Privacy Policy
Last updated: 15-05-2026
1. Introduction
reve8 Software Pvt. Ltd. ('reve8', 'we', 'us', or 'our'), a company registered in India and operating from Visakhapatnam, Andhra Pradesh, is committed to protecting your personal data. This Privacy Policy is published in compliance with the Information Technology Act, 2000 ('IT Act'), the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 ('SPDI Rules'), and other applicable Indian laws. By accessing or using our website (reve8.com) or services, you consent to the collection, use, and processing of your personal data as described herein.
2. Legal Basis and Applicability
This policy applies to all users located in India and globally who interact with our website or services. Our data processing practices are governed by the IT Act 2000, the SPDI Rules 2011, and, where applicable, the Digital Personal Data Protection Act, 2023 ('DPDPA 2023'). We act as a 'Data Fiduciary' as defined under the DPDPA 2023, responsible for determining the purpose and means of processing your personal data.
3. Information We Collect
We collect (a) Personal Information: name, email address, phone number, and company name provided through contact forms or service inquiries; (b) Sensitive Personal Data or Information (SPDI) as defined under Rule 3 of the SPDI Rules, including financial information if provided for billing, only with your explicit written consent; (c) Technical Data: IP address, browser type, device identifiers, pages visited, and time spent, collected automatically via cookies and analytics tools; (d) Communications: messages, emails, or other correspondence you send us. We do not collect data from minors under 18 years of age without verifiable parental consent, in line with DPDPA 2023 provisions.
4. Purpose of Collection and Use
As required under Rule 5(3) of the SPDI Rules, we collect information only for a lawful purpose connected to our business functions. Your data is used to: respond to inquiries and provide requested services; deliver, maintain, and improve our software development and AI automation services; send service-related communications and updates (with your consent for marketing); comply with legal obligations under Indian law; prevent fraud and ensure the security of our systems; and analyse usage patterns to improve our website. We will not use your personal data for any purpose other than those specified at the time of collection without obtaining fresh consent.
5. Sensitive Personal Data or Information (SPDI)
Under Rule 3 of the SPDI Rules 2011, certain categories of data are treated with heightened protection, including passwords, financial information, health data, biometric data, and sexual orientation. We collect SPDI only when strictly necessary for service delivery, only with your prior written consent, and never share SPDI with third parties without your explicit consent, except as required by law or court order. You have the right to withdraw consent for SPDI processing at any time by writing to privacy@reve8.com.
6. Data Sharing and Disclosure
We do not sell, rent, or trade your personal information. We may share data with: (a) Service providers and technology partners who assist in delivering our services, bound by confidentiality agreements consistent with SPDI Rules; (b) Government authorities or law enforcement agencies when required by a court order, subpoena, or applicable Indian law (including Section 69 of the IT Act); (c) Successor entities in the event of a merger, acquisition, or business restructuring, in which case you will be notified. Any third-party sharing is governed by contractual obligations to maintain equivalent data protection standards.
7. Data Retention
We retain personal data only for as long as necessary to fulfil the purposes outlined in this policy, or as required by applicable Indian law. Contact form data is retained for a maximum of 3 years from the date of collection. Financial records are retained for 7 years in compliance with Indian accounting standards and the Companies Act 2013. Upon expiry of the retention period, data is securely deleted or anonymised.
8. Data Security
In accordance with Rule 8 of the SPDI Rules 2011, we have implemented reasonable security practices and procedures commensurate with the nature of data handled. These include encryption of data in transit (TLS/SSL), access controls and role-based permissions, regular security assessments, and incident response procedures. In the event of a data breach affecting your SPDI, we will notify you and the relevant authorities as required under applicable law. However, no transmission over the internet is entirely secure, and we cannot guarantee absolute security.
9. Your Rights
Under the SPDI Rules and the DPDPA 2023, you have the right to: (a) Access and review the personal data we hold about you; (b) Correct inaccurate or incomplete personal data; (c) Withdraw consent for processing at any time (this will not affect lawfulness of prior processing); (d) Request deletion of your personal data, subject to our legal retention obligations; (e) Grievance redressal — you may raise a complaint with our Grievance Officer. To exercise any of these rights, please write to privacy@reve8.com. We will respond within 30 days of receiving a verifiable request, in accordance with the SPDI Rules.
10. Grievance Officer
As required under Rule 5(9) of the SPDI Rules and Section 20 of the IT Act, we have designated a Grievance Officer to address any concerns regarding this Privacy Policy or data processing: Name: Raghava Alajangi, reve8 Software Pvt. Ltd., Srinivasa Arcade, Madhurawada, Visakhapatnam – 530041, Andhra Pradesh, India. Email: privacy@reve8.com. Phone: +91 8919279550. Any grievance shall be addressed within one month of receipt.
11. Cross-Border Data Transfers
Where data is transferred outside India (e.g., to cloud infrastructure providers), we ensure adequate data protection safeguards are in place through contractual protections consistent with the SPDI Rules. We will not transfer SPDI to a jurisdiction that does not maintain equivalent data protection standards without your explicit consent.
12. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in applicable law or our practices. The updated policy will be published on this page with a revised effective date. Material changes will be notified to you via email or a prominent notice on our website. Continued use of our services after such changes constitutes your acceptance of the revised policy.
13. Contact Us
For any questions, concerns, or requests relating to this Privacy Policy, please contact: reve8 Software Pvt. Ltd., Srinivasa Arcade, Madhurawada, Visakhapatnam – 530041, Andhra Pradesh, India. Email: privacy@reve8.com. Phone: +91 8919279550.