Privacy Assurance

Privacy Policy at Midbird Technologies

Effective Date: [Insert Date]
Last Updated: [Insert Date]

MidBird Technologies (“MidBird”, “we”, “our”, or “us”) is committed to maintaining the privacy and protection of your personal data. This Privacy Policy explains how we collect, use, store, disclose, and safeguard your information when you use our websites, software products, mobile applications, cloud platforms, and services (collectively, “Services”), whether as an individual or on behalf of an organization.

1. Scope of This Policy

This Privacy Policy applies to all data we collect through:

• Our website: https://www.midbirdtech.com

• Our software products and SaaS platforms

• Customer support services and documentation

• Emails, newsletters, contact forms, and feedback surveys

• Events, webinars, and partner interactions

• Third-party integrations and APIs

2. Information We Collect

2.1 Personal Information

We may collect the following types of personally identifiable information (PII):

• Full name, job title, company name

• Email address, phone number, mailing address

• Billing and invoicing details (VAT, GST, PAN, etc.)

• Government-issued identification, where required

• Login credentials, license activation data

2.2 Non-Personal Information

Includes data that does not identify an individual directly:

• Browser type, operating system, and language preferences

• Device information (e.g., device ID, model, screen size)

• Access times and referring URLs

• Anonymous usage statistics and telemetry

• Aggregated logs, error reports, and diagnostic data

2.3 Sensitive Data (If Applicable)

In limited cases, we may process sensitive data such as:

• Biometric data (if required for identity verification)

• Encrypted data subject to secure wiping or forensic erasure

• Legal or compliance-related documentation (e.g., DPA, audit reports)

3. How We Collect Information

• Directly from you: When you register, request a demo, purchase software, fill out forms, or contact us.

• Automatically: Through cookies, pixels, server logs, telemetry modules, and analytics scripts.

• Third Parties: Partners, resellers, payment gateways, and compliance vendors.

4. Purpose of Data Collection

We use your data for the following lawful purposes:

PurposeLegal BasisAccount creation, user verification, and profile managementContractual necessitySoftware licensing, billing, and invoicingContractual necessityProduct delivery and updatesLegitimate interestCustomer support and technical assistanceLegitimate interestSecurity monitoring and abuse preventionLegitimate interestEmail communications, alerts, and newslettersConsentLegal compliance and audit trailsLegal obligationProduct improvement and analyticsLegitimate interest

5. Cookies & Tracking Technologies

We use cookies and similar technologies to optimize your experience:

• Strictly Necessary Cookies: Authentication, session management

• Performance Cookies: Google Analytics, Hotjar, telemetry

• Functionality Cookies: User preferences and language settings

• Marketing Cookies: Retargeting via Facebook Pixel, Google Ads

Opt-out: You may configure your browser settings to decline cookies or use tools like YourAdChoices and Ghostery.

6. Data Sharing and Third Parties

We do not sell your data. We may share it with:

• Payment processors: Razorpay, Stripe, PayPal

• Cloud providers: AWS, Azure, Google Cloud

• CRM and support tools: Freshdesk, HubSpot, Zoho

• Auditors and legal counsel: For legal or regulatory purposes

• Partners or resellers: Where consent is given

All vendors are bound by strict data processing agreements (DPAs) and must adhere to relevant security frameworks (e.g., ISO 27001, SOC 2).

7. International Data Transfers

If you access our services outside of India or the EU, your data may be transferred internationally. We ensure:

• Standard Contractual Clauses (SCCs)

• EU-US Data Privacy Framework (if applicable)

• End-to-end encryption and tokenization

• Zero-retention policies for secure-wipe logs (when required)

8. Data Retention Policy

We retain personal data:

• As long as necessary for the purposes described

• During the lifecycle of a subscription or license

• In accordance with statutory, regulatory, and compliance mandates

Retention Timeframes:

• Account data: 5 years post-deactivation

• Logs and telemetry: 12–24 months

• Support tickets: 3 years

• Financial records: 7 years (as per Income Tax/ITR rules)

After expiration, data is either:

• Permanently deleted

• Anonymized for statistical purposes

• Securely wiped using DoD/NIST erasure standards

9. Security Measures

We take a multi-layered approach to data protection:

• HTTPS/SSL encrypted communications

• AES-256 encryption at rest

• Secure erasure logs with tamper-proof certificates

• Two-factor authentication (2FA) for admin accounts

• Role-based access controls (RBAC)

• Endpoint monitoring and firewalls

• Regular penetration testing and vulnerability assessments

10. Your Rights

Depending on your jurisdiction (e.g., GDPR, CPRA/CCPA, PDPB), you may exercise the following rights:

• Right to Access: Request a copy of the data we hold about you

• Right to Rectification: Correct any incorrect or incomplete data

• Right to Erasure (Right to be Forgotten): Request data deletion

• Right to Restriction: Limit processing under certain conditions

• Right to Object: Object to direct marketing or automated profiling

• Right to Data Portability: Request data in a machine-readable format

• Right to Withdraw Consent: At any time, without affecting prior processing

• Right to Lodge a Complaint: With your national data protection authority

To submit a request, contact: privacy@midbird.com

11. Children's Privacy

Our services are not designed for individuals under the age of 18. We do not knowingly collect or process personal data from minors. If we discover any such data, it will be promptly deleted.

12. Third-Party Sites and Services

We may link to third-party websites or services that are not governed by this policy. You are encouraged to review their privacy practices separately. We are not liable for the misuse or mishandling of your data by such parties.

13. Data Protection Officer (DPO)

We have appointed a Data Protection Officer to oversee our privacy and compliance strategy.

Name: [Insert DPO Name]
Email: dpo@midbird.com
Phone: [Insert DPO Phone]
Address: [Insert Registered Office]

14. Changes to This Policy

We may periodically revise this Privacy Policy. The latest version will be posted on our website with the updated “Last Modified” date. Substantive changes may be notified via email or dashboard notifications.

15. Contact Information

If you have questions, complaints, or feedback about this Privacy Policy or our data handling practices, contact us at:

MidBird Technologies
📧 Email: privacy@midbird.com
🌐 Website: https://www.midbird.com
📍 Address: [Insert Full Business Address]
📞 Phone: [Insert Support Number]

Contact Us

For inquiries regarding our privacy policy, please reach out to Midbird Technologies. We're here to help.