Intellexia Tech Pvt. Ltd. — Privacy Policy

Last updated: December 19, 2025 1. Introduction & Purpose Intellexia Tech Pvt. Ltd. ("Intellexia", "we", "us" or "our") is committed to protecting the privacy and security of personal information across the territories in which we operate. This Privacy Policy should be read together with our Terms of Service. This Privacy Policy describes the types of Personal Information we collect, how we use and share it, the legal bases for processing under applicable laws, cross border transfer safeguards, security measures and your privacy rights. It applies to all Intellexia products and services, including our websites, platforms, mobile and web applications, APIs, customer support channels, and other official communications (collectively, the "Platform"). By using the Platform or providing information to us, you consent to the collection, use and transfer of your information as described in this Policy, subject to applicable law. 2. Key Definitions • Personal Information / Personal Data: Any information relating to an identified or identifiable natural person. • Sensitive Personal Data or Information (SPDI) / Special Category Data: Personal data of a sensitive nature (for example, racial or ethnic origin, political opinions, religious/philosophical beliefs, health data, biometric data, or financial/payment details), as defined under applicable law. • Processing: Any operation performed on Personal Information (collection, storage, use, disclosure, deletion, etc.). • Controller / Data Fiduciary: The party that determines the purposes and means of processing personal data. • Processor / Data Processor: The party that processes personal data on behalf of a Controller. 3. Scope This Policy governs Intellexia's collection and processing of Personal Information from users, customers, partners, job applicants, employees (where applicable), vendors and other individuals who interact with Intellexia globally. For data processed under specific contracts (e.g., enterprise SaaS customers), contractual terms and the applicable Data Processing Agreement (DPA) govern the parties' obligations. If a specific contract or DPA is silent on any matter addressed in this Privacy Policy, the terms of this Privacy Policy will apply and will be used for interpretive guidance, unless the contract expressly provides otherwise. 4. Categories of Data We Collect A. Technical & Non Personal Information We automatically collect aggregated or anonymized information that does not directly identify you, including: • Device and platform types, browser type, OS and versions; • IP addresses (or derived geographic location), referring/exit pages, URLs and clickstream data; • Session identifiers, log files, load and performance metrics; • Aggregated usage statistics, analytics and telemetry. B. Personal Information We collect Personal Information that you provide directly or that is gathered in the course of providing services, including: • Contact information (name, email address, telephone number, postal address); • Account registration data and credentials; • Profile data and preferences; • Billing and payment information (limited financial details necessary to process payments — processed via certified payment processors); • Enterprise user content submitted to our platform (including text, images, audio, video and other files) where you upload or provide it; • Correspondence and support communications; • Any additional information you voluntarily provide (e.g., resumes for job applicants). C. Sensitive Personal Data or Information We do not routinely process sensitive categories of Personal Information except where necessary and lawful (for example, payment data required for paid services, or where explicit consent is obtained). Where such data is processed, we will rely on an appropriate legal basis and implement heightened safeguards. D. Information from Third Parties We may receive Personal Information from third parties (e.g., data enrichment providers, public sources, business partners, or customer supplied contacts). We will process such information in accordance with applicable law and this Policy. 5. How We Collect Data • Directly from you when you register, subscribe, contact support, apply for jobs or otherwise communicate with us. • Automatically via cookies, web beacons, server logs, SDKs and similar technologies when you use the Platform. • From our customers and enterprise clients (as Controllers) who provide data to enable services. • From third party service providers and publicly available sources. 6. Purposes of Processing & Legal Bases We process Personal Information for the purposes described below. The legal basis for processing varies by jurisdiction: Purposes • Provisioning, operation and maintenance of the Platform, features and services; • Account registration, authentication, billing and subscription management; • Customer support, troubleshooting and communications (transactional and service messages); • Payment processing and fraud prevention through third party payment processors and anti fraud tools; • Personalization, analytics, research and product improvement (including model training using de identified or consented data); • Security, auditing, incident detection, and prevention of abuse; • Compliance with legal and regulatory obligations and responding to lawful requests from authorities; • Performing obligations under contracts with customers and partners; • Marketing and promotional communications where permitted by law and with required consent/opt out mechanisms. 7. Cookies & Tracking Technologies We use cookies and similar technologies for authentication, session continuity, analytics, performance, personalization, security, A/B testing and advertising (where applicable). • Strictly Necessary / Essential Cookies: Required for the Platform to operate. • Performance / Analytics Cookies: Collect anonymized usage metrics to improve the service. • Functional Cookies: Store user preferences and settings. • Advertising / Marketing Cookies: Used for targeted advertising and measuring campaign effectiveness (only used where lawful and with consent where required). Consent to non essential cookies is obtained where required. Most browsers allow you to block or delete cookies; please consult your browser settings. For customers requiring strict data residency or cookie controls, contractual configurations or enterprise deployments may be offered. 8. Sharing & Disclosure We do not sell Personal Information. We may share Personal Information with: • Affiliates and subsidiaries for internal business purposes. • Service providers and sub processors that perform services on our behalf (payment processors, cloud hosting providers, analytics vendors, communications providers). These parties are bound by contractual obligations to safeguard data. • Business partners and advertisers where you have provided consent or where otherwise permitted. • Legal, regulatory and governmental authorities when required by law, court order or regulation. • Fraud prevention and security vendors to detect and prevent abuse. • During corporate transactions (merger, acquisition, restructuring) in such cases we will endeavor to notify affected users and apply appropriate safeguards. Before sharing Personal Information with third parties, we apply reasonable due diligence and contractual protections (DPA clauses, security requirements and restrictions on onward transfers). 9. International / Cross Border Transfers Personal Information may be stored and processed in India and in other countries where Intellexia or its service providers operate. To lawfully transfer data across borders we employ appropriate safeguards. 10. Data Retention & Minimization We retain Personal Information only as long as necessary to fulfil the purposes for which it was collected, to meet contractual obligations, to comply with legal/regulatory requirements, and to resolve disputes. Where possible, we aggregate or anonymize data for research and analytics and retain anonymized datasets for longer periods. Retention periods are documented in our internal records and are subject to periodic review. Specific retention schedules may be agreed contractually for enterprise customers. 11. Security Measures We implement appropriate technical, administrative, and organizational safeguards designed to protect Personal Information from unauthorized access, disclosure, alteration, or destruction. However, no system or method of transmission over the internet is completely secure, and absolute security cannot be guaranteed. In the event of any actual or suspected data breach affecting Personal Information, we will notify the affected individuals and the relevant regulatory authorities within 72 hours of knowledge of breachor in accordance with any other applicable law. 12. Data Subject Rights Depending on your jurisdiction you may have the following rights with respect to your Personal Information: • Right to access and obtain copies of Personal Information we hold about you; • Right to rectification/correction of inaccurate or incomplete data; • Right to erasure / deletion (subject to legal and contractual retention obligations); • Right to restriction of processing; • Right to data portability (where technically feasible); • Right to object to processing (including direct marketing and profiling); • Right to withdraw consent where processing is based on consent; • Right to lodge a complaint with a supervisory authority; To exercise your rights, contact our Data Protection Officer at admin@intellexia.ai. We will respond in accordance with applicable law. 13. Automated Decision Making & Profiling We may use automated systems and analytics to personalize content, detect fraud, improve product features and for operational efficiency. Where automated decision making produces legal or similarly significant effects, we will comply with applicable requirements (e.g., provide meaningful information about the logic involved and avenues for human review) and honor applicable subject rights. 14. Children & Age Restricted Data The Platform is not intended for individuals under the minimum age of 18. We do not knowingly collect or process data of individual below the above threshold. If we learn that we have collected a child's data without lawful parental consent, we will promptly delete it. 15. Third Party Services & Links The Platform may contain links to third party websites, products or services not controlled by Intellexia. This Policy does not apply to third parties. Review the privacy notices of third parties before providing Personal Information. 16. Cross Border Transfer Policy & Accountability Intellexia maintains records and documentation supporting lawful transfers and implements safeguards (encryption, access controls, contractual commitments). 17. Data Breach Notification In the event of a confirmed data breach that affects Personal Information, Intellexia will: • Contain and remediate the incident; • Conduct an investigation and document the incident and response; • Notify affected individuals and regulators as required by applicable law and provide details of the nature of the breach, possible consequences and mitigation steps; • Cooperate with regulators and undertake post incident remediation. 18. Retention of Access Logs & Forensics Data We retain access logs, security logs and forensics data for system administration, security monitoring, compliance and investigations for a period proportionate to the purposes for which they were collected and in accordance with applicable law. 19. Grievance Redressal & Contact Information If you have questions, requests, complaints or wish to exercise your data subject rights, please contact: For general privacy enquiries or to opt out of marketing communications: Email: feedback@intellexia.ai If you are not satisfied with our response, you shall escalate the matter by writing to our founders at admin@intellexia.ai. Your communication should include a copy of the response with which you are dissatisfied, along with the reasons for such dissatisfaction. 20. Amendments & Updates to this Policy We may update this Policy periodically to reflect legal, regulatory, operational and technological changes. The "Last updated" date at the top indicates the date of the most recent revision. Where required by law, we will notify users of material changes and obtain consent if necessary. 21. Additional Legal Notices This Policy is provided in addition to any specific contractual terms between Intellexia and its customers or partners. In case of conflict, the applicable contract will govern processing of Personal Information subject to mandatory data protection obligations. 22. Contact & Effective Date Effective Date: November 22, 2025 For any other enquiries: feedback@intellexia.ai