VertexNirvana

Privacy Policy

Effective: 01 May 2026Updated: 26 June 2026

1. Introduction

1.1 Who we are

Vertex Nirvana ("we", "us", or "our") is a technology company operated by Vertex Nirvana Innovations Private Limited, incorporated under the laws of India. We design, develop, and deliver information technology services, artificial intelligence solutions, SaaS platforms, technology consulting, quantum computing research and products, enterprise software development, and digital transformation services to business and institutional clients.

1.2 Purpose of this Policy

This Privacy Policy explains how Vertex Nirvana collects, uses, discloses, stores, retains, secures, and otherwise processes personal data, and the choices and rights available to individuals in relation to that data. We are committed to handling personal data responsibly, lawfully, and transparently.

1.3 Scope

This Policy applies to all personal data we process in connection with:

your access to and use of https://vertexnirvana.com and any associated sub-domains;

our software products, SaaS platforms, applications, and demonstration environments;

enquiry, contact, demo-booking, newsletter, and marketing forms;

client onboarding, service delivery, support, and account management;

recruitment, internship, and career-application processes;

investor, partner, and business-development communications; and

any other interaction through which personal data is shared with us.

This Policy does not apply to the practices of third parties we do not own or control.

1.4 Relationship with other agreements

Where you engage Vertex Nirvana under a separate written agreement, master services agreement, order form, statement of work, data processing agreement, or non-disclosure agreement, the terms of that agreement govern in the event of any conflict with this Policy in respect of the specific engagement.

2. Definitions

"Personal Data" means any data about an individual who is identifiable by or in relation to such data, including "personal information" and "sensitive personal data or information" as defined under India's SPDI Rules, 2011.

"Processing" means any operation performed on Personal Data — including collection, storage, use, disclosure, transfer, or destruction.

"User" means any individual who accesses or uses the Website or Services.

"Client" means a business or organisation that engages Vertex Nirvana for products or services.

"Data Fiduciary" (under the DPDP Act) means any person who determines the purpose and means of processing Personal Data. Vertex Nirvana acts as a Data Fiduciary for data it collects for its own purposes.

"Cookies" means small text files and similar technologies placed on your device when you access the Website.

"Website" means https://vertexnirvana.com and its sub-domains.

"Services" means the products, Platforms, software, demos, consulting, support, and other services offered by Vertex Nirvana.

3. Information We Collect

We collect only what is reasonably necessary for the purposes described in Section 5.

Identity and contact information

Full name

Email address

Telephone or mobile number

Postal or business address, where provided

Professional and business information

Company or organisation name

Job title and role

Department or function

Business enquiry and demo-request details

Recruitment and internship information

Career, internship, or job-application information

Curriculum vitae and resume data

Cover letters, portfolios, or assessment responses

Account, service, and transactional information

Account registration and login identifiers

Service usage and configuration data

Support tickets, correspondence, and communication records

Technical and usage information

IP address

Browser type and version, operating system, device type

Pages viewed and session activity

Technical logs, diagnostic data, and security-event data

Cookies and analytics data (see Section 7)

Other information

Any information you voluntarily submit through forms, surveys, events, or other interactions.

4. How We Collect Information

We collect Personal Data through the following channels:

Website and contact forms — when you submit an enquiry or contact us.

Demo booking forms — when you request or schedule a product demonstration.

Recruitment and internship forms — when you apply for a role or submit your CV.

Newsletter and marketing forms — when you subscribe to communications.

Email and other correspondence — when you communicate with us.

Client onboarding — when you provide information to set up and deliver Services.

Platform usage — automatically, when you use our Platforms.

Cookies and analytics tools — automatically, when you browse the Website.

Third-party integrations and sources — from service providers and publicly available sources, to the extent permitted by law.

5. Purpose of Processing

We process Personal Data for the following purposes:

Responding to enquiries — to receive, assess, and respond to your questions and communications.

Providing software and services — to deliver, operate, maintain, and support our products and Services.

Scheduling and conducting demos — to arrange, deliver, and follow up on product demonstrations.

Business development — to evaluate opportunities and engage with prospective clients, investors, and partners.

Client onboarding and account management — to establish, verify, configure, and administer client accounts.

Technical support and service operations — to provide support, troubleshoot, and maintain service quality.

Recruitment and internships — to assess applications, conduct interviews, and manage hiring programmes.

Legal and regulatory compliance — to comply with applicable laws and our legal obligations.

Security monitoring and fraud prevention — to protect the security and integrity of our Website and systems.

Analytics and service improvement — to understand usage and improve our products and Services.

Marketing communications — to send relevant updates and offers, subject to consent and your right to opt out.

6. Legal Basis and Consent

We process Personal Data on one or more of the following bases under Indian law:

Consent — where you have given clear, informed, and freely given consent.

Contractual necessity — where processing is necessary to provide Services you have requested.

Legitimate business purposes — for purposes recognised under the DPDP Act, such as responding to enquiries and protecting our systems.

Legal obligation — where processing is necessary to comply with applicable law.

You may withdraw your consent at any time by contacting us using the details in Section 17. Withdrawal will not affect the lawfulness of prior processing, but may affect our ability to provide certain Services.

7. Cookies and Tracking Technologies

Our Website uses cookies and similar technologies to operate the site, analyse usage, and support marketing.

Categories of cookies we may use:

Essential cookies — required for the Website to function. These do not require consent.

Analytics cookies — to understand how visitors use the Website and to measure performance.

Functional cookies — to remember your preferences and enhance functionality.

Marketing cookies — to deliver and measure relevant communications.

Third-party cookies — set by third-party tools and integrations embedded in the Website.

Where required by law, we will request your consent before placing non-essential cookies through a cookie banner or preference centre. You can control or delete cookies through your browser settings at any time.

8. Sharing of Personal Data

We do not sell Personal Data. We may share it with the following categories of recipients, only as necessary and subject to appropriate confidentiality and data-protection obligations:

Hosting and infrastructure providers

Cloud service providers

Customer relationship management (CRM) tools

Email and communication providers

Analytics providers

Payment processors (where applicable)

Legal, tax, accounting, and professional advisors

Recruitment partners and platforms (where applicable)

Government, regulatory, or law-enforcement authorities (where required by law)

Business transferees in connection with a merger, acquisition, or sale of assets

Where we engage third-party processors, we require them to process Personal Data only on our instructions and to maintain appropriate security safeguards.

9. Cross-Border Data Transfers

Vertex Nirvana operates from India and serves clients globally. Depending on the providers we use, Personal Data may be stored or processed in India and/or other jurisdictions. Under the DPDP Act, transfers outside India are permitted subject to any restrictions the Central Government may specify. Where we transfer Personal Data across borders, we take reasonable steps to ensure appropriate protection through contractual and organisational safeguards.

For users in the European Economic Area (EEA) or United Kingdom (UK), see Section 20 for additional information.

10. Data Security

We implement reasonable technical, organisational, and physical safeguards to protect Personal Data, including:

Access controls and role-based permissions

Encryption and/or masking or tokenisation of data where appropriate

Network and application security controls

Logging, monitoring, and review of system activity

Business-continuity and resilience measures

Internal information-security policies, training, and confidentiality obligations

Contractual security obligations on vendors and processors

Procedures for detecting, investigating, and responding to security incidents

In the event of a personal data breach, we will take steps to contain and remediate the incident and will notify affected individuals and the Data Protection Board as required by applicable law.

While we strive to protect Personal Data, no method of transmission over the internet is completely secure, and we cannot guarantee absolute security.

11. Data Retention

We retain Personal Data only for as long as necessary to fulfil the purposes for which it was collected, including to provide Services, satisfy legal and regulatory obligations, resolve disputes, and enforce agreements. When Personal Data is no longer required and there is no legal basis to retain it, we will securely delete, destroy, or anonymise it.

12. Your Rights

Subject to applicable law and verification of your identity, you may have the following rights:

Right of access — to obtain confirmation of and access to the Personal Data we process about you.

Right to correction and updating — to have inaccurate or incomplete Personal Data corrected or updated.

Right to erasure — to request deletion of your Personal Data where it is no longer necessary for its original purpose.

Right to withdraw consent — as described in Section 6.

Right to grievance redressal — to have your grievances addressed by us, and to escalate to the Data Protection Board.

Right of nomination — to nominate another individual to exercise your rights in the event of death or incapacity, as provided under the DPDP Act.

To exercise any of these rights, please contact us using the details in Section 17.

13. Children's Privacy

Our Website and Services are intended for businesses and professional users and are not directed at children. We do not knowingly collect Personal Data from individuals under 18 years of age without verifiable parental or guardian consent as required by the DPDP Act. If you believe we have inadvertently collected a child's data, please contact us and we will take steps to delete such data.

14. Marketing Communications

Where permitted, we may send you marketing or promotional communications about our products, Services, events, and updates.

Opt-in. Where required by law, we will obtain your consent before sending marketing communications.

Opt-out. You may opt out at any time by using the unsubscribe link in our emails or by contacting us.

Business communications. Service-related and transactional communications necessary for our relationship with you may not be subject to opt-out.

15. Third-Party Links and Integrations

The Website and Services may contain links to third-party websites, tools, APIs, and services not operated by Vertex Nirvana. This Policy does not apply to those third parties. We are not responsible for their content, security, or privacy practices, and we encourage you to review their policies before providing them with your information.

16. AI, Automation, and Product Data

Some of our products and features may use machine-learning or AI techniques to deliver functionality. The performance and outputs of such features may vary and are provided subject to the applicable agreement and to the disclaimers in our Terms of Service.

Vertex Nirvana treats client and enterprise data as confidential and applies appropriate access and use restrictions, including in the context of AI-enabled processing. We apply confidentiality obligations and technical and organisational controls intended to protect client data from unauthorised use.

For further details on AI data handling, please refer to our Terms of Service or contact us directly.

17. Grievance Officer and Contact

If you have any questions, requests, or grievances regarding this Policy or our processing of your Personal Data, please contact:

For general privacy enquiries: Operations@VertexNirvana.com

We aim to acknowledge and respond to grievances within the period prescribed under applicable law, and in any event within 30 days.

18. Updates to this Privacy Policy

We may update this Privacy Policy from time to time. The "Last Updated" date at the top indicates when it was most recently revised. Where changes are material, we will take reasonable steps to notify you. Your continued use of the Website or Services after the effective date of an updated Policy constitutes your acknowledgement of the updated Policy.

19. Effective Date

This Privacy Policy is effective as of 01 May 2026.

20. Additional Information for EEA / UK Users

Where the EU General Data Protection Regulation (GDPR) or UK GDPR applies:

Legal bases. We process Personal Data on the bases of consent, contract, legitimate interests, and legal obligation.

Additional rights. You may have rights to access, rectification, erasure, restriction of processing, data portability, and to object to processing, as well as the right to lodge a complaint with a supervisory authority.

International transfers. Where Personal Data is transferred outside the EEA/UK, we rely on appropriate safeguards such as Standard Contractual Clauses or other lawful transfer mechanisms.

Questions about this document? Operations@VertexNirvana.com