Privacy Policy.
How we handle your personal information, in plain language.
Contents
1. Who we are
BioSarthi Technologies Pvt Ltd ("BioSarthi", "we", "us", "our") designs, builds, runs, and monitors compressed-biogas plants across India. Our registered office is at NASSCOM CoE IoT, Hartron Innovation Campus, Plot 1, Udyog Vihar Phase 1, Sector 20, Gurugram, Haryana 122022. We are a private limited company recognised under DPIIT (DIPP61367).
For the purposes of India's Digital Personal Data Protection Act, 2023 ("DPDP Act"), BioSarthi is the Data Fiduciary for personal data submitted via this website.
2. What we collect
We collect only what we need to respond to enquiries, run our services, and operate the site responsibly.
2.1 Information you give us
- Contact form submissions — name, phone number, organisation, sector, and the message you send via the "Talk to an expert" form.
- Email and call enquiries — anything you put in an email to
hello@biosarthi.comor share on a call. - Site enquiries on WhatsApp — your phone number and message contents when you initiate a chat.
2.2 Information collected automatically
- Aggregate analytics — page views, referring source, country, device type, and rough geographic region. We use Cloudflare Web Analytics, which does not set cookies and does not fingerprint users.
- Marketing attribution — if you arrive via a tagged link (UTM parameters), we record the source / medium / campaign so we know which channels work. This data is not personally identifying on its own.
- Server logs — IP address, user-agent, and request path, kept short-term for security and abuse prevention.
2.3 Information from third parties
- YouTube embeds — when you play an embedded video, YouTube (Google LLC) may set its own cookies subject to its own policy.
- LinkedIn embeds — when our LinkedIn feed loads, LinkedIn may set its own cookies subject to its own policy.
3. How we use it
- To respond to your enquiry and route it to the right person on our team.
- To send you information you have specifically asked for (e.g. our deck, a feasibility note).
- To improve our services — understanding which pages help prospects make decisions, and which do not.
- To meet legal, tax, and contractual obligations.
- To detect and prevent fraud or abuse of the site.
We do not sell your personal data. We do not run third-party advertising or behavioural-tracking scripts on this site. We do not build profiles of individuals for resale.
4. Legal basis
We process your personal data on the following bases under the DPDP Act and applicable Indian law:
- Consent — for non-essential cookies (analytics) and for any marketing communication.
- Legitimate use (Section 7 of the DPDP Act) — to respond to your enquiry and provide services you have requested.
- Compliance with law — where we must keep records (e.g. tax invoices, government reporting).
6. How long we keep it
- Enquiry data — kept for as long as we have an active commercial relationship, plus 36 months thereafter for follow-up and statute-of-limitation purposes.
- Customer records (contracts, invoices) — kept for the period required by Indian tax and corporate law, currently 8 years.
- Aggregate analytics — retained at the source (Cloudflare) per their default; we do not store individually identifiable analytics records.
- Server logs — 30 days, then deleted.
7. Your rights
Under the DPDP Act you have the right to:
- Access the personal data we hold about you.
- Correct data that is inaccurate or out of date.
- Erase data we no longer have a lawful basis to keep.
- Withdraw consent for any processing based on consent — at any time, without affecting prior lawful processing.
- Nominate another individual to exercise these rights on your behalf in case of death or incapacity.
- Grievance redressal — contact our Data Protection Officer (Section 12 below); we respond within 30 days. If unresolved, you can approach the Data Protection Board of India.
To exercise any of these rights, write to privacy@biosarthi.com with enough detail for us to identify your records. We do not charge a fee for reasonable requests.
8. Security
We take reasonable technical and organisational measures to protect personal data, including encryption in transit (TLS), role-based access to internal systems, and audit logging on Frappe and ERPNext. No system is perfectly secure; we will notify the Data Protection Board and affected individuals of any reportable breach within the timelines required by law.
9. Children
This site is intended for adults engaged in commercial decision-making about biogas plants. We do not knowingly collect personal data from children under 18. If you believe a child has submitted personal data to us, please contact privacy@biosarthi.com and we will delete it.
10. International transfers
Our primary systems (Frappe CRM, ERPNext, our document store) are hosted in India. Some of our infrastructure (Cloudflare, YouTube, LinkedIn) is operated globally and may process data outside India in the course of normal CDN operation, video delivery, and embed loading. We take steps to ensure such transfers are subject to appropriate safeguards consistent with the DPDP Act and any rules issued under it.
11. Changes to this policy
We update this policy as our practices evolve and as the DPDP rulemaking process matures. The effective date at the top reflects the latest substantive change. For material changes (e.g. a new category of processing), we will give prominent notice on the site for at least 14 days before the change takes effect.
12. How to reach us
Data Protection Officer
BioSarthi Technologies Pvt Ltd
NASSCOM CoE IoT, Hartron Innovation Campus
Plot 1, Udyog Vihar Phase 1, Sector 20
Gurugram, Haryana 122022, India
Email: privacy@biosarthi.com
Phone: +91 98737 50969