Privacy Policy

Effective Date: 01/01/2025  |  Last Updated: 26/05/2025

1. Introduction

OSSA.in (“we,” “us,” or “our”) provides cloud-based software solutions and services (the “Services”) tailored for organizations, institutions, and enterprises (“Clients,” “Organizations,” or “you”).

This Privacy Policy explains how we collect, process, store, and protect personal data provided by Clients and their End Users in connection with the Services. By using our Services, you acknowledge and agree to this policy.

2. Our Role and Your Responsibilities

We act exclusively as a data processor, handling personal data only under the instructions of our Clients. The Client or Organization remains the data controller and is responsible for complying with data protection laws, including obtaining End User consents where required.

3. Data We Collect and Process

3.1 Types of Data

  • Identification and contact information (e.g., names, email addresses, roles)
  • Organization-specific details
  • Technical and usage data (e.g., IP addresses, device information, access logs)
  • Payment and billing information (processed by authorized third-party providers)

3.2 Data Submission

Clients or Organizations may instruct End Users to submit personal data through the Services. OSSA.in does not collect personal data directly from End Users except as directed by the Client.

4. Purpose and Use of Personal Data

Personal data is used solely to provide, maintain, and improve the Services in accordance with Client instructions. We do not use personal data for our own marketing or unrelated activities and disclose it only as required to deliver Services or comply with legal obligations.

5. Third-Party Service Providers

We rely on vetted providers under strict contractual obligations, including:

  • Razorpay (payment processing)
  • Freshworks (customer support & ticketing)
  • Error monitoring platforms
  • SMS gateway services
  • Email marketing platforms

6. Data Storage & Security Measures

We safeguard personal data through:

  • Encryption at rest and in transit
  • Role-based access controls
  • Regular vulnerability assessments and audits
  • Backups and disaster recovery protocols

However, no system can guarantee absolute security.

7. Data Retention & Deletion

Personal data is retained only as long as necessary to deliver Services or meet legal obligations. Upon Client account termination, data will be erased or anonymized according to Client instructions or legal requirements.

8. Rights of Data Subjects

End Users should direct privacy-related requests (e.g., access, correction, deletion) to their Organization’s authorized representatives. OSSA.in will support Clients in addressing such requests in compliance with applicable laws.

9. Data Sharing & Disclosure

We do not sell, trade, or lease personal data. Disclosure is limited to:

  • Authorized service providers necessary for Service delivery
  • Legal authorities when required by law or to protect rights

10. Cross-Border Data Transfers

Personal data may be processed in servers located in multiple jurisdictions. We apply safeguards to ensure compliance with international data protection standards during transfers.

11. Cookies & Tracking Technologies

We use cookies and similar tools to enable functionality, improve user experience, and collect anonymized analytics. Users and Organizations can manage cookie preferences in browser/device settings.

12. Children’s Privacy

Our Services are intended for organizational and adult use. We do not knowingly collect personal data from children under 13 without verified parental or guardian consent.

13. Updates to This Privacy Policy

We may revise this Privacy Policy from time to time. Updates will be published at ossa.in with revised effective dates.

14. Contact Us

For privacy-related questions or requests, contact:
OSSA.in
Email: support@ossa.in

Get Started

Share your info — our team will contact you shortly.