Privacy Policy

Your privacy is important to us. This policy explains how we collect, use, and protect your personal information in our digital marketing and PR services.

Last Updated: December 7, 2025

Croadz Digital collects personal information including name, contact details, company information, and marketing preferences when you use our digital marketing services. We use this data to deliver campaigns, provide analytics, and send marketing communications with your consent. Your data is protected through SSL encryption, secure servers, and access controls compliant with IT Act 2000, DPDPA 2023, and GDPR. You have rights to access, rectify, delete, and withdraw consent for your personal data at any time.

This Privacy Policy is governed by the Information Technology Act 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules 2011, the Digital Personal Data Protection Act 2023 (DPDPA), GDPR (where applicable), and other applicable data protection laws. We are committed to transparency in our data practices and protecting your privacy rights.

1. Information We Collect

1.1 Personal Information

We may collect personal information that you voluntarily provide to us when you:

  • Request information about our digital marketing or PR services
  • Register for consultations or strategy sessions
  • Subscribe to our newsletter, blog, or marketing communications
  • Participate in surveys, webinars, contests, or promotions
  • Contact us through email, phone, chat, or social media
  • Apply for employment opportunities
  • Engage us for marketing campaigns or PR services

1.2 Information Collected Includes

  • Name and contact details (email, phone number, address)
  • Company name, industry, and job title
  • Payment and billing information
  • Marketing preferences and campaign requirements
  • Social media profiles and engagement data
  • Website analytics and campaign performance data
  • Communication preferences and feedback

1.3 Automatically Collected Information

When you visit our website or interact with our digital campaigns, we automatically collect:

  • IP address, device information, and browser type
  • Pages visited, time spent, and navigation patterns
  • Referring website addresses and search terms
  • Cookies, pixels, and similar tracking technologies
  • Campaign engagement metrics (clicks, views, conversions)

1.4 Marketing Campaign Data

For clients using our services, we may collect and process:

  • Customer lists and audience data
  • Campaign performance metrics and analytics
  • Social media engagement and audience insights
  • SEO and website performance data
  • Advertising campaign data across platforms

2. How We Use Your Information

We use the collected information for the following purposes:

  • Service Delivery: To provide, maintain, and improve our digital marketing, SEO, social media, PR, and advertising services
  • Campaign Management: To plan, execute, optimize, and report on marketing and PR campaigns
  • Communication: To respond to inquiries, send campaign updates, and provide client support
  • Analytics & Optimization: To analyze campaign performance, website traffic, and optimize marketing strategies
  • Marketing Communications: To send newsletters, promotional materials, and information about our services (with your explicit consent)
  • Personalization: To tailor content, recommendations, and campaigns based on your preferences
  • Compliance & Legal: To comply with legal obligations and protect our legal rights
  • Security: To detect, prevent, and address fraud, technical issues, and security threats

3. Legal Basis for Processing

We process your personal information based on:

  • Consent: You have given free, specific, informed, and unambiguous consent for marketing communications and campaign participation
  • Contract Performance: Processing is necessary to fulfill our service agreements and deliver campaigns
  • Legal Obligation: We must comply with Indian and international data protection laws
  • Legitimate Interest: Processing is necessary for our legitimate business interests, provided your rights are not overridden

Marketing Consent

Under GDPR and DPDPA, we require your explicit consent before sending marketing communications. You can withdraw consent at any time by clicking unsubscribe links in our emails or contacting us directly.

4. Disclosure of Your Information

We may share your information with:

4.1 Service Providers & Marketing Platforms

Third-party vendors who perform services on our behalf, including:

  • Cloud hosting and data storage providers
  • Email marketing platforms (Mailchimp, Constant Contact)
  • Social media advertising platforms (Facebook, LinkedIn, Google)
  • Analytics and tracking services (Google Analytics, SEMrush, Ahrefs)
  • Customer relationship management systems (HubSpot, Salesforce)
  • Payment processors and financial institutions
  • PR distribution and media monitoring services

4.2 Advertising & Analytics Partners

We work with advertising networks and analytics providers to deliver targeted campaigns. These partners may collect data through cookies and pixels for advertising purposes.

4.3 Business Transfers

In connection with mergers, acquisitions, or sale of assets, your information may be transferred to the acquiring entity.

4.4 Legal Requirements

When required by law, court order, or governmental authority, or to protect our rights, safety, and property.

Important Note

We do not sell, rent, or trade your personal information to third parties for their independent marketing purposes without your explicit consent. You have the right to opt out of data sharing for targeted advertising.

5. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience and improve our marketing services:

  • Essential Cookies: Necessary for website functionality and service delivery
  • Analytics Cookies: Help us understand website traffic, campaign performance, and user behavior
  • Functional Cookies: Remember your preferences, settings, and login information
  • Marketing Cookies: Track your activity for targeted advertising, retargeting, and campaign optimization
  • Third-Party Cookies: Placed by advertising networks, social media platforms, and analytics providers

You can control cookie preferences through your browser settings or our cookie consent banner. However, disabling certain cookies may affect website functionality and campaign effectiveness. Please refer to our Cookie Policy for detailed information.

6. Data Security

We implement appropriate technical and organizational security measures to protect your personal information:

  • SSL/TLS encryption for data transmission
  • Secure servers with firewall protection and intrusion detection
  • Two-factor authentication and access controls
  • End-to-end encryption for sensitive client data
  • Regular security audits and vulnerability assessments
  • Employee training on data protection and security practices
  • Data backup and disaster recovery procedures
  • Secure third-party vendor agreements with GDPR compliance clauses

While we strive to protect your information, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

7. Data Retention

We retain your personal information only as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required by law:

  • Active client relationships: Duration of engagement plus 3 years
  • Marketing communications: Until you withdraw consent or unsubscribe
  • Campaign data: Duration required for performance analysis and reporting
  • Legal and regulatory compliance: As required by applicable laws
  • Tax and accounting records: As per financial regulations

After the retention period, we securely delete or anonymize your personal information in accordance with data protection standards.

8. Your Rights and Choices

Under Indian law, GDPR, and our commitment to privacy, you have the following rights:

  • Access: Request a copy of the personal information we hold about you
  • Rectification: Request correction of inaccurate or incomplete information
  • Erasure: Request deletion of your personal information (subject to legal obligations)
  • Withdraw Consent: Withdraw consent for marketing communications at any time
  • Opt-Out: Unsubscribe from marketing emails and targeted advertising
  • Data Portability: Request your data in a structured, commonly used format
  • Restrict Processing: Limit how we process your personal information
  • Object: Object to processing based on legitimate interests, including direct marketing
  • Do Not Sell or Share: Opt out of data sharing for targeted advertising purposes

To exercise these rights, please contact us using the information provided below. We will respond within 30 days.

9. Third-Party Links and Services

Our website and marketing campaigns may contain links to third-party websites, social media platforms, or advertising networks. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any personal information.

10. Children's Privacy

Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children. Under DPDPA, children's data cannot be used for direct marketing purposes. If we become aware that we have collected information from a child without parental consent, we will take immediate steps to delete that information.

11. International Data Transfers

As we serve clients globally and work with international marketing platforms, your information may be transferred to and processed in countries outside India, including the EU, USA, and other regions. We ensure that such transfers comply with applicable data protection laws:

  • Standard contractual clauses approved by relevant authorities
  • GDPR-compliant data processing agreements with vendors
  • Adequacy decisions for specific countries
  • Your explicit consent where required by DPDPA

12. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or marketing services. We will notify you of material changes by:

  • Posting the updated policy on our website
  • Updating the "Last Updated" date at the top of this page
  • Sending email notifications for significant changes
  • Obtaining renewed consent where required by law

Your continued use of our services after changes become effective constitutes acceptance of the updated policy.

13. Grievance Officer

In accordance with the Information Technology Act 2000, DPDPA, and Rules made thereunder, we have appointed a Grievance Officer to address your concerns regarding data protection and privacy.

Contact Information

Grievance Officer: Srushti Shah

Email: [email protected]

Phone: +91 91369 58750

Address: Croadz Digital, G-2, Mukund Nagar CHS Near Mukund Hospital & Airport Road Metro Station Marol Pipeline, Andheri - Kurla Rd, Andheri East, Mumbai, Maharashtra, India. Pincode - 400059.

Response Time: We aim to respond to all grievances within 30 days

14. Governing Law and Jurisdiction

This Privacy Policy shall be governed by and construed in accordance with the laws of India. Any disputes arising out of or relating to this policy shall be subject to the exclusive jurisdiction of the courts in Mumbai, Maharashtra, India.

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: [email protected]

Privacy Email: [email protected]

Phone: +91 91369 58750

Address: Croadz Digital, G-2, Mukund Nagar CHS Near Mukund Hospital & Airport Road Metro Station Marol Pipeline, Andheri - Kurla Rd, Andheri East, Mumbai, Maharashtra, India. Pincode - 400059.

Website: www.croadz.com

Frequently Asked Questions

Common questions about privacy, data protection, and your rights.

What personal information does Croadz Digital collect?

We collect personal information you voluntarily provide including name, email, phone number, company details, job title, payment information, and marketing preferences. We also automatically collect device information, IP address, browser type, pages visited, and campaign engagement metrics through cookies and tracking technologies. For clients using our services, we process campaign performance data, social media insights, SEO analytics, and advertising data across platforms to deliver effective marketing results.

How does Croadz Digital protect my personal data?

We protect your data through SSL/TLS encryption for data transmission, secure servers with firewall protection, two-factor authentication, access controls, end-to-end encryption for sensitive information, regular security audits, employee training on data protection, data backup procedures, and GDPR-compliant vendor agreements. While we implement industry-standard security measures, no internet transmission method is 100% secure, so we cannot guarantee absolute security despite our best efforts.

What are my data rights under Indian law and GDPR?

Under IT Act 2000, DPDPA 2023, and GDPR, you have the right to access your personal data, request corrections to inaccurate information, request deletion of your data (right to erasure), withdraw consent for marketing communications, opt out of targeted advertising, request data portability in a structured format, restrict how we process your information, and object to processing based on legitimate interests. To exercise these rights, contact us and we will respond within 30 days as required by law.

Does Croadz Digital share my data with third parties?

We share data with service providers who help deliver our services including cloud hosting providers, email marketing platforms, social media advertising platforms (Facebook, LinkedIn, Google), analytics services, CRM systems, payment processors, and PR distribution services. These vendors are contractually bound to protect your data and use it only for specified purposes. We do not sell, rent, or trade your personal information to third parties for their independent marketing without your explicit consent. You can opt out of data sharing for targeted advertising.

How can I opt out of marketing communications?

You can opt out of marketing communications at any time by clicking the unsubscribe link in any email we send, adjusting your email preferences in your account settings, or contacting us directly at [email protected]. Under GDPR and DPDPA, we require explicit consent for marketing emails and you can withdraw this consent anytime without affecting other services. Once you unsubscribe, we will stop sending marketing communications within 10 business days, though you may still receive transactional emails related to services you've purchased.

How long does Croadz Digital retain my personal data?

We retain personal information only as long as necessary for the purposes outlined in our privacy policy. Active client data is retained for the duration of engagement plus 3 years for service continuity. Marketing communications data is retained until you withdraw consent or unsubscribe. Campaign performance data is kept as long as required for analysis and reporting. Legal, tax, and accounting records are retained as required by applicable laws and regulations. After the retention period, we securely delete or anonymize your data in accordance with data protection standards.

Questions About Our Privacy Practices?

Our team is here to help. Contact us for any privacy-related inquiries or concerns about how we handle your data.

Contact Us