This Privacy Policy explains how IBEE Solutions Private Limited (India) and IBEE Software Solutions Inc (USA) (collectively, “IBEE”, “we”, “us”, or “our”) collect, use, process, and disclose personal data when you access or use our website, customer portal, APIs, and services, including cloud infrastructure services such as virtual machines, object storage, networking, load balancing, and secret management.
We are committed to protecting your privacy and handling your data in an open and transparent manner. This policy is intended to help you understand what information we collect, why we collect it, how we use it, when we may share it, and what rights you may have depending on your location and the laws that apply to you.
This policy applies to our websites, dashboards, portals, APIs, billing systems, support interactions, sales and marketing communications, and any other services that reference this Privacy Policy.
We process personal data in accordance with applicable laws, including:
- Digital Personal Data Protection Act, 2023 (India)
- Applicable U.S. privacy laws, including CCPA/CPRA where applicable
2. Which IBEE Entity Applies to You
Your relationship is with the IBEE entity determined by your billing country, account registration, contracting entity, or the entity that issues your invoice. In practice, this means that customers may contract with IBEE Solutions Private Limited or IBEE Software Solutions Inc depending on how their account is created and managed.
Where one IBEE entity supports another for operational, support, compliance, sales, engineering, or administrative purposes, personal data may be shared between the two entities in accordance with this Privacy Policy and appropriate safeguards.
3. Definitions
“Personal Data” / “Personal Information”: Any information that identifies, relates to, describes, or can reasonably be linked to an individual.
“Processing”: Any operation performed on personal data, including collection, recording, organization, storage, use, disclosure, transfer, restriction, or deletion.
“Customer Content”: Data, files, objects, secrets, configurations, logs, applications, and other materials that customers upload to, store in, or transmit through IBEE services.
IBEE acts as a Data Controller for the personal data described in this Policy. In some cases, depending on the nature of the service, IBEE may also process certain data on behalf of customers as a service provider or processor under separate contractual terms.
4. Information We Collect
4.1 Account Registration Data
When you register for an account, request access to our services, or create an organization or project, we may collect your full name, email address, phone number, address, company information, job title, tax or billing details, and other information reasonably required to create and administer your account.
We use this information to create your account, identify you as a user, support billing and contracting, communicate about your services, and maintain the integrity of our customer records.
4.2 Platform, API, and Account Activity Data
When you use IBEE services, we collect operational and account activity data necessary to deliver, secure, and improve our platform. This may include:
- IP address and approximate location information derived from network metadata
- Device, browser, and client information
- Login, authentication, session, and authorization events
- API usage logs and request metadata
- Records of actions performed within your account, such as creating or deleting resources, managing storage buckets, accessing secrets, rotating credentials, or modifying roles and permissions
- Operational telemetry required to maintain performance, troubleshoot errors, and prevent misuse
We use this information to secure accounts, detect suspicious or abusive behavior, support auditability, diagnose problems, provide customer support, and maintain reliability across the platform.
4.3 Communication Data
If you contact us through email, support tickets, contact forms, sales forms, chat, meetings, or other communication channels, we may collect your name, email address, company name, role, and any personal data or business information you choose to include in your communications.
We use this data to respond to inquiries, resolve support requests, manage our business relationship with you, document important service communications, and improve the quality of our support and customer success processes.
4.4 Payment and Billing Data
Payment data is generally processed by third-party payment providers such as Stripe or Razorpay. We do not typically store full payment card information. However, we may receive and retain limited billing metadata such as transaction IDs, payment status, billing address details, payment instrument type, the first or last few digits of a payment card where available, invoice records, taxation details, and subscription or usage-related billing information.
We use this information to process payments, issue invoices, detect payment fraud, reconcile transactions, manage renewals, and comply with tax, accounting, and record-keeping obligations.
4.5 Identity Verification and Compliance Data (KYC / KYT)
In certain situations, such as fraud prevention reviews, risk assessments, trial verification, payment method changes, compliance checks, or account investigations, we may collect identity documents, photo verification data, business registration details, payment verification data, transaction review information, and related fraud or sanctions-screening signals.
We use this information to verify identity, protect the platform, investigate suspicious activity, prevent abuse, comply with legal obligations, and ensure that the person or entity using or paying for services is authorized to do so.
4.6 Business and Marketing Data
We may collect business contact details such as your name, company, title, work email, work phone number, country, and records of your interactions with our marketing campaigns, website, sales team, and customer success team. We may also obtain lead information from public sources or service providers where permitted by law.
This information helps us identify potential customer needs, communicate about products and services, manage account relationships, improve sales and support workflows, and send marketing communications where permitted or where you have consented.
4.7 Website and Usage Data
When you browse our website or use our dashboard, we may collect usage patterns, page interactions, navigation behavior, device information, session information, referral sources, cookie or similar technology data, and performance or diagnostic data.
We use this information to understand how users engage with our website and services, improve usability, measure performance, secure the platform, diagnose problems, and support analytics and reporting.
4.8 Recruitment Data
If you apply for a role with IBEE, we may collect your name, email, phone number, location, resume, CV, employment history, educational background, portfolio or profile links, interview notes, and other information you choose to provide during the recruitment process.
We use this data to assess your application, communicate with you about opportunities, evaluate qualifications, and keep records relating to recruiting and hiring.
5. How We Use Your Personal Data
We use personal data to provide and operate our services, manage accounts and projects, authenticate users, provision infrastructure resources, process billing and payments, respond to support requests, communicate with customers, and administer the relationship between you and IBEE.
We also use personal data to secure our platform, detect fraud and abuse, investigate suspicious activity, enforce our terms and policies, comply with applicable laws, improve product reliability and performance, analyze usage trends, develop new features, and send service-related communications.
Where permitted by law or where you have provided consent, we may also use personal data to send marketing communications, product updates, event invitations, and other business communications that may be relevant to you.
6. Legal Basis for Processing
Depending on the context and applicable law, we process personal data on one or more legal bases, including the performance of a contract, legitimate interests such as security, service improvement, fraud prevention, and internal administration, your consent where required, and compliance with legal or regulatory obligations.
In many situations, more than one legal basis may apply to the same processing activity. For example, we may process account data both to deliver contracted services and to protect the security and integrity of the platform.
7. Sharing of Personal Data
We do not sell personal data. We may share personal data only where necessary to operate our business, provide services, comply with law, or protect IBEE and its users.
7.1 Within the IBEE Group
Personal data may be shared between IBEE Solutions Private Limited and IBEE Software Solutions Inc for support, operations, engineering, billing, compliance, legal, sales, customer success, and administrative purposes.
7.2 Service Providers
We may share personal data with third-party service providers that help us operate the platform and business, including payment processors, cloud and infrastructure providers, analytics providers, CRM and customer support tools, communication platforms, recruitment systems, security vendors, and fraud detection services. These providers are expected to process personal data only for authorized purposes and under appropriate contractual obligations.
7.3 Legal Authorities and Similar Disclosures
We may disclose personal data where required by law, regulation, subpoena, court order, lawful investigation, or where necessary to protect our rights, property, systems, customers, or the public.
8. Customer Data & Content
IBEE provides infrastructure services.
As a general rule, we do not access, use, or review customer content such as object storage data, virtual machine data, secrets, credentials, or application-level data merely because it is stored on or transmitted through our services.
We may process limited technical metadata necessary to operate the platform, and we may access customer content only where reasonably necessary to provide requested support, maintain service integrity, prevent or investigate abuse, respond to security incidents, or comply with applicable law or lawful process.
Customers remain responsible for the legality, integrity, accuracy, and security of their own content and configurations, including backups, access control decisions, encryption choices, and internal compliance obligations.
9. International Data Transfers
Your data may be transferred to and processed in India, the United States, and other countries where IBEE or its service providers operate. These jurisdictions may have data protection laws that differ from those in your country of residence.
Where required, we implement appropriate safeguards for such transfers, including contractual protections, internal access restrictions, and operational controls designed to protect personal data during cross-border processing.
10. Data Retention
We retain personal data for as long as necessary to provide services, maintain account records, support billing and audits, investigate abuse, resolve disputes, enforce agreements, comply with legal obligations, and protect our legitimate interests.
Retention periods may vary depending on the category of data, the nature of the service, contractual commitments, operational requirements, legal obligations, and whether the data is needed for security or compliance purposes.
11. Security
We implement technical and organizational measures designed to protect personal data from unauthorized access, use, disclosure, alteration, or destruction. These measures may include encryption in transit and at rest where appropriate, access controls, logging, monitoring, review mechanisms, and operational security practices.
No system can be guaranteed to be completely secure. However, we continuously work to strengthen our security posture and to reduce risk across our services, infrastructure, and internal operations.
12. Automated Decision-Making
We may use automated tools and systems to support fraud detection, payment risk analysis, abuse prevention, service protection, and operational monitoring. These systems help us identify unusual or risky behavior more efficiently.
We do not make solely automated decisions that significantly affect individuals without appropriate review where required by law.
13. Your Rights
Depending on your location and applicable law, you may have rights relating to the personal data we hold about you. These may include rights to access, correct, delete, restrict, object to, or receive a portable copy of certain data, as well as the right to withdraw consent where processing is based on consent.
California Residents (CCPA/CPRA)
If you are a California resident, you may have the right to know what categories of personal data we collect, use, and disclose; request deletion of certain personal data; request correction of inaccurate personal data; and exercise applicable opt-out rights. IBEE does not sell personal data.
India Users (DPDP Act)
If you are subject to applicable Indian data protection law, you may have the right to access your data, correct inaccuracies, request deletion where applicable, withdraw consent, and seek grievance redressal in accordance with law.
To exercise your rights or submit a privacy-related request, you may contact us at privacy@ibee.ai.
14. Children’s Privacy
Our services are not intended for individuals under 18. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data in violation of applicable law, please contact us so that we can review and take appropriate action.
15. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, business practices, or security processes. When we make material changes, we may take reasonable steps to notify users, such as by updating the policy on our website, providing dashboard notice, or using other appropriate communication channels.
Your continued use of the services after an updated policy becomes effective will be subject to the revised Privacy Policy.
16. Contact
If you have questions, requests, or complaints relating to this Privacy Policy or our handling of personal data, you may contact us at legal@ibee.ai
IBEE Solutions Private Limited
[Registered Address]
IBEE Software Solutions Inc
[Registered Address]