Privacy Policy

1. Scope of This Policy

This Privacy Policy explains how Scalewidth Infrastructure Inc. ("Scalewidth", "we", "us", or "our") collects, uses, discloses, and protects your personal information when you visit our websites, use our cloud infrastructure, SaaS platforms, AI orchestration services, or interact with our enterprise offerings.

This policy applies to all Scalewidth-branded websites, services, and products. It applies to customers, website visitors, and end users accessing services through our enterprise customers. Our registered office is in New Delhi, India.

2. Information We Collect

Information You Provide

• Account Information: Name, email address, organization name, billing details, and phone number when you register for our services.
• Communications: Information you provide when contacting support, participating in surveys, or corresponding with our team.
• Service Data: Configuration files, deployment specifications, API usage patterns, and infrastructure settings you manage through our platform.

Information Collected Automatically

• Usage Data: IP addresses, browser type, device information, pages visited, access times, and referring URLs.
• System Logs: API request logs, performance metrics, error reports, and service interaction data necessary for platform operations.
• Cookies: As described in our Cookie Policy and Cookie Preferences page.

3. How We Use Your Information

We use collected information for the following purposes:

• Provision of Services: To operate, maintain, and improve our cloud infrastructure, AI platforms, and SaaS offerings.
• Account Management: To process registrations, manage subscriptions, handle billing, and provide customer support.
• Security Operations: To detect, prevent, and respond to security incidents, unauthorized access, and abuse of our platform.
• Compliance: To meet legal obligations under applicable data protection laws and to enforce our Terms of Service.
• Communications: To send service updates, security notices, product announcements, and marketing communications (with consent where required).
• Improvement: To analyze usage patterns and develop new features, optimizations, and enhanced service offerings.

Legal Basis (GDPR): We process personal data based on: (a) contract necessity for service delivery; (b) legitimate interests for security, analytics, and service improvement; (c) consent for marketing cookies and communications; and (d) legal obligations for regulatory compliance.

4. Data Sharing & Disclosure

Scalewidth does not sell your personal information. We may share data in the following circumstances:

• Service Providers: With trusted third-party vendors who assist in service delivery (cloud hosting providers, payment processors, analytics services) under strict data processing agreements.
• Legal Requirements: When required by law, court order, or government regulation, or to protect our rights, property, or safety.
• Business Transitions: In connection with a merger, acquisition, or sale of assets, with notice to affected users.
• Enterprise Customers: For end-user data processed on behalf of enterprise customers, we act as a data processor per applicable Data Processing Agreement.

5. Cookies & Tracking Technologies

We use cookies and similar technologies to enhance your experience, analyze platform usage, and provide secure authentication. You can manage your preferences on our Cookie Preferences page.

• Necessary Cookies: Required for platform operation and security. Cannot be disabled.
• Analytics Cookies: Help us understand how our services are used to improve performance and user experience.
• Functional Cookies: Remember your preferences, language, and regional settings.
• Marketing Cookies: Used only with explicit consent to deliver relevant content and measure campaign effectiveness.

See our Cookie Policy for detailed information about each cookie category.

6. Data Retention

We retain your personal information only as long as necessary to fulfill the purposes described in this policy or as required by law. Account information is retained for the duration of your account plus thirty (30) days following termination or request for deletion.

Usage logs and analytics data are retained for a maximum of twelve (12) months. Billing records are retained for seven (7) years to comply with tax and financial regulations. Anonymized, aggregated data may be retained indefinitely for analytical purposes.

7. Your Rights (GDPR & CCPA)

Depending on your jurisdiction, you may have the following rights:

• Right to Access: Request a copy of the personal data we hold about you.
• Right to Rectification: Request correction of inaccurate or incomplete data.
• Right to Deletion: Request deletion of your personal data, subject to legal retention requirements.
• Right to Portability: Request export of your data in a commonly used format.
• Right to Restrict Processing: Request limitation of data processing in certain circumstances.
• Right to Object: Object to processing based on legitimate interests or direct marketing.
• Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent.
• CCPA Rights: California residents have rights to know, delete, and opt out of sale of personal information. We do not sell personal information.

To exercise your rights, visit our Data Request Portal or contact us at privacy@scalewidth.com. We will respond within thirty (30) days.

8. Data Security

Scalewidth implements industry-standard security measures to protect your data, including:

• Encryption at rest using AES-256 and in transit using TLS 1.3
• Multi-factor authentication for all administrative access
• Regular security audits, penetration testing, and vulnerability assessments
• Access controls based on least-privilege principle
• 24/7 security monitoring and incident response procedures
• SOC 2 compliance with annual third-party audits

9. International Data Transfers

Your data may be processed in countries where Scalewidth or our service providers operate. When transferring data outside the European Economic Area (EEA) or India, we implement appropriate safeguards, including Standard Contractual Clauses (SCCs) approved by the European Commission.

Our data centers are located in India, United States, and the European Union. You may request details about transfer mechanisms by contacting our privacy team.

10. Children's Privacy

Scalewidth's services are enterprise-grade infrastructure platforms not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that a child under 18 has provided us with personal data, we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices, legal requirements, or operational needs. Material changes will be communicated via email to account holders and via prominent notice on our website at least fourteen (14) days before the changes take effect.

We encourage you to review this policy regularly. Your continued use of Scalewidth services after changes constitutes acceptance of the updated policy.

12. Contact & Data Protection Officer

For privacy-related inquiries, data subject requests, or complaints:

You have the right to lodge a complaint with your local data protection authority if you believe your rights have been violated.