Privacy Policy

Last updated: March 27, 2026

1. Who We Are

Phoenix Solutions (“we”, “our”, “us”) is a business intelligence and data analytics consulting firm registered in Ahmedabad, Gujarat, India. We specialise in Power BI dashboard development, data analytics, ERP integration, KPI framework design, and custom analytical solutions for organisations worldwide.

For the purposes of applicable data protection legislation, Phoenix Solutions acts as the data controller (or “data fiduciary” under India’s Digital Personal Data Protection Act, 2023) for the personal data collected through this website.

• Website: www.phoenixsolution.in
• Data Protection Contact: Smit Chandarana, Founder
• Email: [email protected]
• Phone: +91-85115-33391
• Address: C112 Celebration City Center, Ahmedabad, Gujarat 380058, India

This Privacy Policy explains how we collect, use, store, and protect your personal data when you visit our website, submit a contact form, book a consultation, or otherwise communicate with us.

2. Information We Collect

a) Information you provide directly

• Contact form: When you submit a message through our website contact form (processed via FormSubmit.co), we receive your name, email address, phone number, company name, service interest, and message content.
• Email correspondence: When you email us at [email protected], we receive your email address, name, and the contents of your message and any attachments.
• WhatsApp messages: When you initiate a conversation via our WhatsApp chat link, we receive your phone number, profile name, and message content.
• Calendly scheduling: When you book a discovery call through our Calendly link, Calendly collects your name, email address, scheduling preferences, and any notes you provide. This information is shared with us to facilitate the meeting.

b) Information collected automatically

• Google Analytics (GA4): We use Google Analytics 4 to collect anonymised usage data, including pages visited, session duration, referral source, browser type, device type, screen resolution, approximate geographic location (city-level), and language preferences. GA4 uses first-party cookies and does not collect personally identifiable information in its default configuration.
• Google Fonts: Our website loads the Syne and DM Sans typefaces from Google’s font servers (fonts.googleapis.com, fonts.gstatic.com). When these fonts load, your browser connects to Google’s servers, and Google may log your IP address and browser information.
• Server logs: Our web hosting provider may automatically record standard server log data, including your IP address, browser user-agent string, pages requested, and timestamps.

c) Information from third parties

• Calendly: Shares your booking details (name, email, chosen time slot) with us when you schedule a call.
• LinkedIn: If you interact with our LinkedIn company page, LinkedIn may share aggregated page analytics with us. This data does not individually identify you.

3. Legal Basis for Processing

We process your personal data on one or more of the following legal grounds:

• Consent: When you voluntarily submit your contact details through our form, initiate a WhatsApp conversation, or book a Calendly call, you consent to us processing that information for the stated purpose. You may withdraw consent at any time.
• Legitimate interest: We use analytics data to understand how our website is used and to improve our content and services. We also have a legitimate interest in responding to inquiries and maintaining business relationships.
• Contractual necessity: When you engage Phoenix Solutions for consulting services, we process personal data as needed to deliver those services and manage the engagement.
• Legal obligation: We may process or retain personal data when required by applicable Indian law, including the Information Technology Act, 2000 and the Digital Personal Data Protection Act, 2023.

4. How We Use Your Information

We use the information we collect for the following purposes:

• To respond to inquiries submitted through our contact form, email, or WhatsApp.
• To schedule and conduct discovery calls and consultations booked through Calendly.
• To deliver business intelligence consulting, dashboard development, and related services you engage us for.
• To send project-related communications, including deliverables, progress updates, and invoices. We do not send marketing emails unless you explicitly opt in.
• To analyse aggregated, non-personal website usage data (via Google Analytics GA4) to improve our content, user experience, and service offerings.
• To maintain the security and proper functioning of our website.
• To comply with applicable legal obligations under Indian law.

We do not sell, rent, trade, or share your personal data with third parties for their marketing purposes.

5. Cookies and Tracking Technologies

Cookies are small text files stored on your device when you visit a website. Our site uses the following cookies and tracking technologies:

• Google Analytics cookies (_ga, _ga_<container-id>): These analytics cookies distinguish unique visitors and sessions. They persist for up to 2 years and collect anonymised browsing data. They do not identify you personally.
• Google Fonts: Does not set cookies on your device, but your browser connects to Google servers to load typefaces. Google may log your IP address in connection with these requests.
• Calendly: When you use the Calendly booking link, Calendly may set its own cookies, governed by Calendly’s Privacy Policy.

We do not use any advertising, retargeting, or social media tracking cookies.

You can manage cookies through your browser settings. Disabling cookies may affect certain website functionality. To opt out of Google Analytics tracking specifically, you can install the Google Analytics Opt-out Browser Add-on.

6. Third-Party Services

Our website integrates with the following third-party services, each operating under their own privacy policies:

• Google Analytics (GA4) — website analytics and traffic measurement. Privacy Policy
• Google Fonts — typeface delivery (Syne and DM Sans). Privacy Policy
• Calendly — appointment scheduling for discovery calls. Privacy Policy
• FormSubmit.co — processes contact form submissions and delivers them to our email. Website
• WhatsApp (Meta) — direct messaging channel. Privacy Policy
• LinkedIn (Microsoft) — professional networking and company page. Privacy Policy
• Hostinger — web hosting provider. Privacy Policy

Phoenix Solutions is not responsible for the data practices of these third-party services. We encourage you to review their respective privacy policies.

7. Data Sharing and Disclosure

Phoenix Solutions does not sell your personal data. We may share your information only in the following circumstances:

• Service providers: With the third-party tools listed in Section 6, solely to the extent necessary for their function (e.g., FormSubmit.co to deliver your contact form submission).
• Professional engagements: If you become a client, project-related data may be shared with team members or subcontractors who are bound by confidentiality agreements.
• Legal requirements: When required by law, regulation, court order, or governmental request under Indian law, including the Information Technology Act, 2000 and the DPDP Act, 2023.
• Business protection: To protect the rights, property, or safety of Phoenix Solutions, its clients, or the public.
• Business transfers: In the event of a merger, acquisition, or asset sale, personal data may be transferred to the successor entity. Affected individuals would be notified of any such transfer.

8. International Data Transfers

Phoenix Solutions is based in India, and your personal data is primarily stored and processed in India. However, some of the third-party services we use — including Google Analytics, Google Fonts, Calendly, WhatsApp (Meta), and LinkedIn — may transfer or process data on servers located outside India, including in the United States and the European Economic Area.

When data is transferred internationally, we rely on the data protection mechanisms provided by these service providers, such as Standard Contractual Clauses (SCCs), adequacy decisions, or the provider’s own certifications and safeguards.

By using our website and services, you acknowledge that your data may be processed in jurisdictions outside your country of residence, which may have different data protection standards.

9. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes described in this policy, unless a longer retention period is required by law:

• Contact form submissions and email correspondence: Retained for up to 24 months after our last communication, unless a business relationship is established.
• Client engagement data: Retained for the duration of the engagement and for 7 years thereafter, in compliance with Indian financial and tax record-keeping requirements.
• Calendly booking data: Our records of scheduled calls are retained for up to 12 months. Calendly retains data according to their own retention policy.
• Google Analytics data: GA4 user-level and event-level data is retained for 14 months. After this period, it is automatically deleted. Aggregated reports remain available indefinitely.
• WhatsApp messages: Retained on WhatsApp’s platform per their policies. Any information we extract and record is treated as correspondence (24-month retention).
• Server logs: Retained for up to 90 days for security and diagnostic purposes.

Upon expiry of the applicable retention period, personal data is securely deleted or anonymised.

10. Data Storage and Security

We take the security of your personal data seriously and implement appropriate technical and organisational measures to protect it:

• Encryption in transit: Our website is served exclusively over HTTPS, ensuring all data transmitted between your browser and our server is encrypted via SSL/TLS.
• Secure form processing: Contact form submissions are transmitted through FormSubmit.co’s encrypted service and delivered to our secured email.
• Access controls: Access to personal data is restricted to authorised Phoenix Solutions team members on a need-to-know basis.
• Hosting security: Our website is hosted on Hostinger, which provides infrastructure-level security, including server-side encryption, firewalls, and regular security updates.
• Organisational measures: Team members and subcontractors with access to personal data are bound by confidentiality obligations.

While we strive to protect your personal data using commercially reasonable measures, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security, but we are committed to promptly addressing any security incidents.

11. Your Rights

Depending on your location and applicable data protection law, you may have the following rights regarding your personal data:

• Right to access: Request a copy of the personal data we hold about you.
• Right to correction: Request that we correct any inaccurate or incomplete data.
• Right to erasure: Request that we delete your personal data, subject to legal retention obligations.
• Right to restrict processing: Request that we limit how we use your data in certain circumstances.
• Right to data portability: Request a copy of your data in a structured, commonly used, machine-readable format (where applicable under GDPR).
• Right to object: Object to the processing of your data where it is based on legitimate interest.
• Right to withdraw consent: Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of processing carried out prior to withdrawal.
• Right to lodge a complaint: You have the right to file a complaint with a supervisory authority. In India, this is the Data Protection Board of India (established under the DPDP Act, 2023). In the EU, you may contact your local Data Protection Authority.

How to exercise your rights: Send an email to [email protected] with the subject line “Data Privacy Request”. We will verify your identity and respond within 30 days. We will not charge a fee for reasonable requests. If a request is manifestly unfounded or excessive, we reserve the right to charge a reasonable fee or decline the request with an explanation.

12. Do Not Track Signals

Some web browsers transmit a “Do Not Track” (DNT) signal to websites. There is currently no universally accepted standard for how websites should respond to DNT signals. Our website does not currently alter its data collection or use practices in response to DNT signals.

If you wish to opt out of analytics tracking, you can install the Google Analytics Opt-out Browser Add-on or manage cookies through your browser settings.

13. Children’s Privacy

Our website and services are designed for business professionals and are not directed at individuals under the age of 18. We do not knowingly collect personal data from children under 18. If we become aware that we have inadvertently collected data from a child under 18, we will take prompt steps to delete that information. If you believe a child has provided us with personal data, please contact us at [email protected].

14. Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, Phoenix Solutions will:

• Notify the relevant supervisory authority (the Data Protection Board of India) within 72 hours of becoming aware of the breach, as required under applicable law.
• Notify affected individuals without undue delay where the breach is likely to result in a high risk to their rights and freedoms.
• Document the breach, its effects, and the remedial actions taken.

This commitment aligns with GDPR Articles 33 and 34 and the breach notification requirements under India’s DPDP Act, 2023.

15. Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices, services, or legal requirements. When we make changes, we will update the “Last updated” date at the top of this page. For material changes that significantly affect how we process your existing personal data, we will make reasonable efforts to provide prominent notice on our website.

Continued use of our website and services after the updated policy is posted constitutes your acceptance of the changes. We encourage you to review this page periodically to stay informed about our data practices.

16. Contact Us

For questions, concerns, or requests related to this Privacy Policy or your personal data, please contact us:

• Data Protection Contact: Smit Chandarana, Founder
• Email: [email protected]
• Phone: +91-85115-33391
• WhatsApp: +91-85115-33391
• Address: C112 Celebration City Center, Ahmedabad, Gujarat 380058, India

We aim to respond to all data privacy inquiries within 30 days.