Privacy Policy

We collect information you provide directly and information generated through your use of our platform:

• To provide, operate, and improve the SAIPIO platform and services
• To process payments and manage your subscription or bookings
• To communicate with you about your account, bookings, and updates
• To send transactional emails (booking confirmations, welcome emails) via Brevo
• To analyse usage patterns and improve user experience
• To comply with legal obligations and enforce our Terms of Service
• To respond to your queries, support requests, and refund claims
• To protect the security and integrity of the platform

We do not sell your personal data. We share information only in the following circumstances:

• Service Providers: Razorpay (payments), Brevo (transactional emails), Render (hosting infrastructure) — bound by data processing agreements
• B2B Supervisors: Employee data within an organisation is visible to the designated Supervisor of that organisation only
• Legal Compliance: When required by law, court order, or governmental authority
• Business Transfers: In the event of a merger, acquisition, or asset sale, your data may be transferred with prior notice
• With your explicit consent for any other purpose

• Account data is retained for the duration of your account and up to 2 years after deletion
• Payment records are retained for 7 years as required by Indian financial regulations
• Survey and diagnostic submissions are retained for 3 years
• B2B problem statements are retained for the duration of the subscription + 1 year
• You may request deletion of your personal data by contacting pmo@saipio.com

We implement industry-standard security measures including:

• All passwords are hashed using bcrypt (min 12 rounds) — we never store plaintext passwords
• JWT-based authentication with HTTP-only secure cookies
• HTTPS enforced across all pages and API endpoints
• PostgreSQL database hosted on Render with SSL-encrypted connections
• Role-based access control ensuring users only access their own data
• Regular security reviews and dependency updates

Despite these measures, no method of transmission over the internet is 100% secure. We encourage you to use strong, unique passwords.

You have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you
• Correction: Request correction of inaccurate or incomplete data
• Deletion: Request deletion of your personal data (subject to legal retention requirements)
• Portability: Request your data in a machine-readable format
• Opt-out: Unsubscribe from marketing communications at any time
• Complaint: Lodge a complaint with the relevant data protection authority

To exercise these rights, email us at pmo@saipio.com. We will respond within 30 days.

We use the following types of cookies:

• Essential cookies: Required for authentication and session management (cannot be disabled)
• Analytics cookies: Used to understand platform usage and improve features
• Preference cookies: Store your display and notification preferences

You can control non-essential cookies through your browser settings. Note that disabling certain cookies may affect platform functionality.

Our platform may contain links to external websites (e.g., gcode.in, capsinfra.com). We are not responsible for the privacy practices of these sites. We encourage you to review their privacy policies before providing any personal information.

SAIPIO is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from minors. If you believe a minor has submitted data to us, contact us immediately at pmo@saipio.com and we will delete it promptly.

We may update this Privacy Policy periodically. We will notify you of significant changes via email and update the "Last Updated" date above. Continued use of the platform after changes constitutes acceptance of the updated policy.

For any privacy-related questions, requests, or concerns: