Privacy Policy

Last updated: 12 May 2026

This page describes how Aarohii AI Solution Private Limited (“we”, “us”, “our”) handles information in connection with the Captverse platform. It is provided for transparency and is not legal advice. Please have qualified counsel review it before you rely on it for compliance.

1. Scope and who this applies to

This Privacy Policy applies to visitors of https://captverse.com, users who sign up for or use Captverse (including trial accounts), administrators who configure workspaces, and anyone who interacts with our marketing pages, authentication flows, or support channels. It also describes our role when customers store information about their own contacts (for example homecustomers, channel partners, or employees) inside Captverse.

Depending on context, we may act as a data controller for account, billing, and platform analytics data, and as a data processor (or service provider) for personal data that a customer uploads or generates while using the service on their own behalf. Your organisation’s administrator may have additional notices or terms that apply to you as an end user of their workspace.

2. Categories of personal data we may process

We may process the following categories of information:

  • Account and profile data: name, work email address, phone number, company or tenant name, role, profile photo if you upload one, and credentials (passwords are stored using one-way hashing; we do not store plaintext passwords).
  • Workspace and CRM content: leads, projects, inventory, deals, follow-ups, notes, channel partner records, documents, and any personal data your team enters or imports. This may include names, phone numbers, email addresses, budgets, preferences, visit logs, and similar fields typical of sales workflows.
  • Communications and support: messages you send us, feedback, attachments, and metadata needed to respond (for example ticket identifiers).
  • Technical and usage data: IP address, device type, browser type, approximate location derived from IP, timestamps, pages or screens viewed, diagnostic logs, crash data, and performance metrics.
  • Integration and webhook data: if you connect third-party services or configure webhooks, we may process payloads, tokens, or configuration details strictly as needed to deliver those features.
  • Public microsites: where Captverse hosts a public project or partner page (for example under a URL such as /p/…), enquiry form submissions and related metadata may be collected and routed into the owning customer’s workspace.
  • Billing and tax: billing contact details, purchase history, and payment references. Payment card data is typically handled by our payment service provider; we generally receive status and tokenised references rather than full card numbers.

3. Purposes of processing

We use personal data for purposes that include:

  • Providing, operating, securing, and improving Captverse;
  • Authenticating users, enforcing access controls, and preventing fraud or abuse;
  • Delivering customer support and product communications (including service announcements where permitted);
  • Billing, accounting, and tax compliance;
  • Analysing aggregated or de-identified usage to understand feature adoption and reliability;
  • Complying with law, regulatory requests where legally required, and exercising or defending legal claims;
  • Facilitating integrations, exports, backups, and disaster recovery as configured by the customer.

4. Legal bases (where applicable)

Depending on your jurisdiction, processing may be supported by one or more of: performance of a contract with you or your organisation; our legitimate interests in operating a secure and reliable SaaS product (balanced against your rights); your consent where we request it (for example optional marketing cookies or certain communications); or compliance with a legal obligation. Where consent is the basis, you may withdraw consent without affecting the lawfulness of processing before withdrawal, except where processing is also supported by another basis.

5. How we share personal data

We may share personal data with:

  • Subprocessors and infrastructure providers who host data, send email or SMS, provide analytics, error reporting, customer support tooling, or security services. We select vendors with appropriate contractual protections and expect them to process data only on our instructions where they act as processors.
  • Your organisation and its administrators, who can access workspace content according to role permissions you or they configure.
  • Professional advisers (lawyers, auditors, insurers) where necessary and subject to confidentiality obligations.
  • Authorities when required by applicable law or to protect the rights, safety, and security of users, us, or the public.
  • Business transfers: in connection with a merger, acquisition, financing, or sale of assets, subject to appropriate safeguards and notice where required.

We do not sell personal data in the conventional sense of exchanging lists for monetary consideration. Where required by law, we will honour “do not sell or share” requests that apply to our role as a business.

6. International transfers

Captverse may be operated using servers or vendors located outside your country of residence, including in India and other regions. Where we transfer personal data across borders, we implement appropriate safeguards such as standard contractual clauses, intra-group agreements, or other mechanisms recognised under applicable law, in addition to technical and organisational measures described in our Security overview and customer agreements.

7. Retention

We retain personal data for as long as needed to provide the service, fulfil the purposes described in this policy, comply with legal obligations, resolve disputes, and enforce agreements. Workspace content is generally retained until the customer deletes it, deletes their account, or requests deletion subject to contract and law. Backup copies may persist for a limited period in accordance with our technical retention schedules. Aggregated or de-identified information may be retained longer where it no longer identifies you.

8. Security

We implement administrative, technical, and physical safeguards designed to protect personal data. A high-level description appears on our Security page. No method of transmission or storage is completely secure; we encourage customers to configure strong access controls, least-privilege roles, and monitoring within their own organisations.

9. Your privacy rights

Subject to applicable law, you may have rights to access, correct, update, or delete certain personal data; object to or restrict certain processing; port data in a machine-readable format where technically feasible; withdraw consent where processing is consent-based; and lodge a complaint with a supervisory or regulatory authority.

In India, the Digital Personal Data Protection Act, 2023 and related rules (as amended from time to time) may grant data principals rights including access, correction, erasure, grievance redressal, and nomination, within the scope and exceptions provided by law. The exact procedures and timelines may evolve with delegated legislation; we will update this policy and our processes as requirements become clearer.

Because workspace CRM data is often controlled by your employer or the subscribing organisation, we may need to route certain requests through your administrator or to confirm authorisation before acting.

10. Cookies, local storage, and similar technologies

We and our vendors may use cookies, local storage, session tokens, and similar technologies that are strictly necessary for authentication, session continuity, load balancing, fraud prevention, and preferences such as theme selection. Where we use optional analytics or advertising technologies that are not strictly necessary, we will align deployment with applicable consent requirements and update this policy accordingly.

11. Automated decision-making and AI-assisted features

Captverse may include productivity or automation features that assist users (for example suggested follow-up wording or routing). These features are designed to support human decision-making, not to make solely automated decisions with legal or similarly significant effects about individuals without appropriate safeguards. Customers remain responsible for how they use such outputs, including compliance with fair housing, marketing, and consumer protection laws where applicable.

12. Children’s privacy

Captverse is a business-to-business product and is not directed at children. We do not knowingly collect personal data from children under the age where parental consent is required in their jurisdiction. If you believe we have collected such information, please contact us and we will take appropriate steps to delete it.

13. Third-party sites and integrations

Our websites or product may link to third-party websites or allow integrations with services we do not operate. Their privacy practices are governed by their own policies. We encourage you to review those policies before sharing personal data.

14. Changes to this policy

We may update this Privacy Policy from time to time. We will post the revised version on this page and update the “Last updated” date. Where changes are material and consent or notice is required by law, we will provide additional notice or obtain consent as appropriate.

15. Contact and registered details

Questions, requests, or complaints about this policy or our privacy practices may be sent to legal@captverse.com.

Operator: Aarohii AI Solution Private Limited.

Registered office: 269-A RS Enclave, Gupta Society, Indira Nagar, Kalyanpur, Kanpur – 208026

For contract-specific data processing terms (including instructions, audits, and deletion timelines for workspace data), customers should refer to their order form, data processing addendum, or Terms of Use as applicable.