PRIVACY POLICY

Last Updated: 14th January 2026 

1. Introduction 

Cappitall Want Solutions Private Limited (“Company”, “we”, “us”, or “our”) is committed to protecting the privacy and personal data of individuals who interact with our website, applications, products, and services (collectively, the “Services”). 

This Privacy Policy explains how and why we collect, use, disclose, store, and protect personal data, and describes the rights available to individuals under applicable data protection laws, including: 

  • the EU and UK General Data Protection Regulation (GDPR); and 
  • the Digital Personal Data Protection Act, 2023 (India). 

 
This Privacy Policy applies to our website, applications, and associated subdomains operated by the Company. 

By accessing or using our Services, you acknowledge that you have read and understood this Privacy Policy. 

2. Data Controller / Data Fiduciary 

For the purposes of applicable data protection laws: 

  • GDPR: Cappitall Want Solutions Private Limited is the Data Controller. 
  • India DPDP Act: Cappitall Want Solutions Private Limited is the Data Fiduciary. 

Registered Address: 
No. 930/913, C-106, Meenakshi Mangalam Apt., B.G. Road, Bengaluru, KA – 560076 

3. Definitions 

  • Personal Data / Personal Information: Any information relating to an identified or identifiable individual. 
  • Processing: Any operation performed on personal data, including collection, use, storage, disclosure, or deletion. 
  • Data Subject / Data Principal: An individual whose personal data is processed. 
  • Consent: Freely given, specific, informed, and unambiguous permission for processing personal data. 

4. Information We Collect 

4.1 Personal Data You Provide 

We may collect: 

  • Name, username 
  • Email address, phone number 
  • Mailing and billing address 
  • Job title and company name 
  • Login credentials 
  • Payment details (processed via secure third-party gateways) 

4.2 Automatically Collected Information 

  • IP address 
  • Device and browser information 
  • Usage data and log files 
  • Cookies and similar technologies 

4.3 Information from Third Parties 

  • Social media platforms (subject to your privacy settings) 
  • Fraud detection and payment service providers 
  • Analytics and advertising partners 

5. Lawful Bases for Processing (GDPR Article 6) 

We process personal data only where at least one lawful basis applies: 

  1. Consent 
    For marketing communications, newsletters, cookies, and remarketing. 
  1. Contractual Necessity 
    To create accounts, provide Services, process transactions, and deliver support. 
  1. Legal Obligation 
    To comply with applicable laws, taxation, accounting, or regulatory requirements. 
  1. Legitimate Interests 
    For service improvement, security, fraud prevention, analytics, and business operations, provided such interests do not override your fundamental rights. 
  1. Vital Interests 
    Where processing is necessary to protect life or prevent serious harm (rare cases). 

6. How We Use Personal Data 

We use personal data to: 

  • Provide and operate our Services 
  • Process payments and transactions 
  • Communicate with users 
  • Improve website performance and user experience 
  • Conduct analytics and research 
  • Prevent fraud and enhance security 
  • Comply with legal and regulatory obligations 

7. Cookies, Tracking & Profiling 

We use cookies, sessions, and similar technologies to: 

  • Remember user preferences 
  • Enable core website functionality 
  • Perform analytics and performance measurement 
  • Deliver targeted or remarketing advertisements 

You may manage cookie preferences through your browser or cookie banner settings. 

Profiling: 
Where marketing or remarketing is used, limited profiling may occur. No automated decision-making producing legal or similarly significant effects is carried out without human involvement. 

8. Sharing and Disclosure of Data 

We may share personal data with: 

  • Trusted service providers (hosting, payment processing, analytics) 
  • Corporate affiliates 
  • Advertising and marketing partners 
  • Legal authorities where required by law 
  • Successors in the event of a merger, acquisition, or asset sale 

All third parties are required to process data under appropriate contractual safeguards. 

9. International Data Transfers 

Personal data may be transferred outside your country of residence, including to India and other jurisdictions. 

Where required, we rely on: 

  • Adequacy decisions 
  • Standard Contractual Clauses (SCCs) 
  • Equivalent lawful transfer mechanisms 

10. Data Retention 

We retain personal data only for as long as necessary to: 

  • Fulfil the purposes described in this Policy 
  • Comply with legal, regulatory, or contractual obligations 

Unless otherwise required, data is deleted or anonymised upon account closure or withdrawal of consent, subject to statutory retention requirements. 

11. Data Security 

We implement appropriate technical and organisational measures, including: 

  • SSL encryption 
  • Access controls 
  • Secure servers 
  • Regular security assessments 

However, no system is completely secure, and we cannot guarantee absolute security. 

12. Data Breach Notification 

In the event of a personal data breach: 

  • We will notify relevant authorities within legally prescribed timelines 
  • Affected individuals will be informed where there is a high risk to their rights and freedoms 

13. Your Rights 

Under GDPR (EU/UK) 

You have the right to: 

  • Access your data 
  • Rectification 
  • Erasure (“right to be forgotten”) 
  • Restrict processing 
  • Data portability 
  • Object to processing 
  • Withdraw consent at any time 

Under India’s DPDP Act, 2023 

You have the right to: 

  • Access information about processing 
  • Correction and erasure 
  • Withdraw consent 
  • Grievance redressal 

14. Withdrawal of Consent 

Where processing is based on consent, you may withdraw consent at any time. Withdrawal will not affect the lawfulness of processing carried out before withdrawal. 

15. Children’s Privacy 

Our Services are not directed to individuals under 13 years of age. We do not knowingly collect personal data from children. 

16. Grievance Redressal / Data Protection Contact 

Grievance Officer / Data Protection Contact 
Email: compliance@cappitallwant.com 

 
Corporate Address: 
#931, Bhavani Sadana, 1st Sector, 1st Floor, BTM 4th Stage, 1st Sector, 4th Main Road, Bengaluru, KA – 560076

We will address grievances within the timelines prescribed under applicable law. 

17. Changes to This Privacy Policy 

We may update this Privacy Policy periodically. Material changes will be communicated through the Services or other appropriate means. 

Continued use of the Services after updates constitutes acceptance. 

18. Governing Law 

This Privacy Policy is governed by the laws of India, subject to mandatory rights under applicable data protection laws.