Privacy Policy
Privacy Policy — Splashgain
Effective Date: March 24, 2026
Last Updated: March 24, 2026
1. Introduction
Splashgain Technologies Private Limited (“Splashgain”, “we”, “our”, or “us”) operates the website www.splashgain.com and provides B2B SaaS-based marketing and sales intelligence services (“Services”).
This Privacy Policy explains how we collect, use, store, share, and protect your personal data when you visit our website, use a free trial, or subscribe to our Services. It also describes your rights and how to exercise them.
This Policy applies to:
- Business clients and their authorized users accessing the Splashgain platform
- Individual users accessing free tools or free trial offerings
- Visitors to our website
By accessing our website or using our Services, you acknowledge that you have read and agree to this Privacy Policy. If you do not agree, please discontinue use of our Services.
2. Who We Are
Data Fiduciary / Data Controller:
Splashgain Technologies Private Limited
Survey Number 101, 1, Office No. C2-501/502, Saudamini Complex,
Kothrud, Pune, Maharashtra 411038, India
Website: www.splashgain.com
Grievance Officer
(As required under the Information Technology Act, 2000 and the Digital Personal Data Protection Act, 2023)
| Name | Swapnil Dharmadhikari |
|---|---|
| grievance@splashgain.com | |
| Response Time | Within 30 days of receipt of complaint |
For users in the European Economic Area (EEA) or United Kingdom, Splashgain acts as a Data Controller under the General Data Protection Regulation (GDPR).
3. Data We Collect
3.1 Information You Provide Directly
| Data Type | Examples | Purpose |
|---|---|---|
| Account / Registration Data | Name, email address, phone number, job title | Account creation, authentication, communications |
| Business Information | Company name, company size, industry, GSTIN | Invoicing, onboarding, service delivery, tax compliance |
| Billing & Invoice Data | Billing address, bank transfer records, invoice history | Payment processing, accounting, legal compliance |
| Support Communications | Emails, chat messages, support tickets | Customer support, service improvement |
| User-Uploaded Content | Data, files, or documents uploaded to the platform | Processing as part of Service delivery |
Payment Data Note: Splashgain uses invoice-based bank transfer payments exclusively. We do not collect, store, or process credit card, debit card, or UPI details. Invoice and billing records are retained only for legal and tax compliance purposes.
3.2 Information Collected Automatically
| Data Type | Examples | Purpose |
|---|---|---|
| Log Data | IP address, browser type, operating system, pages visited, timestamps | Security monitoring, debugging, analytics |
| Device Data | Device type, screen resolution, browser language | Product optimization, UI improvements |
| Usage Data | Feature usage patterns, session duration, API call logs | Platform analytics, usage-based billing (tokens), fraud prevention |
| Cookies & Trackers | Session cookies, analytics cookies, preference cookies | See Section 6 (Cookies) |
3.3 Information from Third Parties
We may receive limited data from:
- CRM or sales tool integrations you authorize within the platform
- Business verification services (e.g., company name and GSTIN validation)
- Analytics and marketing partners (aggregated and anonymized form only)
4. How We Use Your Data
| Purpose | Legal Basis (GDPR) | Legal Basis (DPDPA 2023) |
|---|---|---|
| Providing and operating the Services | Contract performance | Consent / Legitimate use |
| Account management and authentication | Contract performance | Consent |
| Billing, invoicing, and tax compliance | Contract / Legal obligation | Legal obligation |
| Customer support and communications | Contract performance | Consent / Legitimate use |
| Platform improvement and analytics | Legitimate interests | Legitimate use |
| Security monitoring and fraud prevention | Legitimate interests / Legal obligation | Legitimate use |
| Product and feature announcements | Legitimate interests (B2B) / Consent (B2C) | Consent |
| Marketing communications and newsletters | Consent | Consent |
| Compliance with applicable laws | Legal obligation | Legal obligation |
AI/ML Clarification: Your personal data and uploaded content are not used to train or improve any artificial intelligence or machine learning models. All data processed through the platform is used solely for delivering the Services to you.
5. Data Sharing and Disclosure
We do not sell your personal data. We share data only under the following limited circumstances:
5.1 Service Providers (Data Processors)
We engage trusted third-party vendors to support our operations. All processors are bound by contractual data processing agreements requiring them to protect your data and process it only on our instructions.
| Category | Examples |
|---|---|
| Cloud infrastructure and hosting | AWS, Azure, Google Cloud |
| Website and product analytics | Google Analytics |
| Email and transactional communications | Email delivery providers |
| Customer relationship and support tools | CRM, helpdesk platforms |
| Accounting and invoicing | Billing and finance software |
5.2 Business Integrations Authorized by You
If you connect third-party integrations (such as CRM or marketing tools) within the platform, data is shared as instructed by you. You control and can revoke these authorizations at any time from your account settings.
5.3 Legal Requirements
We may disclose your personal data when required by applicable law, including:
- Court orders, warrants, or lawful government/regulatory authority requests
- Protecting the legal rights or property of Splashgain
- Investigating or preventing fraud or illegal activity
5.4 Business Transfers
In the event of a merger, acquisition, reorganization, or sale of all or part of our assets, your data may be transferred to the successor entity. We will notify affected users before data becomes subject to a materially different privacy policy.
5.5 Aggregated and Anonymized Data
We may share aggregated, anonymized statistical information (e.g., overall platform usage trends, industry benchmarks) with third parties or for marketing purposes. This data cannot be used to identify you individually.
6. Cookies and Tracking Technologies
Cookie Categories
| Category | Description | Opt-Out |
|---|---|---|
| Essential / Strictly Necessary | Login sessions, security tokens, CSRF protection, load balancing | Not possible — required for the platform to function |
| Analytics | Usage patterns, page views, session data (e.g., Google Analytics) | Yes — via Cookie Consent Manager |
| Functional / Preference | Saved preferences, language settings, UI customizations | Yes — via Cookie Consent Manager |
| Marketing / Targeting | Retargeting pixels, ad performance tracking, conversion tracking | Yes — via Cookie Consent Manager |
Managing Your Cookie Preferences
- Cookie Consent Manager: Accessible via the cookie banner on your first visit or through the “Cookie Settings” link in our website footer.
- Browser Settings: You can refuse or delete cookies via your browser’s Privacy or Security settings. Note that disabling Essential cookies will impair platform functionality.
- Google Analytics Opt-Out: Install the Google Analytics Opt-out Browser Add-on to prevent data collection by Google Analytics across all websites.
7. Data Retention
We retain personal data only for as long as necessary to fulfil the purposes described in this Policy and to comply with legal obligations.
| Data Category | Retention Period |
|---|---|
| Account and profile data | Duration of active account + 3 years after account closure |
| Billing and invoice records | 7 years (requirement under Income Tax Act, 1961 and GST law) |
| Platform usage and server logs | 90 days rolling |
| Support and communication records | 2 years after resolution |
| Marketing consent records | Until consent is withdrawn, plus 1 year |
| Cookies | Per type: session cookies expire at end of session; persistent cookies up to 2 years |
| User-uploaded content | Deleted within 30 days of account termination unless retention is legally required |
Upon expiry, data is securely deleted or irreversibly anonymized.
8. Your Rights as a Data Subject
8.1 Rights Under India’s Digital Personal Data Protection Act (DPDPA), 2023
As a Data Principal (individual whose data we process), you have the following rights:
| Right | Description |
|---|---|
| Right to Access | Know what personal data we hold about you and how it is being used |
| Right to Correction and Completeness | Request correction of inaccurate or incomplete personal data |
| Right to Erasure | Request deletion of your personal data, subject to our legal retention obligations |
| Right to Grievance Redressal | Lodge a complaint with our Grievance Officer and receive a response within 30 days |
| Right to Nominate | Nominate another individual to exercise your data rights on your behalf |
8.2 Additional Rights for EEA / UK Users (GDPR / UK GDPR)
| Right | Description |
|---|---|
| Right to Data Portability | Receive your personal data in a structured, commonly used, machine-readable format |
| Right to Object | Object to processing based on legitimate interests |
| Right to Restrict Processing | Request restriction of how we use your data in certain circumstances |
| Right to Withdraw Consent | Withdraw marketing consent at any time without affecting prior processing |
| Right to Lodge a Complaint | File a complaint with your national Data Protection Authority (e.g., the ICO for UK users) |
8.3 How to Exercise Your Rights
Email us at grievance@splashgain.com with the subject line “Data Rights Request” and include:
- Your name and registered email address
- The right you wish to exercise
- Any relevant details
We will acknowledge your request within 3 business days and respond fully within 30 days. We may need to verify your identity before processing the request.
9. International Data Transfers
Splashgain is headquartered in India. Approximately 90% of our users are based in India. For international users, your data may be processed in India or by cloud infrastructure providers in other jurisdictions (including the EU, USA, or Singapore).
When transferring data outside of India or the EEA, we ensure appropriate safeguards are in place:
- For EU/EEA users: Standard Contractual Clauses (SCCs) as approved by the European Commission
- For all international transfers: Contractual protections with service providers ensuring equivalent data protection standards
- Ongoing compliance: We monitor changes to data transfer regulations (including DPDPA cross-border transfer rules as they are notified) and update our practices accordingly
10. Data Security
Splashgain implements appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction.
Our security measures include:
- Encryption: Data encrypted in transit via TLS/HTTPS and at rest using industry-standard encryption
- Access Controls: Role-based access controls restricting data access to authorized personnel only
- Security Audits: Regular vulnerability assessments and security reviews
- Infrastructure Security: Hosting on secure, certified cloud infrastructure with physical access controls
- Employee Controls: Confidentiality agreements, access restrictions, and security training for all staff
- Incident Response: Documented procedures for identifying, containing, and reporting data breaches
Security Breach Notification: In the event of a data breach that poses a risk to your rights and freedoms, we will notify you and relevant authorities as required by applicable law. For GDPR-regulated incidents, notification will be made within 72 hours of discovery.
However, no method of transmission or storage is 100% secure. You are responsible for maintaining the confidentiality of your account credentials. Splashgain shall not be responsible if your login credentials are shared, leaked, or compromised due to your own actions.
11. Children’s Privacy
Our Services are designed for business professionals and are not directed at or intended for use by individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have inadvertently collected personal data from a person under 18, we will delete it promptly. If you believe we have collected such data, please contact us at grievance@splashgain.com.
12. Third-Party Links
Our website and platform may contain links to external websites or services that are not operated by Splashgain. We are not responsible for the privacy practices or content of those third-party sites. We encourage you to review the privacy policies of any external websites you visit before providing personal data.
13. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, Services, or applicable laws. When we make material changes, we will:
- Send an email notification to all registered users at least 14 days before the change takes effect
- Display a prominent notice on our website
The “Last Updated” date at the top of this page will reflect the most recent revision. Your continued use of our Services after the effective date of a revised Policy constitutes your acceptance of the changes. If you do not agree to the updated Policy, please discontinue use of the Services and contact us to close your account.
14. Contact and Grievance Redressal
Grievance Officer
(Designated under the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 and the Digital Personal Data Protection Act, 2023)
| Name | Swapnil Dharmadhikari |
|---|---|
| grievance@splashgain.com | |
| Response Time | 30 days from receipt of complaint |
General Contact
| info@splashgain.com | |
|---|---|
| Support | support@splashgain.com |
| Website | www.splashgain.com |
Escalation
If you are not satisfied with our response, you may escalate your complaint to:
- India: The Data Protection Board of India (once constituted under the DPDPA 2023) or the Adjudicating Officer under the IT Act
- EU/EEA: Your national Data Protection Authority
- UK: The Information Commissioner’s Office (ICO) at ico.org.uk
This Privacy Policy was last reviewed in March 2026 and has been updated to align with the Digital Personal Data Protection Act, 2023 (India), the General Data Protection Regulation (GDPR), and current industry best practices for B2B SaaS companies.