HomeAboutServicesOur WorkContact UsLet's talk
HomeAboutServicesOur WorkContact UsLet's talk

Privacy Policy

Last Updated: May 2, 2026 | Version 2.0.1

1. Comprehensive Overview

This Privacy Policy is designed to inform you of the strict policies and procedures of Elixios ("the Agency," "we," "us," or "our") regarding the collection, use, and disclosure of personal information we receive from users of our website, client portals, and associated digital services. By engaging with our platform, you acknowledge that you have read and understood this policy in its entirety.

We operate under the fundamental principle that your data is your own. Our data collection is limited to the minimum necessary to provide exceptional design, engineering, and strategic services. This policy applies sitewide and covers all interactions with our domain, subdomains, and any third-party integrations we utilize for project management and delivery.

2. Granular Data Collection

A. Voluntarily Provided Information

When you interact with our contact forms, booking systems, or project onboarding sequences, we may collect:

  • Identity Data: Full legal name, professional title, business entity name, and government-issued identifiers where required for tax compliance.
  • Contact Data: Primary and secondary email addresses, direct telephone lines, physical business addresses, and instant messaging handles (WhatsApp, Slack, Discord).
  • Project Data: Detailed business requirements, internal strategy documents, existing brand assets, and proprietary market insights shared during discovery.

B. Automatically Collected Information

Our infrastructure automatically logs technical metadata including:

  • Network Identifiers: Internet Protocol (IP) addresses, proxy server data, and unique device identifiers (UUIDs).
  • Browser Fingerprinting: Browser type, version, language settings, screen resolution, and installed plugin metadata.
  • Geolocation Data: Broad geographic location derived from IP addresses and, where permitted, precise GPS-based location data for regional service optimization.

3. Advanced Tracking & Cookie Policy

We utilize "Cookies" and similar tracking technologies (web beacons, pixels, local storage) to enhance your experience and analyze our traffic patterns.

  • Essential Cookies: Critical for core site functionality, such as security protocols, session management, and load balancing. These cannot be disabled.
  • Analytical Cookies: Powered by Google Analytics and Vercel Analytics. These allow us to recognize and count the number of visitors and see how they move around our site. This data is anonymized before processing.
  • Functional Cookies: Used to remember your preferences, such as language choice or dark mode settings, between sessions.

4. Legal Basis for Processing

We process your personal data under the following legal frameworks:

  • Contractual Necessity: To fulfill our obligations under a signed Service Agreement or to take pre-contractual steps at your request.
  • Legitimate Interests: For the effective management of our business, including cybersecurity, internal auditing, and service improvements.
  • Legal Compliance: To satisfy tax, regulatory, or law enforcement requirements within the jurisdiction of India.
  • Explicit Consent: Where you have provided clear and affirmative consent for a specific purpose (e.g., subscribing to a newsletter).

5. Third-Party Data Transmission

We do not sell your personal data. However, we may share information with trusted service providers to ensure project success:

  • Cloud Infrastructure

    Vercel, AWS, and Google Cloud for hosting and data redundancy.

  • Project Management

    Notion, Slack, and Linear for communication and task tracking.

  • Financial Systems

    Stripe, Razorpay, and PayPal for secure, encrypted payment processing.

  • Communication

    Postmark and Mailchimp for transactional and marketing emails.

6. Cross-Border Data Transfers

Your information may be transferred to—and maintained on—computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction. If you are located outside India and choose to provide information to us, please note that we transfer the data, including Personal Data, to India and process it there.

7. Data Retention & Destruction

We implement a strict data lifecycle management policy. Personal data is retained only as long as:

  • The business relationship is active and ongoing.
  • Necessary to provide the contracted services.
  • Required by Indian statutory law for financial and tax auditing (typically 7-10 years).

Upon expiration of the retention period, data is either permanently deleted from our primary systems and backups or fully anonymized beyond the possibility of re-identification.

8. Security Protocols

We employ industry-standard security measures including AES-256 encryption at rest, TLS 1.3 encryption in transit, multi-factor authentication (MFA) for all internal systems, and regular automated vulnerability scans. However, no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.

9. Your Statutory Rights

Depending on your location, you may have the following rights:

Right to Access: View all data we hold about you.
Right to Rectification: Correct inaccurate information.
Right to Erasure: "The right to be forgotten."
Right to Portability: Transfer data to another provider.
Right to Object: Halt processing for specific reasons.
Right to Opt-Out: Withdraw consent at any time.

10. Children's Privacy

Our services are not intended for individuals under the age of 18 ("Children"). We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.

11. Privacy Policy Revisions

We reserve the right to update this policy at any time. Significant changes will be communicated via email or through a prominent notice on our website. Continued use of our services after such modifications constitutes your acknowledgement of the modified Privacy Policy.

12. Data Protection Officer

For any inquiries, requests for data access, or formal complaints regarding our data handling practices, please contact our designated Privacy Compliance Team:

Email: elixios.info@gmail.com

Subject: ATTN: DATA PROTECTION OFFICER

Response Window: 72 Business Hours