![Zan Services](data:image/svg+xml,<svg xmlns="http://www.w3.org/2000/svg" width="240" height="70" viewBox="0 0 240 70"><rect x="5" y="5" width="60" height="60" rx="8" fill="%231e40af" opacity="0.1"/><rect x="10" y="10" width="20" height="20" rx="4" fill="%23dc2626"/><path d="M 15 35 L 35 35 L 25 50 L 40 50" stroke="%231e40af" stroke-width="3" fill="none"/><text x="75" y="45" font-family="Arial, sans-serif" font-size="32" font-weight="900" fill="%231e293b" letter-spacing="-1">zan</text><text x="75" y="60" font-family="Arial, sans-serif" font-size="11" font-weight="600" fill="%2364748b" letter-spacing="2">SERVICES</text></svg>)
Privacy Policy
Effective Date: January 27, 2026
Zan Services ("we," "us," or "our"), headquartered in Kolkata, West Bengal, India, with a US presence through Zan Services LLC (EIN: 35-2955914) at 2108 N St Ste N, Sacramento, CA 95816, USA, is committed to protecting your privacy. This Privacy Policy describes how we collect, use, process, store, share, and protect your personal data when you visit our website zanservices.com, contact us, request quotes, engage our services (web development, mobile apps, blockchain/Web3, AI solutions, digital marketing), or interact with us in any way.
We act as a Data Fiduciary under India's Digital Personal Data Protection Act, 2023 (DPDP Act) for digital personal data we process. By using our website or services, you consent to the practices described here. If you do not agree, please do not use our website or provide us with any personal data.
1. Personal Data We Collect
We collect only the data necessary for the specified purposes (data minimization principle).
Personal Data You Provide Directly
- Contact details: name, email address, phone number, postal address.
- Professional/project details: company name, job title, industry, project requirements, specifications, or files you share for web/mobile/blockchain/AI development quotes or projects.
- Account data (if applicable): login credentials for client portals.
- Payment information: billing details (processed securely via third-party gateways; we do not store full card details).
- Other: feedback, survey responses, or communications.
Automatically Collected Data
- Technical/usage data: IP address, browser type/version, device information, operating system, pages visited, time/date of access, referral sources, and interactions.
- Cookies & tracking: See our Cookie Policy section below.
We do not knowingly collect sensitive personal data (e.g., health, financial beyond payment processing, biometric) unless explicitly required for a service you request and with your consent.
2. How We Collect Personal Data
- Directly from you: contact forms, quote requests, emails, calls, project discussions.
- Automatically: cookies, server logs, analytics tools (e.g., Google Analytics).
- From third parties: rarely, e.g., analytics providers or business referrals (with safeguards).
3. Purposes of Processing & Lawful Basis
We process personal data only for specified, legitimate purposes and retain it no longer than necessary:
- Respond to inquiries, provide quotes, and deliver services (web/mobile apps, blockchain/Web3, AI, digital marketing).
- Manage client projects, including development, testing, deployment, and support.
- Communicate updates, newsletters, service information, or marketing (you can opt out anytime).
- Improve our website, services, and user experience.
- Billing, payments, and internal administration.
- Comply with legal obligations, prevent fraud, enforce agreements, or protect rights/safety.
- Legitimate interests (where applicable and balanced with your rights) or your consent.
Under the DPDP Act, processing is based on your consent or legitimate uses (e.g., contract performance, legal compliance).
4. Sharing & Disclosure of Personal Data
We do not sell your personal data. Sharing is limited to:
- Service providers/vendors: hosting, cloud (e.g., AWS), payment processors, analytics tools — bound by strict confidentiality and purpose-limited agreements.
- Business partners: only for joint projects with your consent.
- Legal requirements: courts, regulators, or authorities if required by Indian law or to protect rights.
- Business transfers: mergers, acquisitions (with notice where feasible).
- With your explicit consent: for any other purpose.
5. International Data Transfers
As an India-based company, we may transfer data to service providers outside India (e.g., cloud servers in the US/EU). We ensure appropriate safeguards (e.g., contractual clauses) to maintain protection levels consistent with the DPDP Act and this policy.
6. Data Security
We implement reasonable technical, organizational, and physical safeguards (encryption, access controls, firewalls, regular audits) to protect against unauthorized access, loss, or misuse. However, no system is 100% secure. In case of a breach affecting your data, we will notify you and authorities as required by law.
7. Data Retention
We retain personal data only as long as necessary for the purpose, legal obligations, or dispute resolution — typically project duration + support period (e.g., 3 months post-launch) or longer if required by law. After that, we securely delete or anonymize it.
8. Your Rights as Data Principal
Under the DPDP Act and other applicable laws, you have the right to:
- Access, correct, or update your data.
- Withdraw consent (where processing is consent-based).
- Request erasure/deletion (subject to legal exceptions).
- Nominate a consent manager (if applicable).
- File a grievance/complaint with us or the Data Protection Board of India.
To exercise rights, contact us (details below). We respond within statutory timelines (usually 30 days or as prescribed).
9. Cookie Policy
We use cookies and similar technologies for functionality, analytics, and performance. Essential cookies are necessary for site operation; others require consent. You can manage your cookie preferences via your browser settings. We use the following tracking technologies:
- Google Analytics / Google Ads (gtag.js): for website analytics and advertising conversion tracking.
- Meta Pixel (Facebook): for advertising performance and audience insights.
These tools may collect data such as pages visited, time on site, and interactions. You can opt out via browser settings or third-party opt-out tools.
10. Children's Privacy
Our services are not directed at children under 18. We do not knowingly process data of children without verifiable parental/guardian consent as required by law.
11. Third-Party Links & Services
Our site may link to third-party websites/tools. We are not responsible for their privacy practices — review them separately.
12. Changes to This Privacy Policy
We may update this policy to reflect changes in practices, services, or law. Changes are posted here with a new effective date. Material changes will be notified via website notice or email (where appropriate). Continued use after changes means acceptance.
13. Contact & Grievance Redressal
For privacy queries, rights requests, or complaints, contact us with "Privacy Query" in the subject:
Grievance Officer / Contact Person
Zan Services
Governing Law: This policy is governed by the laws of India, including the Digital Personal Data Protection Act, 2023.