Home  /  Legal  /  Privacy

Privacy Policy

Last updated · May 16, 2026 Applies to · IN · USA · CA

01Our commitment

DashExpo is built on trust. We collect only what we need to deliver the service you asked for, store it securely, and never sell it. This policy explains exactly what we collect, why, and the controls you have.

We do not sell, rent, or share your personal information with advertisers. Ever.

02What we collect

Information you provide

  • Identity & contact — name, email, phone, country, billing address
  • Service details — description of the issue, device make/model, OS version
  • Payment — handled by our payment processors; we receive only the transaction confirmation, never your card number
  • Communications — messages, attachments, and notes you send us

Information collected automatically

  • Usage data — pages visited, links clicked, approximate location (city/region)
  • Device data — browser, operating system, IP address, screen size
  • Cookies — see our Cookie Policy

03How we use your information

  • To deliver the services you requested
  • To process payments and send invoices
  • To respond to your questions and provide ongoing support
  • To improve our services, website, and customer experience
  • To send important account or service notifications (transactional emails)
  • To comply with legal obligations and prevent fraud

We send marketing emails only if you have opted in. You can unsubscribe at any time using the link in any marketing message.

04Sharing & third parties

We share information only with trusted service providers who help us run our business, under strict contractual confidentiality:

  • Payment processors — Stripe, Razorpay, PayPal
  • Cloud infrastructure — AWS, Google Cloud (data hosted in your nearest region where possible)
  • Email & communication — Postmark, Twilio
  • Analytics — privacy-respecting analytics tools that do not track you across sites

We may also disclose information if required by law, court order, or to protect the safety and rights of any person.

05Remote sessions & on-device data

During a remote session, our specialist may temporarily see files, folders, and screen content on your device. We follow a strict policy:

  • We access only what is needed to complete the agreed scope
  • We do not copy personal files unless the task specifically requires it (e.g., data recovery)
  • Session recordings, if any, are deleted within 30 days unless retained for a dispute
  • You can end the session at any time

06Data retention

  • Account & service records — kept while your account is active and up to 7 years afterwards to meet tax and accounting requirements.
  • Support tickets & transcripts — kept for 24 months from resolution.
  • Marketing preferences — kept until you opt out or your account is closed.
  • Backups — encrypted, rotated, and fully purged within 90 days of source deletion.

07Security

We protect your data with:

  • TLS 1.2+ encryption in transit and AES-256 encryption at rest
  • Role-based access controls and 2FA for all internal team accounts
  • Vendor reviews and least-privilege architecture
  • Regular vulnerability scans and patching

No system is perfectly secure. We will notify affected users without undue delay if a breach materially affects their data, as required by law.

08Your rights

You may request to:

  • Access a copy of personal data we hold about you
  • Correct inaccurate information
  • Delete your data ("right to be forgotten"), subject to legal retention requirements
  • Restrict or object to certain processing
  • Port your data to another provider in a common format
  • Withdraw consent for marketing at any time

Email privacy@dashexpo.com to exercise any of these rights. We respond within 30 days.

09Regional notices

India (DPDP Act, 2023)

You may withdraw consent and request erasure through the Grievance Officer at privacy@dashexpo.com. We respond within 7 working days.

United States (CCPA / CPRA — California)

California residents may request disclosure of personal information categories collected, sold, or shared in the prior 12 months. We do not sell personal information.

Canada (PIPEDA)

You may file a complaint with the Office of the Privacy Commissioner of Canada if you believe your rights have been violated.

10Children's privacy

Our Services are not directed to children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us information, please contact us and we will delete it.

11Changes to this policy

We may update this policy as our services evolve. Material changes will be notified via email or a prominent notice on our website at least 14 days before they take effect.

12Contact

Data Protection Officer
DashExpo Technologies
Indiranagar, Bengaluru — India
Email: privacy@dashexpo.com