Privacy Policy — anuplAi

Anuplai Put Ltd, together with its parents, subsidiaries, and affiliates (collectively, "Anuplai", "us", "we", or "our") respects your privacy and takes seriously the responsibility of protecting the personal information you provide to us. This Privacy Policy describes how we collect, use, disclose, and protect personal information we receive about individuals ("you" or "users") when you use our products and/or services ("Services") or visit our websites or online features (each a "Site").
This Privacy Policy applies regardless of whether you access our Sites and/or Services via a computer, mobile device, or any other device or endpoint.
For the purposes of applicable data protection law — including the EU General Data Protection Regulation ("GDPR"), the UK GDPR, and India's Digital Personal Data Protection Act, 2023 ("DPDPA") — Anuplai is the Data Controller (GDPR/UK GDPR) and Data Fiduciary (DPDPA) of the personal information we collect about you in connection with your use of our Sites and/or Services.
If you have any questions about this Privacy Policy or how we handle your personal information, please contact us at: contact@anuplai.com
1. HOW WE COLLECT PERSONAL INFORMATION
We may collect personal information when you visit our websites, contact us, register for an account, or use our products and services. Information may be collected:
Directly from you, when you provide it voluntarily
From third parties or publicly available sources
Automatically through technologies such as cookies, web beacons, log files, and similar tools
Through third-party analytics services that help us understand how users interact with our Services

Where our Services use location data, we may detect your general or precise location to help analyse how our Services are used. You can control location sharing through your browser and device settings.
2. TYPES OF INFORMATION COLLECTED
2.1 Personal Information
Personal Information means any information relating to an identified or identifiable natural person. This includes information that can directly identify you — such as your name, address, or phone number — and information that can indirectly identify you in combination with other data, such as an online identifier, location data, or identification number.
Examples of Personal Information we may collect include your name, mailing address, phone number, email address, business contact information, payment information, username and password, demographic information, and any other information meeting this definition.
2.2 Non-Personal Information
Non-Personal Information is any information that does not identify an individual and cannot be combined with other readily available information to identify one.
2.3 Device Information
Device Information refers to information automatically collected from devices you use when visiting our Sites, including IP address, device identifier, cookies, and log files. Device Information may constitute Personal Information where it can be combined with other data to identify an individual.
3. HOW WE USE AND SHARE YOUR INFORMATION
3.1 General Uses
We may use the information we collect for the following purposes:
To provide our Services and process and respond to your requests, enquiries, and form submissions
To process purchases made on our Sites, including disclosure to third-party payment processors as necessary
To improve the quality, performance, and delivery of our Sites and Services
To share with third-party service providers who assist with hosting, payment processing, analytics, marketing, and daily operations — we share only the minimum information necessary and require these providers to protect it by contract
To comply with applicable law, respond to legal process, or fulfil obligations to regulatory or government authorities
In emergency situations, to protect the vital interests of an individual
Where necessary for our legitimate business interests, to the extent not overridden by your rights and interests
In aggregated or de-identified form that cannot be traced to any individual
3.2 Sub-Processors
We currently engage the following third-party sub-processors in connection with the operation of our Services. All sub-processors listed below are based in the United States:
OpenAI — Powers AI-assisted form filling features within the Service. OpenAI processes data solely to complete the requested task and does not retain any personal data after the purpose is fulfilled.
Vercel — Provides database hosting and cloud infrastructure for the Service.
Cloudflare — Provides domain hosting and network security services.

If we engage any new sub-processors or make changes to existing arrangements, we will update this Privacy Policy and publish the updated version on our website. We will provide at least 30 days' notice of any material changes. For data transfers to sub-processors located in the United States, we rely on applicable lawful transfer mechanisms under GDPR, including Standard Contractual Clauses where required.
3.3 Legal Bases for Processing (EEA, UK, and Switzerland)
To the extent required by applicable law, the legal bases for processing your Personal Information include:
Consent — where you have given explicit consent for a specific purpose
Contract — where processing is necessary to perform a contract with you or take pre-contractual steps at your request
Legal obligation — where processing is necessary to comply with applicable law
Legitimate interests — where processing is necessary for our legitimate business interests, provided these are not overridden by your rights and freedoms
Vital interests — where processing is necessary to protect the life of an individual
Public task — where processing is necessary for a task carried out in the public interest
3.4 Direct Marketing
We may use Personal Information gathered from your use of our Sites and/or Services to send you direct marketing communications, where permitted by applicable law. You have the right to object to direct marketing at any time. To opt out, use the unsubscribe link in any of our communications or contact us at contact@anuplai.com. We will action your request promptly.
3.5 Cookies
Our website uses cookies and similar technologies to operate and improve our Services. The types of cookies we use are as follows:
Essential cookies — necessary for the website to function. These cannot be switched off. They are set in response to actions you take, such as logging in or setting privacy preferences.
Analytics cookies — help us understand how visitors use our website by counting visits and identifying traffic sources. All information collected is aggregated.
Functional cookies — enable enhanced functionality and personalisation, such as remembering your language preferences or login details.
Advertising/targeting cookies — used for targeted advertising and measuring campaign performance. These may be set by us or third-party providers.

Where required by applicable law, we will obtain your consent before placing non-essential cookies on your device. You can manage your cookie preferences through our cookie consent tool on the website, or by adjusting your browser settings. Please note that blocking essential cookies may prevent the website from functioning correctly.
3.6 Transfer of Assets
If Anuplai is acquired, merges with another entity, or transfers substantially all of its assets, your Personal Information may be transferred to the acquiring entity. We will take reasonable steps to ensure your privacy preferences are respected. In the event of insolvency or reorganisation proceedings, Personal Information may be treated as a business asset.
3.7 Other Disclosures
We reserve the right to disclose Personal Information where required by law or where we reasonably believe disclosure is necessary to: (a) comply with a legal obligation or legal process; (b) protect and defend the rights or property of Anuplai or our users; or (c) respond to an emergency involving the health or safety of any individual.
4. CHILDREN
Our Services are intended for businesses and adults aged 18 and over. We do not knowingly collect Personal Information from individuals under the age of 18. If you believe we have inadvertently collected information from a person under 18, please contact us immediately at contact@anuplai.com and we will take prompt steps to delete such information from our systems.
Note: Under India's DPDPA, the age threshold for children is 18. Under GDPR, it is 16 (with member states permitted to lower this to 13). Anuplai applies the higher threshold of 18 across all jurisdictions for consistency.
5. KEEPING YOUR INFORMATION SECURE
We implement technical, administrative, and physical security measures that we consider appropriate to protect your Personal Information against loss, misuse, unauthorised access, disclosure, alteration, and destruction. While we take these obligations seriously, no internet-based service can guarantee absolute security, and we cannot warrant the security of information transmitted to us online.
In the event of a personal data breach, we will act as follows:
Where required by GDPR (Art. 33), we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach.
Where the breach is likely to result in a high risk to your rights and freedoms, we will notify affected individuals directly without undue delay in accordance with GDPR (Art. 34).
Where required under India's DPDPA, we will notify the Data Protection Board of India as prescribed.
We will notify you at the email address associated with your account. Notification may be delayed where necessary to determine the scope of the breach or to comply with the legitimate requirements of law enforcement.
6. THIRD-PARTY LINKS
Our Services may contain links to third-party websites that we do not operate or control. We are not responsible for the privacy practices of any third-party website. We encourage you to review the privacy policy of any third-party site before submitting your Personal Information.
7. CORRESPONDENCE ABOUT YOUR INFORMATION
We will respond to requests relating to your Personal Information as soon as reasonably practicable and within the timeframes required by applicable law. Please note that fulfilling certain requests may affect our ability to provide you with some features or benefits of our Services.
8. YOUR PRIVACY RIGHTS
8.1 Rights Under GDPR (EEA, UK, and Switzerland)
If you are located in the European Economic Area, the United Kingdom, or Switzerland, you have the following rights in relation to your Personal Information:
Right of access — to obtain a copy of the Personal Information we hold about you
Right to rectification — to correct inaccurate or incomplete Personal Information
Right to erasure — to request deletion of your Personal Information in certain circumstances
Right to restriction — to request that we limit how we process your Personal Information
Right to object — to object to processing based on legitimate interests or for direct marketing
Right to data portability — to receive your Personal Information in a structured, machine-readable format
Rights related to automated decision-making — to request human review of decisions made solely by automated means

To exercise any of the above rights, please contact us at contact@anuplai.com. We will respond within one month of receiving your request, extendable to three months for complex or multiple requests. If we are unable to fulfil your request, we will explain why and advise you of your right to appeal or lodge a complaint with your local supervisory authority.
8.2 Rights Under India's DPDPA
If you are a Data Principal under India's Digital Personal Data Protection Act, 2023, you have the following rights:
Right to access information — to obtain a summary of the Personal Information we hold about you and how it has been processed
Right to correction and erasure — to correct inaccurate, incomplete, or outdated Personal Information, and to request erasure where the data is no longer necessary
Right to grievance redressal — to raise a complaint with us regarding our handling of your Personal Information
Right to nominate — to nominate another individual to exercise your rights on your behalf in the event of your death or incapacity

To exercise your rights under the DPDPA, please contact us at contact@anuplai.com. We will acknowledge and process your request within the timeframes prescribed by applicable law.
9. RETENTION OF PERSONAL DATA
We retain your Personal Information only for as long as is necessary to fulfil the purposes for which it was collected, including to provide our Services, comply with our legal obligations, resolve disputes, and enforce our agreements.
The appropriate retention period depends on the nature of the data and the purpose of processing. When Personal Information is no longer required, we will securely delete or anonymise it. For further information about our retention practices, please contact us at contact@anuplai.com.
10. HOW TO WITHDRAW CONSENT
Where we process your Personal Information on the basis of your consent, you may withdraw that consent at any time by contacting us at contact@anuplai.com. Withdrawal of consent will not affect the lawfulness of processing carried out before the withdrawal. Please note that withdrawing consent for certain types of processing may limit our ability to provide some features or services to you.
11. HOW TO FILE A COMPLAINT
If you have a concern about how we handle your Personal Information, please contact us first at contact@anuplai.com. We will investigate and respond to your complaint promptly.
If you are not satisfied with our response, you have the right to escalate your complaint to the relevant authority:
EEA users — your national Data Protection Authority (DPA)
UK users — the Information Commissioner's Office (ICO) at ico.org.uk
Indian users — the Data Protection Board of India, once fully operational under the DPDPA
12. INTERNATIONAL DATA TRANSFERS
Anuplai is based in India. Our sub-processors, including OpenAI, Vercel, and Cloudflare, are based in the United States. When we transfer personal data outside of India or the EEA, we ensure that appropriate safeguards are in place in accordance with applicable law, including:
Standard Contractual Clauses (SCCs) approved by the European Commission, for transfers from the EEA
Applicable mechanisms under India's DPDPA for cross-border transfers of data relating to Indian Data Principals

For further information about the safeguards we rely on for international transfers, please contact us at contact@anuplai.com.
13. MODIFICATIONS TO THIS PRIVACY POLICY
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by email or in-app notification at least 30 days before the changes take effect. The updated Privacy Policy will be posted on our website with a revised effective date.
Your continued use of our Services after the effective date of any changes constitutes your acceptance of the updated Privacy Policy. If you do not agree to the changes, you should stop using our Services and may contact us to request deletion of your Personal Information.
This Privacy Policy is the sole and authoritative statement of Anuplai's privacy practices in relation to our Services. No summary, verbal representation, or other version shall be valid unless reflected in an updated policy published on our website.
14. CONTACT US
For any questions, requests, or concerns relating to this Privacy Policy or our handling of your Personal Information, please contact us at:

Anuplai Put Ltd
Email: contact@anuplai.com
Website: [www.anuplai.com]

Anuplai Put Ltd | Privacy Policy v1.0 | Effective April 2026 | contact@anuplai.com

← Back to home