Privacy Policy

Yugan Solutions ("we", "our", or "us") is a digital agency based in Punjab, India, providing services including web development, mobile application development, search engine optimisation (SEO), digital marketing, UI/UX design, graphic design, social media management, AI integration, and CRM & dashboard solutions.

This policy applies to all information collected through our website (yugansolutions.com), our contact and inquiry forms, direct email communications, project discovery calls, and any other interaction you have with us in the course of evaluating or receiving our services.

We use the information we collect for the following purposes, each grounded in a legitimate interest or your explicit consent:

• Responding to enquiries: to understand your requirements, prepare proposals, and communicate with you about potential or ongoing projects.
• Service delivery: to plan, design, develop, and deliver the web development, SEO, digital marketing, or other services you have engaged us for.
• Project management: to coordinate internally, share relevant project details with team members working on your account, and meet agreed deliverables.
• Invoicing and payments: to issue invoices, process payments, and maintain financial records as required by applicable law.
• Service improvement: to analyse how visitors use our website and identify areas for improvement.
• Marketing communications: to send you updates, case studies, or service announcements — only where you have opted in or have an existing business relationship with us. You may opt out at any time.
• Legal compliance: to meet our obligations under Indian law, including the Information Technology Act, 2000 and associated rules.

We do not use your information for automated decision-making or profiling that produces legal or similarly significant effects on you.

We do not sell, rent, or trade your personal data. We may share your information only in the following limited circumstances:

• Internal team members: employees or contractors of Yugan Solutions who need access to deliver your project, bound by confidentiality obligations.
• Service providers: trusted third-party tools we use to operate our business, such as email delivery services (e.g. Gmail SMTP), cloud hosting providers (e.g. PythonAnywhere), and project management tools. These providers process data only on our instruction and are contractually prohibited from using it for their own purposes.
• Legal requirements: if required by a court order, government authority, or applicable law, we may disclose your information. We will notify you where legally permitted to do so.
• Business transfers: in the unlikely event of a merger, acquisition, or sale of all or part of our business assets, your data may be transferred. You will be notified in advance.

Our website uses cookies — small text files stored on your device — to ensure core functionality and improve your experience. We use the following categories:

• Strictly necessary cookies: required for the website to function, including Django's CSRF token cookie (csrftoken) which protects form submissions from cross-site request forgery. These cannot be disabled.
• Session cookies: temporary cookies that expire when you close your browser, used to maintain state during your visit.
• Analytics cookies: if we use an analytics tool, aggregate, anonymised data may be collected about how pages are used. No personally identifiable information is stored in these cookies.

You can control or delete cookies through your browser settings. Disabling cookies may affect certain features of the website.

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected:

• Contact form enquiries: retained for up to 2 years to support follow-up communications and service continuity.
• Active client data: retained for the duration of the engagement plus 5 years thereafter for legal, accounting, and dispute resolution purposes.
• Marketing data: retained until you unsubscribe or withdraw consent, whichever is earlier.
• Website analytics: aggregated and anonymised; not subject to personal data retention limits.

When data is no longer required, it is securely deleted from our systems and any third-party processors we use.

We implement appropriate technical and organisational measures to protect your personal information against unauthorised access, accidental loss, alteration, or disclosure. These measures include:

• HTTPS encryption for all data transmitted between your browser and our website.
• CSRF protection on all web forms.
• Access controls ensuring only authorised personnel can access personal data.
• Regular review of our data handling practices and third-party service configurations.

No method of transmission over the internet is 100% secure. While we strive to use commercially acceptable means to protect your data, we cannot guarantee absolute security. In the event of a data breach that is likely to result in risk to your rights and freedoms, we will notify you without undue delay.

Subject to applicable law, you have the following rights with respect to your personal data held by us:

• Right of access: to request a copy of the personal data we hold about you.
• Right to rectification: to request correction of inaccurate or incomplete data.
• Right to erasure: to request deletion of your personal data, subject to our legal obligations to retain certain records.
• Right to restrict processing: to request that we limit how we use your data in certain circumstances.
• Right to data portability: to receive your data in a structured, commonly used format where technically feasible.
• Right to withdraw consent: where processing is based on your consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
• Right to object: to object to processing for direct marketing purposes at any time.

To exercise any of these rights, please contact us using the details in Section 12. We will respond within 30 days. We may need to verify your identity before processing your request.

Our website may contain links to third-party websites, including our LinkedIn and Instagram profiles, client websites featured in our portfolio, and external resources referenced in our blog posts. These third-party sites have their own privacy policies, and we have no responsibility or liability for their content or practices. We encourage you to review the privacy policy of any website you visit.

Our website and services are directed exclusively at business clients and professionals. We do not knowingly collect personal data from individuals under the age of 18. If you believe a minor has submitted personal data to us, please contact us immediately and we will delete it promptly.

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or applicable law. When we make material changes, we will update the "Last updated" date at the top of this page. For significant changes, we may also notify active clients directly by email. We encourage you to review this policy periodically. Continued use of our website after any changes constitutes your acknowledgement of the updated policy.

If you have any questions, concerns, or requests relating to this Privacy Policy or how we handle your personal data, please contact us: