Privacy Policy

1. Who We Are

Skysmile Technologies Private Limited ("Skysmile", "we", "our", "us") is the data controller responsible for your personal data. We are registered in India and operate from Level Minus 2, Thejaswini, Technopark Campus, Thiruvananthapuram, Kerala 695583, India.

Our website is skysmiletechnologies.com. If you have any privacy concerns, contact us at: privacy@skysmiletechnologies.com

2. Data We Collect

Information you provide directly

• Contact form: Name, email address, phone number, enquiry type, message
• Job applications: Name, email, phone, LinkedIn URL, cover letter, CV
• Product sign-ups: Name, email, device information (for AI product accounts)
• Health data (AI products): Symptom inputs, spirometry data, wearable sensor data — collected only with your explicit consent and used solely for the health service requested

Information collected automatically

• IP address, browser type, operating system, referring URL
• Pages visited, time on site, clicks (via analytics cookies)
• Device identifiers (mobile app usage)

3. How We Use Your Data

• Responding to enquiries and providing customer support
• Processing job applications
• Delivering AI product services you have requested
• Improving our website and services through anonymised analytics
• Sending service-related communications (not marketing, unless you opt in)
• Complying with legal and regulatory obligations
• Protecting against fraud and abuse

We will never sell, rent, or trade your personal data to third parties for marketing purposes.

4. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA) and UK, our legal basis for processing your data under GDPR Article 6 is:

• Consent — for marketing emails, analytics cookies, and health data collection
• Contract performance — to deliver services you have requested
• Legitimate interests — for site security, fraud prevention, and improving our services
• Legal obligation — to comply with applicable laws

For health data (Article 9 special category), we process only on the basis of your explicit consent, which you may withdraw at any time.

5. Sharing Your Data

We share data only with trusted service providers who process it on our behalf and under strict data processing agreements:

• Microsoft Azure — cloud infrastructure and data storage (EU and India regions)
• Amazon Web Services (AWS) — development pipelines and backup storage
• NVIDIA — GPU compute for AI model training (no personal data shared)
• Web3Forms — contact form processing (form data only)
• Google Analytics — anonymised website analytics (if consent given)

We may also disclose data if required by law, court order, or to protect the rights and safety of our users.

6. International Data Transfers

Our primary servers are located in India. When data is processed by cloud providers (Microsoft Azure, AWS), it may be stored in data centres in India, the EU, or the US. For EU-origin data, transfers are protected by Standard Contractual Clauses (SCCs) or equivalent safeguards in accordance with GDPR Chapter V.

7. Data Retention

• Contact enquiries: 2 years from last contact
• Job applications (unsuccessful): 6 months, then deleted
• AI product health data: Retained while your account is active, deleted within 30 days of account closure
• Analytics data: 14 months (Google Analytics default)
• Legal/contractual data: 7 years as required by Indian tax and company law

8. Your Rights

Under GDPR and India's Digital Personal Data Protection Act (DPDP Act 2023), you have the right to:

• Access — request a copy of the personal data we hold about you
• Rectification — correct inaccurate or incomplete data
• Erasure ("right to be forgotten") — request deletion of your data
• Restriction — ask us to limit how we use your data
• Portability — receive your data in a machine-readable format
• Object — object to processing based on legitimate interests
• Withdraw consent — at any time, for consent-based processing

To exercise any right, email privacy@skysmiletechnologies.com. We will respond within 30 days. You also have the right to lodge a complaint with your local data protection authority.

9. Cookies & Tracking

We use cookies to improve your experience and analyse site usage. You can manage cookie preferences via our Cookie Policy page. Essential cookies cannot be disabled as they are required for the website to function.

10. Children's Privacy

Our website and services are not directed at children under the age of 13 (or 16 in the EEA). We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us immediately and we will delete it.

For our health products used in paediatric care, parental or guardian consent is required before any health data is collected from a minor.

11. Security

We implement industry-standard security measures including TLS/SSL encryption in transit, AES-256 encryption at rest, role-based access controls, and regular security audits. Our AI health products comply with HIPAA technical safeguards. We are committed to GDPR and India's DPDP Act security requirements.

In the event of a personal data breach that poses a high risk to your rights and freedoms, we will notify you without undue delay as required by applicable law.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated by posting a notice on our website or by email (where we hold your contact details). The date at the top of this page indicates when the policy was last revised. Continued use of our website or services after changes take effect constitutes acceptance of the updated policy.

13. Contact Us / Data Protection

For all privacy-related requests, questions or complaints:

• Email: privacy@skysmiletechnologies.com
• Post: Data Protection Officer, Skysmile Technologies Private Limited, Level Minus 2, Thejaswini, Technopark Campus, Thiruvananthapuram, Kerala 695583, India
• Phone: +91 9746418891