Effective Date: July 6, 2025
Website: www.innov8alpha.com

Welcome to Innov8alpha. Your privacy is of the utmost importance to us. This Privacy Policy describes how Innov8alpha (“we”, “us”, or “our”) collects, uses, shares, and protects your personal information when you visit our website, use our services, communicate with us, or otherwise engage with our business operations.

Please read this Policy carefully to understand our practices regarding your personal information. By using our website or services, you agree to the terms outlined herein.

1. About Innov8alpha

Innov8alpha is a digital-first company providing tailored business and technical solutions to startups, enterprises, agencies, and individuals. Our core offerings include:

  • WordPress Development: Custom theme and plugin development, optimization, CMS integrations.
  • Custom Development: Full-stack web applications, admin dashboards, APIs, and backend systems.
  • Shopify Development: Theme customization, Shopify apps, headless commerce, and eCommerce optimization.
  • App Development: Mobile and web apps (iOS, Android, PWA), built with performance and scale in mind.
  • Data Analysis: Business intelligence dashboards, data visualization, reporting, and predictive analytics.
  • Brand Innovation: Brand strategy, visual identity, UI/UX design, marketing collateral, and storytelling.

We are committed to providing innovative, secure, and scalable digital services while protecting your data.

2. Scope of this Policy

This Privacy Policy applies to all personal data processed by Innov8alpha when you:

  • Visit our website
  • Contact us via email or forms
  • Hire us for digital services
  • Participate in surveys or feedback requests
  • Download resources or subscribe to our newsletters
  • Use our apps, dashboards, or client platforms

It does not cover third-party websites or applications linked from our platforms. We are not responsible for their privacy practices and encourage you to read their privacy policies.

3. Information We Collect

We collect different categories of information depending on how you interact with us. The information we collect may include:

A. Personal Identifiers

  • Full name
  • Email address
  • Phone number
  • Company name
  • Country and job title

B. Account and Project Data

  • Login credentials (encrypted)
  • GitHub/GitLab/Figma access (when required for collaboration)
  • Shopify, WordPress, or App Store credentials (only when explicitly shared and consented)
  • Source code, database files, product content, API tokens, and configuration data (as part of your service engagement)

C. Billing and Financial Data

  • Billing address
  • Payment processor ID (Stripe, Razorpay, etc.)
  • GST/VAT number
  • Limited metadata about transactions (note: we do not store credit card details)

D. Device & Technical Information

  • IP address
  • Browser type and version
  • Operating system
  • Device model and screen resolution
  • Referrer URL
  • Session duration, clicks, and user interactions

E. Usage Analytics

  • Pages visited
  • Features used
  • Heatmaps and scroll tracking (via tools like Hotjar)
  • A/B testing results

F. Communication & Support Records

  • Emails, messages, and chats
  • Support tickets and notes
  • Call transcripts (if recorded)

G. Marketing Information

  • Newsletter subscriptions
  • Email open/click statistics
  • Web form interactions
  • Campaign engagement

We do not knowingly collect or process data from children under the age of 16. If we discover that we have collected personal data from a child, we will delete it immediately.

4. How We Use Your Information

We use the information we collect for the following purposes:

A. To Provide Our Services

  • Deliver websites, applications, dashboards, and development work
  • Access client servers, stores, and codebases as necessary
  • Implement requested features or integrations
  • Test, debug, and deploy projects

B. To Manage Client Relationships

  • Schedule meetings and consultations
  • Send project status reports, timelines, and updates
  • Issue invoices and payment reminders
  • Facilitate ongoing support and troubleshooting

C. To Improve Our Services

  • Analyze service usage patterns
  • Monitor website traffic
  • Conduct user experience research
  • Test new features and technologies

D. For Marketing & Communications

  • Send promotional emails, newsletters, and product updates
  • Announce new services, features, or offers
  • Send personalized content based on your preferences

E. For Legal and Compliance Reasons

  • Maintain proper tax and financial records
  • Respond to lawful data access requests
  • Protect our rights and prevent misuse or fraud
  • Comply with international data protection laws

5. Legal Basis for Processing

Depending on your region (e.g., EU/UK under GDPR), we process your personal data on the following legal bases:

  • Contractual necessity: To deliver services you have requested or signed an agreement for.
  • Legitimate interests: To improve our services, secure our systems, and market relevant offerings.
  • Consent: For email marketing, cookie tracking, or third-party integrations.
  • Legal obligation: To meet legal or regulatory requirements such as accounting or law enforcement requests.

You have the right to withdraw consent at any time without affecting the lawfulness of prior processing.

6. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Authenticate users
  • Store user preferences (like dark mode or language)
  • Monitor website traffic and behavior
  • Track email campaign effectiveness
  • Conduct retargeting via services like Google Ads or Meta Pixel

You can control cookie behavior via your browser settings or opt-out banners on our site. Essential cookies are required for proper site functioning and cannot be disabled.

7. Data Sharing and Disclosure

We do not sell or rent your personal data. However, we may share data with:

Recipient Purpose
Cloud providers (e.g., AWS, DigitalOcean) Hosting client projects and applications
Analytics tools (e.g., Google Analytics, Hotjar) Monitor usage and optimize experience
Payment processors (e.g., Stripe, Razorpay) Handle secure transactions
Project tools (e.g., GitHub, Notion, Figma) Collaborate and manage development tasks
Communication tools (e.g., Mailchimp, SendGrid) Send newsletters and transactional emails
Legal and tax professionals For compliance, audits, or disputes
Government authorities If legally compelled or for protection against fraud

All third parties are required to implement security controls and comply with data protection regulations through Data Processing Agreements (DPAs).

8. International Transfers

We operate globally and may transfer your data to servers located outside your country, including the United States, European Union, and India.

Where data is transferred internationally, we ensure adequate safeguards are in place, including:

  • Standard Contractual Clauses (SCCs)
  • UK Addendum for post-Brexit transfers
  • Data residency controls in select projects
  • Vendor compliance with ISO, SOC 2, or GDPR standards

9. Data Retention

We retain personal data only as long as necessary:

Data Type Retention Period
Client files & projects 5 years after project completion
Contact details Until you unsubscribe or request deletion
Invoices & financial records 8 years (per tax law)
Support communications 24 months
Analytics data Up to 36 months (aggregated and anonymized where possible)

Upon request, we can expedite deletion of specific information unless legally required to retain it.

10. Your Privacy Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate or incomplete information
  • Request deletion of your data (“right to be forgotten”)
  • Withdraw consent for processing
  • Object to processing based on legitimate interests
  • Request data portability
  • File a complaint with a regulatory authority

To exercise these rights, contact us at privacy@innov8alpha.com. We will respond within 30 days.

11. California & US State Privacy Notice (CCPA/CPRA)

If you are a California resident, you are entitled to:

  • Know what personal information we collect
  • Request deletion of personal data
  • Opt-out of the “sale” of personal data (we do not sell)
  • Request access to or correction of your personal data
  • Equal service and price, regardless of privacy choices

Requests may be submitted via email. We will verify your identity before processing your request.

12. Data Security

We take your data security seriously and implement the following measures:

  • HTTPS encryption (TLS 1.3) on all websites
  • AES-256 encryption of stored sensitive data
  • Role-based access control for internal systems
  • Daily backups and secure storage
  • Activity logging and real-time monitoring
  • Regular vulnerability assessments and code reviews
  • Incident response plan for data breaches (with 72-hour notice)

Despite best efforts, no system is 100% secure. We recommend clients also take precautions such as using strong passwords and enabling two-factor authentication.

13. Third-Party Links

Our website or communications may include links to third-party platforms (e.g., YouTube, Shopify App Store, GitHub). We are not responsible for their content, terms, or privacy policies. Please review those separately before sharing any information.

14. Changes to This Policy

We may update this Privacy Policy periodically to reflect legal, technical, or operational changes. You will be notified of significant updates via email or on our website homepage.

Last Updated: July 6, 2025
Previous Versions: Available upon request

15. Contact Us

If you have any questions or concerns regarding this Privacy Policy or your personal data, contact us at:

Innov8alpha – Privacy Office
📍 Sector 12, Dwarka, New Delhi, India
📧 Email: Innov8alpha@gmail.com
📞 Phone/WhatsApp: +91 7081834022
🔐 PGP key available upon request

We value your trust and are committed to protecting your digital journey with Innov8alpha.