Privacy policy.

1. What personal data we collect.

We collect the following categories of personal data, only when you choose to share them with us:

• — Identity: name, salutation, profession (when relevant).
• — Contact: mobile number, email address, postal address, locality, pincode.
• — Property & water context: property type (apartment / villa / institutional), bedrooms, bathrooms, water source (municipal / borewell / mixed), reported symptoms, and any water-test results you share.
• — B2B / RFQ data: organisation name, application, capacity required, site location, project timeline, drawings or test reports you email to us.
• — Service history: once you become a customer, the date, parameters, and outcome of every monthly service visit; the engineer assigned; the AMC tier in force.
• — Technical: IP address, browser type, device, pages viewed, referring URL. Collected via cookies and analytics (see section 8).

We do not knowingly collect personal data from children under the age of 18. If a child’s data has been provided to us, please contact our Grievance Officer (section 11) and we will delete it.

2. Why we collect it (purposes).

We process personal data for the following specific, lawful purposes, in line with Section 4 of the DPDP Act:

• — To schedule and conduct your free water survey at your property.
• — To prepare a tailored system design, bill of materials, and quote.
• — To install, commission, and hand over the water system you purchase.
• — To provide monthly service visits, prepare service reports, and maintain your system over the life of the contract.
• — To respond to enquiries, RFQs, and remote-survey submissions.
• — To send service confirmations, renewal reminders, and AMC notices.
• — To comply with applicable Indian tax, accounting, consumer-protection, and legal-record-keeping requirements.
• — To improve the website and our service quality (analytics, anonymised).

We will not use your data for any purpose materially different from the one for which it was collected without your specific consent.

3. Legal basis (consent).

Where you submit a form on this website, you provide explicit, informed, free, specific, and unambiguous consent for us to process the data you share, for the purposes listed in section 2. Where we process service-history data, the basis is the contract between you and Uniwater. You may withdraw consent at any time (see section 6); withdrawal does not affect lawful processing already carried out.

4. How long we keep your data (retention).

• — Form submissions where no customer relationship follows: 24 months from submission, after which they are deleted or anonymised.
• — Customer records and service history: for the life of the service contract plus 7 years (to comply with Indian tax, accounting, and consumer-protection record-keeping requirements).
• — Marketing communication preferences: until you withdraw consent or 24 months from the last interaction.
• — Analytics and cookie data: aggregated and retained for a maximum of 26 months.

5. Who we share data with.

We do not sell, rent, or trade personal information. We share data only with the following parties, only as needed for the purposes in section 2:

• — Odoo SaaS (CRM): our customer-relationship system. Lead, customer, and service-visit data is stored here. Odoo S.A. (Belgium) is the data processor; data is stored in Odoo’s data centres. Cross-border transfer note: data may be processed outside India. By submitting a form you consent to this transfer.
• — Vercel and Cloudflare: website hosting and CDN. They process technical metadata (IP, request headers); no form-submission data is stored on their infrastructure.
• — Google Analytics 4 and Google Tag Manager: aggregated website analytics. No PII shared (see section 8).
• — WhatsApp Business (Meta): when you initiate a chat with us via the WhatsApp link, the conversation is governed by WhatsApp’s own privacy policy.
• — Legal authorities: if compelled by a valid Indian court order, government notice, or law-enforcement request.
• — Field engineers and service partners: only the data needed for them to deliver your service visit (your address, contact, system configuration, service history).

6. Your rights (as a Data Principal under the DPDP Act).

You have the following rights with respect to your personal data:

• — Right to access: request a copy of the personal data we hold about you.
• — Right to correction: ask us to correct inaccurate or incomplete data.
• — Right to erasure: ask us to delete your data, subject to our retention obligations under section 4.
• — Right to withdraw consent: withdraw consent for any processing you previously authorised.
• — Right to nominate: nominate another person to exercise your rights in the event of death or incapacity.
• — Right to grievance redressal: raise a grievance with our Grievance Officer (section 11). If unresolved within 30 days, you may approach the Data Protection Board of India.

To exercise any right, email support@uniwater.co.in with the subject “DPDP request — [your name]”. We will respond within 30 days.

7. How we secure your data.

We use industry-standard safeguards: TLS encryption for all data in transit, restricted access controls within our CRM, strong-password and 2FA requirements for staff accounts, encrypted storage of customer files at rest, and a documented incident-response procedure. Despite these measures, no transmission over the internet is fully secure; we cannot guarantee absolute security. If we become aware of a personal-data breach affecting your data, we will notify you and the Data Protection Board of India within the statutory timeframe.

8. Cookies and analytics.

We use essential cookies to maintain session state (e.g. the pincode-serviceability check, the exit-intent state). We use analytics cookies via Google Analytics 4 to understand aggregated visitor behaviour — these can be declined via your browser’s cookie controls. We do not use behavioural-advertising cookies or third-party retargeting pixels. We do not transfer your IP address in identifiable form to Google; IP anonymisation is enabled.

9. Cross-border transfer.

Our CRM (Odoo SaaS) and hosting infrastructure (Vercel) may store and process data outside India, in countries with data-protection regimes that may differ from India’s. By submitting a form you consent to such transfer. We require all data processors to maintain contractual safeguards consistent with the DPDP Act.

10. Changes to this policy.

We may update this policy from time to time. The “Last updated” date at the top of the page indicates when the most recent change was made. Material changes will be highlighted on this page for 30 days before they take effect.

11. Grievance officer.

Designated under Section 8(9) of the DPDP Act, 2023:

• Grievance Officer — Uniwater Solutions Pvt Ltd
• 316 Canal Street, Shribhumi
• Kolkata 700048, India
• Email: support@uniwater.co.in
• Phone: +91 97487 45193
• Response time: 30 days from receipt of a written grievance.

12. Contact us.

General questions about this policy, our practices, or your data: support@uniwater.co.in or +91 97487 45193.