Home/Trust/Privacy Policy

Privacy Policy.

Effective: 26 May 2026 Version: 2.0 Last reviewed: 26 May 2026

How Autonowmy Technology Pvt Ltd collects, uses, shares, and protects personal data — both for visitors to our website and for customer data we process on behalf of our enterprise customers.

Who we are

Autonowmy Technology Pvt Ltd ("Autonowmy", "we", "us") is a private limited company incorporated in India with its registered office in Noida, Uttar Pradesh. We provide an enterprise AI Operations platform that helps customers automate decision-making and resolution workflows across their operations stacks.

This Privacy Policy explains how we handle personal data in two distinct roles:

  • As a Controller — when we collect data from visitors to our website (autonowmy.com), from people who contact us, attend our events, or apply to roles.
  • As a Processor — when we process personal data inside our platform on behalf of our enterprise customers. That processing is governed by our Data Processing Agreement (DPA) with each customer, not by this policy.

If your data is processed by us as a Processor under a customer's instructions, please contact that customer directly to exercise data-subject rights. We will of course support our customer in responding promptly.

What we collect

From visitors to our website

  • Technical data — IP address (truncated), browser type, device type, referring URL, pages visited, time on page. Collected via privacy-first analytics (no third-party cookies, no cross-site tracking).
  • Contact-form submissions — name, work email, company, role, the operations focus you select, and the free-text content you write to us.
  • Calendar bookings — name, email, calendar slot, and any notes you add when booking a walkthrough through our scheduling tool.

From candidates and partners

  • Recruiting — resume, portfolio, contact details, and the role you applied to. Sourced via our careers page or partner introductions.
  • Partner relationships — contact details and the commercial context of our engagement.

From customer data (as Processor)

When you are an authorized user of a customer that has licensed our platform, we may process your name, work email, role, login activity, and the operational data your employer routes through the platform. The customer determines what data flows in and out; we follow their instructions per the DPA.

How we use your data

  • Respond to your inquiry — when you submit the contact form, we (and our Chief of Staff, Allison) read it and reply.
  • Set up a walkthrough — to confirm the meeting and prepare context relevant to your operation.
  • Improve our website — aggregated, de-identified analytics to understand which sections help readers and which don't.
  • Service security & integrity — detect abuse, rate-limit bots, prevent fraud.
  • Comply with law — recordkeeping required by Indian tax, corporate, and labor law.
  • Provide the platform — when acting as Processor, strictly per the customer's instructions in the DPA.
What we don't do: we do not sell personal data to anyone, we do not use customer data to train general-purpose models, and we do not run advertising or behavioral profiling on autonowmy.com.

Legal bases for processing

Under the EU GDPR, the UK GDPR, and India's Digital Personal Data Protection Act (DPDP), we rely on the following legal bases:

  • Consent — for analytics cookies and marketing communications. You may withdraw consent at any time.
  • Contract — to respond to inquiries you initiate and to deliver the platform under your employer's agreement.
  • Legitimate interests — to improve our website, secure our systems, and run our business — balanced against your rights.
  • Legal obligation — to comply with tax, employment, and corporate-records laws applicable to us in India and the jurisdictions where we operate.

Sharing & sub-processors

We share personal data with carefully selected service providers that act as our sub-processors — hosting, email delivery, error monitoring, scheduling, and the LLM providers our platform relies on. Each sub-processor is bound by written terms that require equivalent confidentiality and security obligations.

The current list is maintained at /subprocessors. We notify enterprise customers at least 30 days before adding a new sub-processor that materially affects how their data is processed.

We do not sell personal data, and we do not share it with advertising or analytics networks.

International transfers

Our primary data centers are in India (AP-South, Mumbai). For customers in the EU or UK we offer EU-West deployment; for North American customers we offer US-East. Where personal data is transferred outside the originating jurisdiction, we rely on the EU Standard Contractual Clauses (2021/914), the UK International Data Transfer Addendum, or equivalent safeguards.

For DPDP-governed data, transfers outside India are made only to jurisdictions notified by the Government of India or under contractual safeguards as permitted by the Act.

Retention

  • Visitor analytics — aggregated & de-identified, retained 14 months.
  • Contact-form submissions — 36 months, after which we anonymize or delete.
  • Candidate records — 18 months for unsuccessful candidates; longer with your consent for future roles.
  • Customer data — per the customer's DPA. Returned or deleted within 30 days of contract termination unless law requires longer.
  • Tax & corporate records — minimum 8 years as required by Indian law.

Your rights

Subject to applicable law (GDPR, UK GDPR, DPDP, and others), you have the right to:

  • Access the personal data we hold about you.
  • Rectify inaccurate or incomplete data.
  • Erase data we no longer have a lawful basis to retain.
  • Restrict or object to certain processing.
  • Portability — receive a copy in a structured machine-readable format.
  • Withdraw consent at any time for processing based on consent.
  • Lodge a complaint with your local supervisory authority (in India, the Data Protection Board; in the EU, your national DPA).

To exercise any right, email allison@autonowmy.com. We respond within 30 days (and faster where possible).

Cookies & analytics

We use a minimal cookie set:

  • Strictly necessary — session and security cookies that make the site work. Always on.
  • Privacy-first analytics — a single first-party cookie used to count distinct visits, with IPs truncated and no cross-site tracking. You can opt out without losing site functionality.

We do not use third-party advertising cookies, behavioral profiling, or social-network embeds that read cookies before consent.

Children's data

Our website and platform are not directed at children under 18. We do not knowingly collect data from minors. If you believe a child has provided us data, contact us and we will delete it.

Changes to this policy

We revise this policy when our practices change. The Effective and Last reviewed dates at the top reflect the current version. For material changes — new categories of data, new purposes, new sub-processors that affect EU/UK/India data subjects — we notify registered users by email at least 14 days before the change takes effect.

Older versions are available on request.

Contact

For any question about this policy, to exercise a right, or to raise a concern, please write to:

  • Privacy & data protectionallison@autonowmy.com
  • Postal — Autonowmy Technology Pvt Ltd, Noida, Uttar Pradesh, India

Allison, our Chief of Staff, routes every privacy inquiry to the right person internally — usually our Data Protection Officer — and confirms receipt within one business day.