Privacy Policy

Effective Date: July 3, 2026

This Privacy Policy ("Policy") explains how Wisdom Tooth Consultants, a partnership having its business address at No. 28/A, 2nd Floor, Krishna Reddy Colony, Patel Rama Reddy Road, Bengaluru, Karnataka 560071, India ("Wisdom Tooth Consultants," "we," "us," or "our"), collects, uses, stores, shares, transfers, protects, and otherwise processes personal information.

This Policy applies, as relevant, to personal information processed in connection with:

  • Our website at wisdomtooth.tech;
  • Enquiries and contact forms;
  • Prospective customers and leads;
  • Customers and client representatives;
  • Service subscriptions and recurring payments;
  • Billing and invoicing;
  • Business communications;
  • Job applicants;
  • Vendors and business partners;
  • Software development and maintenance services;
  • Website maintenance and hosting services;
  • Technical support;
  • Cloud and server management;
  • Search engine optimization services;
  • Artificial intelligence and AI-related services;
  • Dedicated developer and support services;
  • Accounting services;
  • Virtual assistant services; and
  • Other technology, digital, consulting, administrative, support, or professional services provided by us.

This Policy should be read together with our Terms and Conditions, Refund and Cancellation Policy, and any applicable contract, proposal, statement of work, order form, service agreement, data processing agreement, confidentiality agreement, non-disclosure agreement, or other written arrangement.

1. Who We Are

The organization responsible for this Policy is:

Wisdom Tooth Consultants
No. 28/A, 2nd Floor
Krishna Reddy Colony
Patel Rama Reddy Road
Bengaluru, Karnataka 560071
India

Website: wisdomtooth.tech
Privacy and Grievance Contact: accounts@wisdomtoothtechnologies.com

Depending on the circumstances and applicable law, Wisdom Tooth Consultants may act in different privacy roles.

We may determine why and how personal information is processed for our own business purposes. Depending on the applicable legal framework, this role may be described as a data fiduciary, data controller, business, organization, or a similar term.

We may also process personal information on behalf of a client while providing services. Depending on the applicable legal framework, this role may be described as a data processor, service provider, contractor, or a similar term.

The legal role applicable to a particular processing activity depends on the facts, contractual arrangement, purposes of processing, degree of control, and applicable law.

2. Scope of This Policy

This Policy applies to personal information that we process for our own legitimate business and service-related purposes, including information relating to:

  • Website visitors;
  • People who contact us;
  • Prospective customers;
  • Customers;
  • Client representatives;
  • Subscribers;
  • Vendors;
  • Business partners;
  • Job applicants; and
  • Other individuals who interact directly with Wisdom Tooth Consultants.

This Policy also describes, at a general level, circumstances in which we may process personal information on behalf of clients while delivering services.

Where we process personal information solely on behalf of a client, the client may be primarily responsible for determining the purposes and means of that processing. In such circumstances, the client's own privacy notice or privacy policy may apply, and requests concerning that information may need to be directed to the relevant client.

3. Personal Information We May Collect

The personal information we collect depends on how you interact with us, the services involved, the systems used, and the applicable business relationship.

3.1 Identity Information

We may collect:

  • First name;
  • Last name;
  • Full name;
  • Username or account identifier where relevant;
  • Job title;
  • Role;
  • Department;
  • Business affiliation; and
  • Other identifying information reasonably necessary for a service or business relationship.

3.2 Contact Information

We may collect:

  • Email address;
  • Telephone number;
  • Mobile number;
  • Business address;
  • Billing address;
  • Mailing address;
  • Country;
  • Communication preferences where relevant; and
  • Other contact information.

3.3 Website Contact Form Information

Our website provides a Contact Us form. Information submitted through the form may include:

  • First name;
  • Last name;
  • Email address;
  • Selected service of interest; and
  • Message content.

If you voluntarily include additional personal information in your message, we may process that information for the purpose of responding to and managing your enquiry.

3.4 Business and Professional Information

We may collect:

  • Company or organization name;
  • Job title;
  • Business role;
  • Department;
  • Business contact details;
  • Industry;
  • Service requirements;
  • Project information;
  • Proposal information;
  • Contract information; and
  • Business communications.

3.5 Billing and Transaction Information

Depending on the transaction and service arrangement, we may collect and process billing and transaction-related information such as:

  • Customer name;
  • Company name;
  • Billing address;
  • Email address;
  • Telephone number;
  • Country;
  • Tax-related information where applicable;
  • Invoice details;
  • Transaction identifiers;
  • Payment status;
  • Subscription status;
  • Billing history;
  • Payment dates;
  • Amounts paid or due;
  • Currency;
  • Service plan;
  • Renewal information;
  • Failed-payment information;
  • Refund information; and
  • Records of billing-related communications.

3.6 Payment Card and Payment Method Information

Where payments are made through PayGlocal, payment card details and other payment credentials are entered directly into the payment interface provided by PayGlocal or its authorized payment-processing infrastructure.

Wisdom Tooth Consultants does not ordinarily receive or store complete payment card numbers, card security codes, or equivalent full payment credentials entered directly into PayGlocal's payment interface.

We may receive limited transaction-related information necessary for billing, reconciliation, subscription administration, fraud prevention, customer support, and recordkeeping, such as:

  • Transaction identifiers;
  • Payment status;
  • Payment date;
  • Amount;
  • Currency;
  • Limited payment method information where made available;
  • Failure or decline status;
  • Refund status; and
  • Subscription or mandate-related information.

Payment processing is also subject to the privacy practices, security measures, terms, and legal obligations of the relevant payment service providers, banks, card networks, and financial institutions.

3.7 Communications Information

We may collect and retain communications exchanged through:

  • Email;
  • WhatsApp;
  • SMS;
  • Slack;
  • Microsoft Teams;
  • Video conferencing services;
  • Project management systems;
  • Support systems;
  • Telephone; and
  • Other agreed communication channels.

This may include:

  • Message content;
  • Attachments;
  • Contact details;
  • Date and time information;
  • Project discussions;
  • Support requests;
  • Decisions;
  • Approvals; and
  • Related business records.

3.8 Meeting and Call Information

We may conduct meetings through services such as Zoom, Google Meet, Microsoft Teams, or similar platforms.

Meetings or calls may sometimes be recorded. Where we initiate a recording, we provide notice to participants and obtain consent where required by applicable law.

Recordings may include:

  • Audio;
  • Video;
  • Screen sharing;
  • Participant names;
  • Chat messages;
  • Transcripts; and
  • Meeting content.

Where recording occurs, information may be used for disclosed and legitimate purposes such as documentation, project coordination, quality assurance, training where appropriate, or maintaining meeting records.

3.9 Technical and System Information

Depending on the systems and services involved, we may process:

  • IP addresses;
  • Device information;
  • Browser information;
  • Operating system information;
  • Server logs;
  • Application logs;
  • Error logs;
  • Security logs;
  • Authentication information;
  • Access records;
  • Date and time information;
  • System identifiers;
  • API logs;
  • Diagnostic information;
  • Performance information; and
  • Other technical information.

Some technical information may be generated automatically by servers, hosting providers, security systems, communication platforms, browsers, or network infrastructure even though our public website does not intentionally use analytics or advertising cookies.

3.10 Project and Service Information

When providing services, we may process information contained in:

  • Project documentation;
  • Requirements;
  • Specifications;
  • Source code;
  • Databases;
  • Development environments;
  • Production environments;
  • Test environments;
  • Support tickets;
  • Logs;
  • Backups;
  • Customer files;
  • Uploaded documents;
  • API requests;
  • Configuration files;
  • Server systems;
  • Cloud systems;
  • Repositories;
  • Reports; and
  • Other materials reasonably necessary to perform the agreed services.

3.11 Job Applicant Information

If you apply for a position with Wisdom Tooth Consultants, including by email, we may collect:

  • Name;
  • Email address;
  • Telephone number;
  • Address where voluntarily provided or reasonably required;
  • Resume or curriculum vitae;
  • Employment history;
  • Educational information;
  • Skills;
  • Professional qualifications;
  • Portfolio information;
  • References where provided;
  • Interview information;
  • Salary expectations where provided;
  • Work authorization information where relevant; and
  • Other information voluntarily submitted or reasonably required as part of the recruitment process.

This public Policy does not generally govern internal employee or contractor human-resources records after engagement. Such records may be handled under separate internal policies, notices, contracts, and legal requirements.

3.12 Information Received From Third Parties

We may receive personal information from:

  • Clients;
  • Customer representatives;
  • Business partners;
  • Referral sources;
  • Payment service providers;
  • Financial institutions;
  • Cloud and hosting providers;
  • Communication platforms;
  • Project management systems;
  • Service providers;
  • Publicly available sources where lawful and appropriate;
  • Authorized representatives; and
  • Other third parties where lawful and relevant.

4. Sensitive and Higher-Risk Information

Because of the nature of certain services, particularly accounting, software maintenance, cloud management, technical support, and virtual assistant services, we may sometimes have authorized access to sensitive or higher-risk information.

Depending on the client engagement, this may include:

  • Bank statements;
  • Bank account information;
  • Financial records;
  • Tax documents;
  • Payroll information;
  • Salary information;
  • Employee information;
  • Vendor information;
  • Government-issued identification information;
  • Payment-related information;
  • Confidential business records;
  • Authentication information;
  • Customer records;
  • Internal communications; and
  • Other information entrusted to us by a client.

We process such information only where reasonably necessary for the applicable service, authorized purpose, contractual arrangement, client instruction, or legal obligation.

Additional protections may arise through:

  • Non-disclosure agreements;
  • Confidentiality clauses;
  • Service agreements;
  • Employment or contractor obligations;
  • Data processing agreements;
  • Client instructions;
  • Role-based access restrictions; and
  • Other technical and organizational safeguards.

5. Information We Do Not Intentionally Request Through the Public Website

Our public website is not intended as a general-purpose portal for submitting sensitive personal information.

Unless specifically requested through an appropriate and authorized process, you should not submit passwords, complete payment card details, government identification numbers, bank account credentials, or other highly sensitive information through the general Contact Us form.

6. How We Collect Personal Information

We may collect personal information:

  • Directly from you;
  • When you submit a website form;
  • When you contact us by email;
  • When you communicate through WhatsApp or SMS;
  • When you participate in meetings;
  • When you request a quotation or proposal;
  • When you enter into a contract;
  • When you purchase or subscribe to a service;
  • When you make a payment;
  • When you submit an invoice-related enquiry;
  • When you apply for a job;
  • When a client provides information necessary for service delivery;
  • Through systems we are authorized to access;
  • Through technical logs and infrastructure;
  • From payment service providers;
  • From business partners or authorized representatives; and
  • From publicly available sources where lawful and appropriate.

7. Purposes for Which We Use Personal Information

We may use personal information for purposes including:

  • Responding to enquiries;
  • Communicating with prospective customers;
  • Preparing quotations and proposals;
  • Evaluating service requirements;
  • Entering into and administering contracts;
  • Providing services;
  • Managing projects;
  • Maintaining websites and software;
  • Providing technical support;
  • Managing cloud and server infrastructure;
  • Providing hosting services;
  • Providing SEO services;
  • Providing AI-related services;
  • Providing dedicated developer or support services;
  • Providing accounting services;
  • Providing virtual assistant services;
  • Managing customer relationships;
  • Processing billing and payments;
  • Administering recurring subscriptions;
  • Sending invoices;
  • Reconciling transactions;
  • Managing failed payments;
  • Processing approved refunds;
  • Maintaining business and accounting records;
  • Communicating through email, WhatsApp, SMS, meetings, and project tools;
  • Managing information security;
  • Preventing and investigating fraud or abuse;
  • Investigating incidents;
  • Troubleshooting;
  • Maintaining backups;
  • Protecting legal rights;
  • Establishing, exercising, or defending legal claims;
  • Complying with legal obligations;
  • Managing vendors and service providers;
  • Recruiting personnel;
  • Improving services and operations;
  • Maintaining internal administration; and
  • Other lawful purposes disclosed at the time of collection or reasonably connected with the relevant relationship.

8. Legal Bases and Lawful Grounds for Processing

The lawful basis or ground for processing depends on the applicable law, jurisdiction, relationship, and circumstances.

Where required or recognized by applicable law, we may process personal information based on one or more grounds such as:

  • Your consent;
  • Your authorization or voluntary provision of information;
  • Steps taken at your request before entering into a contract;
  • Performance of a contract;
  • Compliance with legal obligations;
  • Legitimate interests where recognized and available under applicable law;
  • Protection of legal rights;
  • Prevention and investigation of fraud or security incidents;
  • Compliance with lawful requests;
  • Certain legitimate uses or other permitted grounds recognized by applicable law; and
  • Other lawful bases available under the relevant legal framework.

We do not rely on a legal basis merely because it is listed in this Policy. The basis used for a particular activity depends on the facts and applicable law.

Where consent is the applicable basis for processing, you may have the right to withdraw consent, subject to applicable law and the consequences of withdrawal.

Withdrawal of consent does not necessarily affect processing lawfully undertaken before withdrawal and may not prevent processing that is permitted or required on another lawful basis.

9. Wisdom Tooth Consultants as Controller or Data Fiduciary

We generally determine the purposes and means of processing when we handle personal information for our own business operations, including:

  • Website enquiries;
  • Sales enquiries;
  • Customer relationship management;
  • Contract administration;
  • Billing;
  • Invoicing;
  • Subscription management;
  • Business communications;
  • Vendor management;
  • Recruitment;
  • Security;
  • Legal compliance; and
  • Internal administration.

In such circumstances, depending on applicable law, Wisdom Tooth Consultants may act as the relevant controller, data fiduciary, business, organization, or equivalent responsible entity.

10. Wisdom Tooth Consultants as Processor or Service Provider

In many client engagements, we may process personal information on behalf of a client while providing services.

Examples may include:

  • Accessing a client's application database during maintenance;
  • Troubleshooting production systems;
  • Managing servers;
  • Maintaining websites;
  • Accessing logs;
  • Processing accounting records;
  • Performing virtual assistant tasks;
  • Supporting customer databases;
  • Accessing email or calendar systems;
  • Working within CRM systems;
  • Managing e-commerce systems;
  • Supporting educational systems;
  • Processing documents for authorized AI-related workflows;
  • Accessing backups;
  • Performing migrations; and
  • Providing technical support.

In these circumstances:

  • The client may determine the primary purposes and essential means of processing;
  • We may process information under the client's instructions;
  • The client's privacy policy or notice may govern its relationship with affected individuals;
  • A contract, confidentiality agreement, non-disclosure agreement, or data processing agreement may impose additional obligations; and
  • Requests concerning client-controlled data may need to be directed to the relevant client.

If you contact us about personal information we process solely on behalf of a client, we may refer the request to that client or assist the client as required by contract or applicable law.

11. Accounting Services and Financial Information

When providing accounting-related services, we may process information necessary for:

  • Bookkeeping;
  • Invoice processing;
  • Expense entry;
  • Bank reconciliation;
  • Payroll support;
  • Tax preparation support;
  • Accounts payable;
  • Accounts receivable; and
  • Related accounting or administrative activities.

This may involve authorized access to:

  • Bank statements;
  • Transaction records;
  • Bank account information;
  • Tax documents;
  • Payroll information;
  • Salary information;
  • Employee records;
  • Vendor information;
  • Government identification information where present in authorized records;
  • Payment-related information; and
  • Other financial or business records.

We process such information only as reasonably necessary for the agreed service, authorized instructions, contractual obligations, and applicable law.

Accounting engagements may also be subject to non-disclosure agreements, confidentiality clauses, access controls, and other contractual safeguards.

12. Virtual Assistant Services

When providing virtual assistant services, authorized personnel may access client systems such as:

  • Email accounts;
  • Calendars;
  • Customer relationship management systems;
  • Customer databases;
  • E-commerce systems;
  • Social media accounts;
  • Financial systems;
  • Educational systems;
  • Communication platforms;
  • Project management systems; and
  • Other authorized business systems.

The nature and extent of access depend on the client's instructions and the agreed service.

Clients are responsible for ensuring that they have appropriate authority and, where required, a lawful basis to provide access to personal information processed through their systems.

13. Software Development, Maintenance, and Technical Support

When providing software development, maintenance, hosting, cloud management, or technical support services, we may have authorized access to personal information contained in:

  • Applications;
  • Databases;
  • Production servers;
  • Test environments;
  • Development environments;
  • Backups;
  • Logs;
  • Support systems;
  • Cloud infrastructure;
  • Source code repositories;
  • API systems; and
  • Related technical environments.

We seek to limit access to what is reasonably necessary for the relevant service, role, task, or authorized purpose.

Where reasonably practicable and appropriate, clients should avoid placing unnecessary personal information in development or testing environments and should use anonymized, pseudonymized, synthetic, masked, or otherwise minimized data.

14. Artificial Intelligence Tools Used in Our Work

Wisdom Tooth Consultants may use artificial intelligence and AI-assisted tools in connection with software development, research, productivity, documentation, coding, analysis, content support, technical assistance, and service delivery.

Such tools may include services or technologies associated with:

  • ChatGPT;
  • Claude;
  • Gemini;
  • GitHub Copilot;
  • Cursor;
  • OpenAI API; and
  • Other AI-enabled tools selected from time to time.

As part of our operating practice, when customer-provided information is used with general-purpose AI tools, we seek to remove or avoid directly identifying personal information and do not intentionally submit information protected by a non-disclosure agreement where doing so would be inconsistent with that agreement.

Where identifiable, confidential, restricted, or otherwise sensitive information is proposed to be processed through an AI service, we may require appropriate authorization, a suitable service configuration, contractual safeguards, data minimization, or another appropriate basis before doing so.

AI-assisted workflows may involve third-party technology providers. The privacy, retention, security, geographic processing, and contractual practices of those providers may apply to information processed through their systems.

We may revise the AI tools used in our operations as technologies, client requirements, security considerations, and service needs change.

15. AI Services Provided to Clients

Where we provide AI-related services, we may process client-provided or authorized materials such as:

  • Customer documents;
  • User prompts;
  • Uploaded files;
  • Images;
  • Audio;
  • Video;
  • API logs;
  • Technical information;
  • Configuration information; and
  • Other content necessary for the agreed AI service.

As a standard practice for the AI services currently contemplated by this Policy, we do not intend to process client end-user chat histories or personal data belonging to a client's users unless the specific project requires such processing and appropriate terms, instructions, and safeguards are established.

The exact processing activities depend on the relevant project, architecture, client instructions, third-party AI services, and contractual arrangement.

Where a project requires materially different processing, additional contractual, privacy, security, or data-processing terms may apply.

16. Cookies and Similar Technologies

At the effective date of this Policy, our public website does not intentionally use cookies for analytics, behavioral advertising, remarketing, or cross-site tracking.

We do not currently intentionally use website analytics or advertising technologies such as:

  • Google Analytics;
  • Meta Pixel;
  • LinkedIn Insight Tag; or
  • Similar behavioral advertising or remarketing technologies

on the public website.

Limited technical information may nevertheless be processed by hosting providers, server infrastructure, security systems, browsers, or network intermediaries as necessary to deliver, secure, and operate the website. Such technical processing does not necessarily involve cookies placed by Wisdom Tooth Consultants.

If we introduce cookies, analytics, advertising technologies, or similar tracking tools in the future, we may update this Policy and, where required by applicable law, provide appropriate notice, controls, or consent mechanisms.

17. Advertising, Sale, and Sharing of Personal Information

We do not currently use personal information collected through our website for behavioral advertising or remarketing.

We do not sell or rent personal information to third parties for monetary consideration.

We also do not intentionally share personal information for cross-context behavioral advertising as that concept is defined under applicable California privacy law.

If our practices materially change, we will update this Policy and take any additional steps required by applicable law.

18. How We Disclose Personal Information

We may disclose personal information where reasonably necessary and lawful, including to:

  • Payment service providers;
  • Cloud service providers;
  • Hosting providers;
  • Email infrastructure providers;
  • File storage providers;
  • Communication platforms;
  • Project management platforms;
  • Source code repository providers;
  • AI technology providers where appropriately used;
  • Professional advisers;
  • Accountants;
  • Auditors;
  • Legal advisers;
  • Contractors and authorized personnel;
  • Security providers;
  • Clients where we process information on their behalf;
  • Government authorities where lawfully required;
  • Courts, tribunals, arbitrators, regulators, or law enforcement where lawfully required or permitted; and
  • Other service providers reasonably necessary to operate our business or provide services.

We seek to limit disclosures to information reasonably necessary for the relevant purpose and to use appropriate safeguards where required by applicable law or contract.

19. Service Providers and Platforms

Depending on the relevant service or workflow, information may be processed using third-party platforms and infrastructure in categories such as:

  • Payment processing;
  • Cloud computing;
  • Website hosting;
  • File storage;
  • Email infrastructure;
  • Video conferencing;
  • Team communication;
  • Project management;
  • Source code hosting;
  • AI services;
  • Productivity tools;
  • Security services; and
  • Other technical infrastructure.

Current or commonly used providers and platforms may include services associated with:

  • PayGlocal;
  • Amazon Web Services (AWS);
  • Vercel;
  • Hostinger;
  • GoDaddy;
  • Google services, including Google Sheets, Google Drive, Google Meet, and other relevant services;
  • Microsoft services, including Microsoft Teams and OneDrive;
  • Slack;
  • WhatsApp;
  • Zoom;
  • Jira;
  • Trello;
  • Asana;
  • GitHub;
  • Bitbucket;
  • ChatGPT;
  • Claude;
  • Gemini;
  • GitHub Copilot;
  • Cursor;
  • OpenAI API; and
  • Other providers selected according to project or operational requirements.

The inclusion of a provider in this list does not mean that every category of personal information is sent to that provider or that the provider is used for every customer or project.

The use of a particular provider depends on the relevant project, client arrangement, service, technical architecture, contractual requirements, and business need.

Third-party providers may process information under their own terms, privacy notices, contractual commitments, security measures, and legal obligations. Where required, we may use contracts or other appropriate measures in connection with service-provider processing.

20. International Data Transfers and Access

Wisdom Tooth Consultants operates from India and serves customers in multiple countries, including the United States, Canada, the United Kingdom, the Dominican Republic, The Bahamas, Papua New Guinea, India, and other countries.

Personal information may therefore be:

  • Accessed from India;
  • Stored in another country;
  • Processed through international cloud infrastructure;
  • Transferred between countries;
  • Remotely accessed by authorized personnel; or
  • Processed by service providers operating internationally.

The countries in which information is processed may have privacy and data protection laws that differ from those of the individual's country.

Where an international transfer is restricted or otherwise regulated by applicable law, we seek to use an available lawful transfer mechanism or other appropriate safeguard as required for the particular transfer.

Depending on the applicable legal framework, measures may include:

  • Contractual protections;
  • Data processing agreements;
  • Approved or recognized contractual clauses;
  • Recognized transfer instruments or mechanisms;
  • Adequacy-based mechanisms where available;
  • Transfer risk assessments where required;
  • Access restrictions;
  • Encryption;
  • Data minimization;
  • Other appropriate safeguards; or
  • Another lawful basis or exception available under applicable law.

The appropriate mechanism depends on the countries involved, the organizations involved, the nature of the transfer, the applicable law, and the relevant contractual relationship.

21. Data Storage

Personal information may be stored in systems including:

  • Our own cloud server infrastructure;
  • Google Sheets;
  • Google Drive;
  • Microsoft OneDrive;
  • Cloud platforms;
  • Hosting platforms;
  • Local company computers;
  • Authorized personnel devices where reasonably necessary and appropriately controlled;
  • Source code repositories;
  • Project management platforms;
  • Communication platforms;
  • Backup systems;
  • Client-controlled systems; and
  • Other service-provider infrastructure.

The particular storage location depends on the relevant business process, client engagement, service, system configuration, and technical requirements.

22. Data Security

We use reasonable technical and organizational measures designed to protect personal information according to the nature of the information, risks involved, context of processing, and available technology.

Measures used within our operations may include:

  • Role-based access controls;
  • Password protection;
  • Multi-factor authentication;
  • Encryption where appropriate;
  • Access limited according to job responsibility;
  • Employee confidentiality obligations;
  • Backup processes; and
  • Other technical or organizational controls appropriate to the relevant system and service.

Security measures may vary by system, service, client environment, and risk level. The inclusion of a measure above does not mean that every measure is technically available or applied identically to every system.

No method of electronic transmission, storage, software operation, cloud hosting, or information security is completely secure. Accordingly, we cannot guarantee absolute security.

23. Confidentiality

Our personnel may be subject to confidentiality obligations appropriate to their roles.

Certain client engagements may also be governed by:

  • Non-disclosure agreements;
  • Confidentiality clauses;
  • Service contracts;
  • Data processing agreements;
  • Access restrictions; and
  • Client-specific security requirements.

The existence of this Privacy Policy does not replace any stronger confidentiality obligation agreed in a separate written contract.

24. Data Minimization

We seek, where reasonably practicable and appropriate, to collect, access, and process personal information relevant to the applicable purpose.

In technical and service-delivery contexts, measures may include:

  • Limiting access;
  • Removing unnecessary identifiers;
  • Using anonymized information;
  • Using pseudonymized information;
  • Using synthetic data;
  • Masking information;
  • Restricting production data access; and
  • Limiting information shared with third-party tools.

The appropriate measure depends on the relevant service, technical environment, contractual requirements, purposes, and risks involved.

25. Data Accuracy

We take reasonable steps, appropriate to the circumstances, to maintain the accuracy and completeness of personal information where accuracy is relevant to the purpose for which the information is processed.

You may contact us to request correction or updating of personal information where applicable.

Where we process information solely on behalf of a client, correction requests may need to be handled by or coordinated with the relevant client.

26. Data Retention

We retain personal information only for as long as reasonably necessary for the purposes for which it was collected or processed, subject to applicable legal, contractual, accounting, tax, security, dispute-resolution, and legitimate business requirements.

Retention periods may vary depending on:

  • The nature and sensitivity of the information;
  • The purpose of processing;
  • The duration of the customer relationship;
  • The duration of a contract;
  • Ongoing service requirements;
  • Legal obligations;
  • Accounting and tax requirements;
  • Applicable limitation periods;
  • Potential or actual disputes;
  • Fraud prevention;
  • Security requirements;
  • Backup cycles;
  • Client instructions;
  • Technical feasibility; and
  • Legitimate business recordkeeping needs.

We may retain certain information after termination of a service where reasonably necessary to:

  • Comply with law;
  • Maintain financial and transaction records;
  • Establish, exercise, or defend legal claims;
  • Resolve disputes;
  • Prevent fraud;
  • Maintain security records;
  • Enforce agreements; or
  • Meet other lawful obligations.

Where information is no longer reasonably necessary, we may delete, anonymize, de-identify, aggregate, or otherwise dispose of it in an appropriate manner, subject to legal, contractual, backup, and technical constraints.

27. Backup Copies

Personal information may remain temporarily in backups after deletion from active systems.

Backup copies may be retained according to backup cycles, disaster-recovery requirements, security practices, contractual obligations, and technical feasibility.

Where appropriate, information in backups may be isolated from ordinary use and removed through normal backup expiration, rotation, or replacement cycles.

28. Your Privacy Rights

Depending on your location, relationship with us, the nature of the processing, and applicable law, you may have rights concerning your personal information.

These rights may include the right to:

  • Request access to personal information;
  • Request information about processing;
  • Request correction of inaccurate information;
  • Request completion or updating of information;
  • Request deletion or erasure;
  • Withdraw consent where processing is based on consent;
  • Object to certain processing;
  • Request restriction of certain processing;
  • Request data portability where applicable;
  • Request information about categories of personal information collected or disclosed where applicable;
  • Opt out of certain sales or sharing where such rights apply;
  • Lodge a complaint with a competent authority;
  • Seek grievance redressal;
  • Nominate another person to exercise certain rights where provided by applicable law; and
  • Exercise other rights provided by applicable law.

Not every right applies in every jurisdiction, to every organization, or in every circumstance.

A request may be subject to:

  • Reasonable identity verification;
  • Verification of authority to act for another person;
  • Legal exceptions;
  • Rights and freedoms of other persons;
  • Confidentiality obligations;
  • Security requirements;
  • Client instructions where we act on behalf of a client;
  • Applicable response procedures; and
  • Other limitations permitted by law.

29. How to Exercise Privacy Rights

To submit a privacy request, contact:

accounts@wisdomtoothtechnologies.com

Please describe your request with sufficient detail to allow us to identify the relevant information and understand the action requested.

We may request reasonable information to verify:

  • Your identity;
  • Your authority to act for another person;
  • Your relationship with us; and
  • The information to which the request relates.

We will respond in accordance with applicable law.

Where we process information solely on behalf of a client, we may direct the request to the relevant client or coordinate with the client as appropriate.

30. Grievances and Privacy Concerns

If you have a concern about our processing of personal information, please contact:

Wisdom Tooth Consultants
Email: accounts@wisdomtoothtechnologies.com

Please provide sufficient information to allow us to understand, identify, and review the concern.

We will seek to review privacy grievances and respond in accordance with applicable law and the circumstances of the matter.

Nothing in this section limits any right you may have to contact an applicable data protection, privacy, consumer protection, or other competent authority.

31. India

Where applicable Indian data protection law applies to the relevant processing, Wisdom Tooth Consultants will seek to process digital personal data in accordance with applicable requirements, including requirements arising under the Digital Personal Data Protection Act, 2023, applicable rules made under it, and other applicable Indian law, taking into account applicable commencement and enforcement provisions.

Depending on the applicable law, circumstances, and role of Wisdom Tooth Consultants, individuals may have rights or mechanisms relating to matters such as:

  • Access to information concerning personal data processing;
  • Correction;
  • Completion;
  • Updating;
  • Erasure;
  • Grievance redressal;
  • Withdrawal of consent where applicable;
  • Nomination where provided by law; and
  • Other rights recognized by applicable law.

The availability, scope, procedure, and timing of a particular right depend on the applicable legal provisions, commencement or enforcement status, lawful exceptions, and the circumstances of the processing.

Requests or grievances may be submitted to:

accounts@wisdomtoothtechnologies.com

32. California Residents

If you are a California resident, California privacy law may provide additional rights where the relevant law applies to Wisdom Tooth Consultants and the particular processing activity.

Where applicable, such rights may include rights to:

  • Know or access certain personal information;
  • Request correction;
  • Request deletion;
  • Receive information about categories of personal information collected, used, or disclosed;
  • Opt out of the sale or sharing of personal information;
  • Limit certain uses or disclosures of sensitive personal information where applicable; and
  • Be free from unlawful discrimination or retaliation for exercising applicable privacy rights.

Wisdom Tooth Consultants does not sell personal information and does not intentionally share personal information for cross-context behavioral advertising.

Because legal applicability depends on statutory thresholds, exemptions, relationships, and particular processing activities, this section does not represent that every California privacy statute applies to every interaction with Wisdom Tooth Consultants.

California residents may submit requests to:

accounts@wisdomtoothtechnologies.com

33. United Kingdom Residents

Individuals in the United Kingdom may have rights under applicable UK data protection law where that law applies to the relevant processing.

Depending on the circumstances, these may include rights relating to:

  • Access;
  • Correction;
  • Erasure;
  • Restriction;
  • Objection;
  • Data portability;
  • Withdrawal of consent; and
  • Complaints to a competent supervisory authority.

Where UK data protection law applies to an international transfer and the transfer is restricted under that law, we seek to use an applicable lawful transfer mechanism or safeguard.

Depending on the circumstances, this may involve a recognized transfer mechanism, contractual safeguards, an applicable adequacy arrangement, or another lawful basis available under UK law.

Requests may be submitted to:

accounts@wisdomtoothtechnologies.com

34. Canadian Residents

Individuals in Canada may have rights under applicable federal or provincial privacy law, depending on the circumstances, location, nature of the organization, and processing activity.

Where applicable, rights or protections may include:

  • Requesting access to personal information;
  • Requesting correction of inaccurate information;
  • Receiving information about relevant privacy practices;
  • Withdrawing consent in circumstances where applicable;
  • Raising concerns about privacy practices; and
  • Exercising other rights available under applicable law.

Where Canadian privacy law applies, relevant principles may include accountability, identifying purposes, appropriate consent, limiting collection, limiting use, disclosure and retention, accuracy, safeguards, openness, individual access, and mechanisms to challenge compliance.

Requests may be submitted to:

accounts@wisdomtoothtechnologies.com

35. Other Countries and Regions

We serve customers in multiple countries, including the Dominican Republic, The Bahamas, Papua New Guinea, and other jurisdictions.

Individuals may have additional privacy rights under laws applicable to them, to Wisdom Tooth Consultants, or to the relevant processing activity.

Where applicable law grants a mandatory privacy right, we will seek to respond in accordance with that law.

36. Children's Privacy

Our public website and our own general services are not intentionally directed to children under the age of 18, and we do not knowingly seek to collect personal information directly from children through our public website.

However, because we provide services to businesses, ministries, educational institutions, and other organizations, we may sometimes process information relating to children on behalf of a client.

Where this occurs:

  • The client may be responsible for determining the lawful basis and purpose of processing;
  • We may act as a processor or service provider;
  • Additional contractual or legal requirements may apply;
  • Access should be limited according to service need; and
  • The client's own privacy notices and obligations may apply.

If you believe a child has submitted personal information directly to us through our public website without appropriate authorization, please contact:

accounts@wisdomtoothtechnologies.com

37. Job Applicants

Personal information submitted by job applicants may be used to:

  • Review applications;
  • Assess qualifications;
  • Communicate with candidates;
  • Conduct interviews;
  • Evaluate suitability;
  • Verify information where lawful and appropriate;
  • Maintain recruitment records;
  • Consider candidates for relevant positions; and
  • Comply with legal obligations.

Applicant information may be retained for a reasonable period based on recruitment needs, legal requirements, potential future opportunities where appropriate, dispute prevention, and legitimate recordkeeping purposes.

38. WhatsApp and SMS Communications

If you communicate with us through WhatsApp or SMS, information may be processed through telecommunications providers and the relevant messaging platform.

Such information may include:

  • Telephone number;
  • Profile information made available through the platform;
  • Message content;
  • Attachments;
  • Date and time information; and
  • Communication metadata.

Your use of a third-party messaging service is also subject to that provider's terms and privacy practices.

39. Third-Party Links

Our website or communications may contain links to third-party websites, services, applications, or platforms.

We are not responsible for the independent privacy practices of third parties.

You should review the privacy notices of third-party services before providing personal information to them.

40. Business Transfers and Organizational Changes

If Wisdom Tooth Consultants undergoes or considers a:

  • Merger;
  • Acquisition;
  • Reorganization;
  • Restructuring;
  • Sale of business assets;
  • Transfer of service operations; or
  • Similar transaction,

personal information may be disclosed or transferred as reasonably necessary for the transaction, subject to applicable law, confidentiality obligations, due diligence controls, and appropriate safeguards where required.

41. Legal and Regulatory Disclosures

We may disclose personal information where reasonably necessary to:

  • Comply with applicable law;
  • Respond to valid legal process;
  • Comply with a court order;
  • Respond to lawful regulatory requests;
  • Cooperate with law enforcement where legally required or permitted;
  • Establish, exercise, or defend legal claims;
  • Enforce agreements;
  • Protect rights or property;
  • Protect information or system security;
  • Investigate fraud;
  • Prevent harm; or
  • Meet other lawful obligations.

Where permitted and appropriate, we may assess the validity and scope of a request before disclosure.

42. Automated Decision-Making

We may use automation and AI-assisted tools in our operations and services.

Unless specifically disclosed in connection with a particular service, we do not intend to make decisions producing legal or similarly significant effects about individuals solely through automated processing without appropriate human involvement where such safeguards are required by applicable law.

If a particular service involves materially different automated decision-making, additional notices, assessments, contractual terms, or other safeguards may apply.

43. Browser Privacy Signals

Because our public website does not currently intentionally use behavioral advertising, remarketing, or cross-site tracking technologies, we do not currently maintain a separate behavioral-advertising opt-out process for such activities.

Where applicable law requires recognition of a legally mandated opt-out preference signal for processing that we undertake, we will seek to comply with the applicable requirement.

44. Changes to This Privacy Policy

We may update this Policy from time to time to reflect changes in:

  • Our services;
  • Business operations;
  • Technology;
  • Service providers;
  • Data practices;
  • Security practices;
  • Legal requirements;
  • Regulatory guidance; or
  • International operations.

The updated Policy may be published on our website with a revised effective date.

Where required by applicable law, we may provide additional notice of material changes or obtain consent where a new consent is legally required.

Changes to this Policy do not retroactively make previously unlawful processing lawful and do not override rights or obligations that cannot lawfully be changed by publication of an updated policy.

45. Relationship With Other Agreements

This Policy should be read together with any applicable:

  • Terms and Conditions;
  • Refund and Cancellation Policy;
  • Signed contract;
  • Service agreement;
  • Proposal;
  • Statement of work;
  • Order form;
  • Non-disclosure agreement;
  • Data processing agreement; and
  • Other written arrangement.

A separate agreement may impose additional privacy, confidentiality, security, or data-processing obligations.

Where we process personal information on behalf of a client, the applicable client agreement, instructions, and data-processing terms may govern that processing.

Nothing in this Policy reduces a stronger obligation contained in an applicable separate agreement unless that agreement lawfully provides otherwise.

46. Governing Law and Dispute Resolution

This Policy is governed by the dispute-resolution framework set out in our Terms and Conditions, subject to applicable law and any mandatory privacy, data protection, consumer, regulatory, or complaint rights that cannot lawfully be excluded or waived.

Where a dispute is legally capable of resolution through arbitration and is subject to the arbitration provisions of our Terms and Conditions, the juridical seat and legal place of arbitration shall be Kochi, Kerala, India, in accordance with the applicable provisions of those Terms and Conditions.

Nothing in this Policy is intended to:

  • Prevent an individual from exercising a mandatory privacy right;
  • Prevent a complaint to a competent privacy, data protection, consumer, or regulatory authority where such a right exists;
  • Require arbitration of a matter that cannot lawfully be required to be arbitrated;
  • Confer jurisdiction on a court that cannot lawfully exercise it; or
  • Exclude rights or remedies that cannot lawfully be excluded.

47. Contact Us

For privacy questions, requests, concerns, grievances, or complaints, please contact:

Wisdom Tooth Consultants
No. 28/A, 2nd Floor
Krishna Reddy Colony
Patel Rama Reddy Road
Bengaluru, Karnataka 560071
India

Website: wisdomtooth.tech
Email: accounts@wisdomtoothtechnologies.com