Privue – Privacy Policy

Last updated: 17 September 2025

This Privacy Policy explains how NEXVUE TECHNOLOGIES PRIVATE LIMITED, doing business as Privue (“Privue,” “we,” “us,” or “our”) collects, uses, discloses, and protects personal data when you use our websites, web applications, APIs, and services that link to this Policy (collectively, the “Site”). It also describes your choices and rights.

If you do not agree with this Policy, please do not access or use the Site.

Who we are and how to contact us

  • Controller: For the Site and our proprietary datasets, Privue is the data controller.
  • Processor: For personal data we process on behalf of our customers under a data processing agreement (for example, customer-provided uploads or API inputs), Privue acts as a processor.
  • Contact: privacy@privue.ai | alt.f JMD Empire Square, MG Road, Gurugram – 122001, India
  • Grievance Officer (India): Saurabh Verma, saurabh@privue.ai

Scope

This Policy covers personal data we collect online through the Site and offline through sales, marketing, and support interactions. It does not apply to third-party websites or services that are linked from the Site.

Personal data we collect

Data you provide directly

  • Account and profile data (name, business email, phone, employer, job title, password, preferences).
  • Transaction and support data (orders, invoices, service usage questions, tickets, meeting notes).
  • Marketing interactions (event registrations, survey responses, newsletter sign-ups).

Data collected automatically

  • Device and usage data (IP address, device identifiers, browser type, pages viewed, time spent, referring/exit pages, crash logs).
  • Cookies and similar technologies (pixels, SDKs, beacons). See [Cookie Notice link].

Data from third parties and public sources

  • Public records and registries (for example, MCA filings, sanctions lists, gazettes).
  • Commercial data suppliers and licensed databases.
  • Open web sources where permitted by law.
  • Customer-provided datasets under contract.

Note: Our platform may include personal data about individuals associated with companies (for example, directors, key managerial personnel, ultimate beneficial owners, and professional contact details) that are sourced from public or licensed records.

How we use personal data (purposes)

We use personal data to:

  • Provide, operate, and secure the Site and services.
  • Curate, maintain, and improve our datasets and platform features.
  • Authenticate users, prevent fraud and abuse, and enforce terms.
  • Process orders, payments, and account administration.
  • Provide customer support and communicate about service updates.
  • Conduct analytics, quality assurance, and product development.
  • Send marketing communications with your consent or as otherwise permitted by law (you may opt out at any time).
  • Comply with legal obligations and respond to lawful requests.

Legal bases (where applicable)

Where required by law (for example, under the GDPR/UK GDPR), we rely on one or more of the following legal bases:

  • Consent
  • Contract
  • Legitimate interests (such as improving services, ensuring security, and providing business-to-business information)
  • Legal obligation
  • Vital/public interests where applicable

(See GDPR Art. 6 for lawful bases.)

Cookies and similar technologies

We use cookies, SDKs, and pixels to run the Site, measure engagement, remember preferences, and, where enabled, for advertising and retargeting. You can manage preferences through your browser settings and our Cookie Notice.

How we disclose personal data

We disclose personal data to:

  • Service providers (cloud hosting, security, analytics, email, payments, customer support) under contract.
  • Business partners and resellers that help deliver our services.
  • Professional advisers (auditors, lawyers) and authorities where required by law.
  • Corporate transactions (merger, acquisition, financing, or sale of assets).
  • Customers, when we act as a processor and disclose per their instructions.

We do not sell personal information. If we “share” personal information for cross-context behavioural advertising under certain laws (for example, CPRA), we will provide required opt-outs. (See Marketing section.)

International transfers

We operate globally. Where personal data is transferred internationally, we use appropriate safeguards required by law, such as contractual protections (for example, EU Standard Contractual Clauses or UK IDTA), and implement security measures commensurate with risk.

Data retention

We retain personal data for as long as necessary to fulfil the purposes described in this Policy, including to comply with legal, regulatory, accounting, or reporting requirements, resolve disputes, and enforce agreements.

Retention periods vary by dataset type and are determined using criteria such as the nature of the data, the risks involved, and applicable laws.

Security

We implement technical and organisational measures designed to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access.

No system can be guaranteed to be 100% secure. You are responsible for maintaining the secrecy of account credentials.

Your privacy rights

Your rights depend on your location and applicable law. Subject to limitations, you may have the right to access, correct, delete, restrict, or object to processing, and to data portability. You may withdraw consent where processing is based on consent.

India (Digital Personal Data Protection Act, 2023)

When and to the extent the DPDP Act and its rules are in force and applicable to your data, you may have rights to access, correct, erase, and grievance redressal, and to nominate a representative to exercise rights. We will honour such rights in accordance with the Act and implementing rules.

European Economic Area/UK (GDPR/UK GDPR)

You have rights including access, rectification, erasure, restriction, portability, and objection to processing based on legitimate interests, and the right to withdraw consent. You may lodge a complaint with your local supervisory authority.

California (CCPA/CPRA)

California residents have rights to know/access, delete, correct, opt-out of sale/share, limit use of sensitive personal information, and non-discrimination. We will verify requests and honour authorised agent submissions consistent with law.

Exercising your rights: Please submit a request to privacy@privue.ai. We may take steps to verify your identity. For India, you may contact our Grievance Officer. If your concern remains unresolved, you may escalate to the relevant authority.

Marketing, opt-outs, and “Do Not Sell or Share”

You can opt out of marketing emails at any time using the unsubscribe link or by contacting us.

If we engage in activities classified as “sharing” for cross-context behavioural advertising, we will provide a “Do Not Sell or Share My Personal Information” link and honour opt-out signals as required by law.

Children’s privacy

The Site is intended for business and professional use and is not directed to children. We do not knowingly collect personal data from children.

If you believe a child has provided personal data, please contact us to request deletion.

Automated decision-making and profiling

We may use analytics, scoring, and matching to organise and link records (for example, name matching across registries) to improve accuracy and user experience.

We do not make decisions with legal or similarly significant effects solely using automated processing without human involvement, unless permitted by law and with appropriate safeguards.

Third-party websites and services

The Site may link to third-party websites, plug-ins, and services. We do not control third-party privacy practices. Please review their policies.

Changes to this Policy

We may update this Policy from time to time. If we make material changes, we will post the updated Policy on the Site with a new “Last updated” date and, where appropriate, provide additional notice.

Region-specific disclosures (summaries)

  • EEA/UK: Privue acts as controller for Site data and certain datasets; for customer-provided data we act as processor under a DPA. Legal bases are described in Legal Bases section.
  • US – California: Disclosures about categories of personal information collected, purposes, sources, and disclosures are available on request or in [Your CPRA Notice at Collection link]. We do not provide financial incentives tied to the sale of personal information.
  • India: Our Grievance Officer contact is provided in Section “Who we are and how to contact us.” We will align our practices with the DPDP Act and its rules as they come into force, including timelines for responding to user requests.

Your choices

  • Cookies: Manage through browser settings and our Cookie Notice.
  • Marketing: Opt out via unsubscribe links or by contacting us.
  • Account: You may review and update certain information in your account settings.

Contact us

For questions about this Policy or our privacy practices, contact privacy@privue.ai.

  • India: Contact the Grievance Officer listed above.
  • EEA/UK: You may also contact your supervisory authority.