data portability, and the right to object to processing. You also have the right to lodge a complaint with your local supervisory authority.

Under CCPA (California)

Right to know what personal information is collected, right to delete personal information, right to opt-out of sale (we do not sell data), and right to non-discrimination.

Exercising & Escalating Your Rights

To submit a data access, deletion, or correction request to Rivedix Technology Solutions, please reach out directly to our dedicated privacy team: Email: info@rivedix.com. We will review and respond to your verifiable requests within the legally mandated timeframe. If you are not satisfied with our resolution, you can escalate your concerns to the Data Protection Board of India.

We use cookies and similar technologies to operate our website, analyse usage, and improve your experience. You can control cookie settings through your browser. Note that disabling certain cookies may affect website functionality. We use a cookie consent mechanism to obtain your consent for non-essential cookies.

We implement appropriate technical and organizational security measures to protect personal data against unauthorized access, disclosure, alteration, and misuse. These safeguards are periodically reviewed and updated in line with industry best practices and applicable legal requirements.

As a cybersecurity firm, we hold ourselves to a high standard — including encryption in transit and at rest, strict access controls, and regular security reviews. However, no method of internet transmission is 100% secure.

Rivedix operates across India, USA, Europe, and Africa. Where we transfer personal data across borders, we ensure appropriate safeguards are in place in accordance with applicable law including Standard Contractual Clauses for EU transfers and equivalent mechanisms for other jurisdictions.

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. We will notify you of material changes by updating this page. We encourage you to review this policy periodically.

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact our Privacy team at: