1. Introduction
RVCo ("we", "us", "our") is committed to safeguarding the privacy of every person who accesses and uses our website (www.rvco.global) ("Website"). This privacy policy explains how we collect, use, store, and protect your personal data ("Personal Data") and is compliant with India's Digital Personal Data Protection Act, 2023 (DPDP Act) and applicable Rules. Please read this policy carefully. If you do not agree with how we handle personal data, please do not submit any personal data through this website.
2. Personal Data We Collect
We collect Personal Data that you voluntarily provide through the contact form on our Website, which may include:
- Full Name
- Organization
- Role / Designation
- Email Address
- Phone Number
- Your inquiry or message
We collect only the data necessary to respond to your inquiry. We do not collect any sensitive personal data (health, financial, biometric, or data of children).
3. Purpose of Processing
We use your Personal Data solely to: (a) respond to your inquiry; (b) manage client relationships; and (c) comply with legal obligations. We do not use your Personal Data for marketing purposes unless you have separately and explicitly consented.
4. Automatically Collected Information
Our hosting infrastructure may automatically collect basic technical data such as IP address and browser type for security and performance monitoring. This data is not used to personally identify you and is not linked to your submitted contact data.
5. Cookies
Our Website uses only essential cookies necessary for proper functioning. We do not use any analytics, advertising, or tracking cookies. No cookie consent banner is currently required as we do not deploy non-essential cookies.
6. How We Protect Your Information
We take the following technical and organisational measures to protect your Personal Data: (a) all data is transmitted over HTTPS (TLS encryption); (b) form submissions are processed server-side, and your data is never exposed in client-side code; (c) access to submitted inquiry data is restricted to authorised personnel only; (d) our hosting infrastructure (Vercel) maintains industry-standard physical and network security. However, no method of transmission over the internet is completely secure and we cannot guarantee absolute security.
6a. Google Fonts
This website uses Google Fonts loaded via Next.js. Fonts are downloaded and self-hosted on our servers at build time. No requests are made to Google's servers when you visit this website, and no personal data (including your IP address) is shared with Google in connection with fonts.
7. Disclosure to Third Parties: Data Processors
We do not sell, trade, or transfer your Personal Data to outside parties for commercial purposes. We use the following trusted service providers who process data on our behalf:
- web3forms (web3forms.com): receives and forwards contact form submissions to our inbox. Data processed: Name, Organisation, Role, Email, Phone, Message.
- Resend (resend.com): delivers OTP email verification codes. Data processed: Email address only.
Both service providers process data solely to fulfil the above purposes and are bound by their respective data protection terms. We may also disclose data where required by applicable law or a court order.
8. Retention of Your Personal Data
Contact inquiry data is retained for a maximum of 24 months from the date of submission, after which it is permanently deleted unless an ongoing client engagement has commenced. If an engagement commences, data is retained for the duration of the engagement and for such further period as required by law or legitimate business need. You may request earlier deletion at any time; see Section 10 (Your Rights).
9. Links to Other Websites
Our Website contains links to third-party sites (e.g., LinkedIn, WhatsApp). We are not responsible for the privacy practices of these external sites. Clicking the WhatsApp button will connect you via WhatsApp; Meta's Privacy Policy will apply to that interaction.
10. Your Rights Under the DPDP Act
Under the Digital Personal Data Protection Act, 2023, you have the right to:
- Access a summary of the personal data we hold about you
- Correct inaccurate or incomplete personal data
- Withdraw consent and request erasure of your personal data
- Nominate a person to exercise these rights on your behalf
- Seek redressal for any violation of your data rights
To exercise any right, email us at contactus@rvco.global with subject line "Data Rights Request". We will acknowledge within 48 hours and resolve within 30 days.
11. Children's Data
This website is intended for business professionals only. We do not knowingly collect personal data from individuals under the age of 18. If you are under 18, please do not submit any personal data through this website. If we become aware that we have inadvertently collected data from a minor, we will delete it promptly.
12. Data Breach Notification
In the event of a personal data breach that is likely to result in harm to affected individuals, we will notify the affected individuals and the Data Protection Board of India as required under the DPDP Act, 2023, without undue delay.
13. Grievance Officer
If you have any concerns, complaints, or grievances regarding how we handle your Personal Data, you may contact our Grievance Officer:
We shall acknowledge your grievance within 48 hours and endeavour to resolve it within 30 days.
14. Governing Law and Jurisdiction
This policy is governed by the laws of India, including the Digital Personal Data Protection Act, 2023. Any disputes shall be subject to the exclusive jurisdiction of the courts at Gurugram, Haryana.
15. Changes to This Policy
We may update this policy from time to time to reflect changes in law or our practices. The updated policy will be posted on this page with a revised "Last updated" date. We encourage you to review this page periodically.