Privacy Policy

bijnis.xyz is operated by SOT Labs ("we", "our", "us"). We provide website creation, Google Business Profile optimization, and local SEO services to Indian businesses. Our registered office is in India. For privacy-related queries, contact us at hello@sotlabs.net.

This Privacy Policy applies to all visitors and customers of https://bijnis.xyz and any related services we offer.

2.1 Information You Provide

• Contact details: Name, phone number, email address, and business name when you reach out via WhatsApp, web forms, or phone.
• Business information: Business address, category, operating hours, photos, and other details required to set up your website and Google Business Profile.
• Payment information: We do not store payment card details. Payments are processed by PCI-DSS-compliant third-party payment processors (Razorpay or similar). We only receive confirmation of payment status.
• Communications: Messages, feedback, and support requests you send us via WhatsApp, email, or other channels.

2.2 Information Collected Automatically

• Usage data: Pages visited, time spent on pages, referring URLs, browser type, and device type — collected via Google Analytics.
• IP address: Used for security, fraud prevention, and approximate geographic analytics.
• Cookies: We use essential cookies for website functionality and analytics cookies (Google Analytics) to understand how visitors use our site. You can disable analytics cookies via your browser settings.

We use the information we collect to:

• Provide and deliver the services you subscribe to (website creation, GBP setup, SEO).
• Communicate with you about your account, services, and support requests.
• Send you monthly performance reports and service updates.
• Process payments and maintain billing records as required by Indian law (GST compliance).
• Improve our website, services, and customer experience based on usage analytics.
• Comply with legal obligations under Indian law (IT Act 2000, GST Act, DPDPA 2023).
• Prevent fraud and ensure the security of our services.

We do not sell your personal information to third parties. We do not use your data for automated decision-making that significantly affects you.

Under India's Digital Personal Data Protection Act, 2023, we process your data on the following bases:

• Consent: When you contact us or sign up for our services, you consent to us processing your data as described here.
• Contractual necessity: Processing required to deliver the services you have subscribed to.
• Legal obligation: Where we are required to retain data for GST, tax, or other regulatory compliance.
• Legitimate interests: For analytics, security, and service improvement — balanced against your rights.

We share your data only in the following limited circumstances:

• Service providers: Trusted third-party vendors who help us operate our services (hosting, email, payment processing, analytics). They process data on our behalf under strict data processing agreements.
• Google: We use your business information to set up and manage your Google Business Profile. Google's own Privacy Policy governs how Google uses this data.
• Legal requirements: If required by Indian law, court order, or government authority.
• Business transfers: In the event of a merger or acquisition, your data may be transferred as part of business assets, subject to the same privacy protections.

• Active customers: We retain your data for the duration of your subscription plus 3 years for GST/tax compliance.
• Prospective customers: Contact details of prospects are retained for up to 12 months unless you ask us to delete them earlier.
• Analytics data: Aggregated, anonymised analytics data may be retained indefinitely.

Under the DPDPA 2023 and applicable Indian law, you have the right to:

• Access: Request a copy of the personal data we hold about you.
• Correction: Ask us to correct inaccurate or incomplete data.
• Erasure: Request deletion of your data where it is no longer necessary or you withdraw consent (subject to legal retention obligations).
• Portability: Receive your data in a machine-readable format.
• Withdraw consent: Where processing is based on consent, withdraw it at any time without affecting the lawfulness of prior processing.
• Grievance redressal: Lodge a complaint with our Grievance Officer or with India's Data Protection Board.

To exercise any right, email us at hello@sotlabs.net. We will respond within 30 days.

We use the following types of cookies:

• Essential cookies: Required for the website to function. Cannot be disabled.
• Analytics cookies: Google Analytics to understand site usage. You can opt out via Google's opt-out tool or your browser settings.

We do not use advertising or tracking cookies from third-party ad networks.

We implement industry-standard security measures including HTTPS encryption, access controls, and regular security reviews. While we take reasonable precautions, no transmission over the internet is 100% secure. We will notify you promptly if a data breach affects your personal information.

Our services are intended for business owners and are not directed at children under 18. We do not knowingly collect personal data from minors. If you believe a minor has submitted data to us, contact us at hello@sotlabs.net.

Our website may contain links to external sites (e.g., Google, WhatsApp). We are not responsible for the privacy practices of those sites. We encourage you to review their privacy policies.

We may update this Privacy Policy from time to time. Material changes will be communicated via email (if you are a subscriber) or a notice on our website. Continued use of our services after changes constitutes acceptance of the updated policy.

For privacy concerns or to exercise your rights, contact our Grievance Officer: