Progile Technologies

Data Protection Policy (GDPR-Compliant)

Updated on: 23 February 2026


Progile Technologies Pvt Ltd ("Progile", "we", "our", or "us") is committed to protecting personal data in accordance with:
  • UK GDPR
  • EU GDPR (where applicable)
  • Bharath (Indian) IT Act (where relevant)
This policy outlines how we collect, process, store, and protect personal data.

Scope
  • All employees, contractors, and partners
  • All systems and platforms developed or managed by Progile
  • All personal data processed on behalf of clients

Definitions

Personal Data: Any information relating to an identified or identifiable individual.

Processing: Collection, storage, use, transfer, or deletion of data.

Data Controller: Entity determining purpose of processing (usually client).

Data Processor: Entity processing data on behalf of controller (Progile).


Lawful Basis for Processing

Progile processes data only when:

  • Contractual necessity (client agreements)
  • Legal obligation
  • Legitimate interest
  • Explicit consent (if required)

Types of Data Processed
  • Names, email addresses, phone numbers
  • Business contact details
  • User account information
  • IP addresses and usage logs
  • Payment or transactional data (if applicable)

Progile does not intentionally process special category data unless contractually required.


Data Protection Principles
  • Lawfulness, fairness, transparency
  • Purpose limitation
  • Data minimisation
  • Accuracy
  • Storage limitation
  • Integrity and confidentiality
  • Accountability

Security Measures
  • Role-based access control
  • Encrypted HTTPS communication (TLS)
  • Secure cloud hosting (AWS/Azure)
  • Strong password policies and Multi-Factor Authentication (MFA, Passkey)
  • Regular system updates and patching
  • Backup and disaster recovery procedures

Access to client data is restricted to authorised personnel only.


Data Retention

Personal data is retained only as long as required by contract or law. Upon contract termination, data is returned or securely deleted as per agreement.


Data Transfers

Where personal data is transferred outside the UK/EU, transfers are governed by appropriate safeguards such as Standard Contractual Clauses or equivalent protections.


Data Subject Rights

Individuals have the right to:

  • Access their personal data
  • Request correction
  • Request deletion
  • Restrict processing
  • Data portability
  • Object to processing

Requests are handled within statutory timelines.


Data Breach Management
  1. Immediate containment and investigation
  2. Client notification without undue delay
  3. Regulatory notification if required
  4. Corrective action implementation

Third-Party Processors

Progile may use trusted third parties (e.g., cloud providers). All third parties are required to maintain appropriate security standards.


Employee Responsibility
  • Must follow this policy
  • Must sign confidentiality agreements
  • Must report suspected breaches immediately

Third-Party Links

Our website may contain links to third-party sites. We are not responsible for the privacy practices or content of those sites.


Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date.


Connect With Us

If you have any questions about these Terms of Use, please connect with us