sampark@samparksutra.in
+91 90092-44488

Privacy Policies

Home Privacy Policies
Privacy Policy - Sampark Sutra

Privacy Policy

Effective Date: 31 December 2025
Data Fiduciary: Sampark Sutra, Indore, Madhya Pradesh
Applicable Regulations: Digital Personal Data Protection Act (DPDP Act, 2023), IT Act 2000, TRAI Regulations.

At Sampark Sutra ("We," "Us," or "Our"), we are deeply committed to protecting the privacy and security of the data entrusted to us by our Clients ("You" or "User"). This Privacy Policy outlines how we collect, process, share, and protect your personal and business data when you utilize our full suite of services, including WhatsApp Business API, Bulk Communication (SMS/RCS/Voice), Digital Marketing (SEO/SMM/Ads), and Business Automation Solutions.

Core Principle: We operate as a Data Processor for the customer lists you upload to our platform. You retain full ownership of your campaign data. We do not sell, rent, or trade your contact lists or business strategies to third parties.

1. Information We Collect

We collect information to provide, secure, and improve our services across all business verticals. The data collected is categorized as follows:

Category Data Points Collected
Identity & Business Data Name, Business Name, Email Address, Phone Number, Physical Address, GSTIN, and PAN (for tax invoicing).
Marketing Assets (SEO/Ads) Access to your Google Analytics, Search Console, Meta Business Manager, Ad Account IDs, and website CMS credentials (only when explicit access is granted for management).
Campaign Data (Messaging) Customer phone numbers, names, variable data (e.g., "Hello [Name]"), media files, and message templates uploaded for broadcasting.
Automation Data API Keys, Webhook URLs, and workflow logic (e.g., n8n workflows) used to integrate your business systems.
Payment Data Transaction IDs, Payment Dates, and Bank References. Note: We do not store full Credit/Debit card numbers.

2. Purpose of Data Processing

We process your personal data only for specific, lawful reasons:

  • Service Delivery: To route messages through telecom operators and manage ad campaigns on platforms like Facebook and Google.
  • Regulatory Compliance (TRAI/DLT): To submit your Entity ID, Headers (Sender IDs), and Templates to DLT portals for mandatory scrubbing.
  • Lead Management: To process leads generated via Meta Ads or Website Forms and forward them to your CRM or Google Sheets via our automation tools.
  • Analytics & Reporting: To generate performance reports regarding SEO rankings, Ad Spend ROI, and Message Delivery rates.
  • Billing & Administration: To generate GST-compliant invoices and manage credit wallets.

3. Data Sharing & Third-Party Processors

To function as a comprehensive Digital Agency, we integrate with specific infrastructure partners. We share only the minimum necessary data required.

3.1. Infrastructure & Ad Partners

  • Meta Platforms, Inc.: For WhatsApp Business API and Facebook/Instagram Advertising data.
  • Google: For RCS Messaging, Google Ads, Analytics, and Search Console data.
  • Telecom Operators (Jio/Airtel/Vi/BSNL): For SMS and Voice call termination.
  • Cloud Providers: We may use secure cloud servers (e.g., AWS, DigitalOcean) to host automation workflows (n8n) or dashboards.

3.2. Legal Disclosure

We may disclose your data if required by law, such as in response to a court order, a request from the Cyber Crime Cell, or directives from the Telecom Regulatory Authority of India (TRAI) regarding unsolicited commercial communication (UCC).

4. Data Security Measures

We employ industry-standard security practices to safeguard your information:

  • Credential Protection: Client passwords and API keys are stored using encryption.
  • Access Control: Access to your Ad Accounts or CMS is restricted to authorized account managers only.
  • Confidentiality: We treat your business strategies, keywords, and unreleased product data as strictly confidential.

5. Data Retention Policy

  • Account Information: Retained for the lifetime of your account plus 2 years.
  • Transaction Records: Retained for 8 years as mandated by Indian Tax Laws.
  • Message Logs: Retained for 12 months for TRAI audit trails.
  • Lead Data: Leads processed through our automation are passed to you immediately; we do not store lead databases long-term unless requested for backup services.

6. Your Rights (DPDP Act & Users)

As a user, you have specific rights regarding your data:

  • Right to Access: Request a summary of the personal data we hold about you.
  • Right to Withdraw Consent: You may revoke our access to your Ad Accounts or Analytics at any time via the respective platform settings.
  • Right to Erasure: Request the deletion of your account. (Note: Some data must be retained for legal compliance).
  • Right to Grievance Redressal: You have the right to file a complaint regarding our data processing activities.

7. Contact & Grievance Officer

In accordance with the Information Technology Act 2000 and the DPDP Act 2023, if you have any questions or grievances, please contact our designated officer:

Name: Shubham Rawat
Designation: Grievance Officer
Company: Sampark Sutra
Address: Airport Road, Indore, Madhya Pradesh, India
Email: Shubham@samparksutra.in

We will respond to all grievances within 72 hours of receipt.