»» GETNOS LEGAL · PRIVACY POLICY »» DPDP ACT 2023 COMPLIANT · INDIA »» YOUR DATA. YOUR CONTROL. ALWAYS. »» LAST UPDATED · APRIL 2026 »» GETNOS LEGAL · PRIVACY POLICY »» DPDP ACT 2023 COMPLIANT · INDIA »» YOUR DATA. YOUR CONTROL. ALWAYS. »» LAST UPDATED · APRIL 2026
Home»» Legal»» Privacy Policy
◆ LEGAL · PRIVACY POLICY

YOUR DATA.
your CONTROL.

Plain English. Zero dark patterns. We collect what we need, nothing more. You can request, correct, or delete your data any time. Here's how all of it works.

Last updated: 19 April 2026
Effective: 19 April 2026
Governing law: India · DPDP Act 2023
Version: 2.0
◆ THE TL;DR

We collect your name, email, phone, and business info when you opt in or book a call. so we can actually help you. We don't sell your data. We don't share it with advertisers. You can delete it any time by emailing legal@getnos.io. That's the whole story. The rest below is the detailed, legally-complete version.

◆ SECTION 01Who we are

This Privacy Policy applies to all services offered by Getnos. a conversion systems agency operating under the business name Getnos, with operations based in Chennai, Tamil Nadu, India. Our website is hosted at getnos.io.

Under India's Digital Personal Data Protection Act, 2023 (DPDP Act), Getnos is the "Data Fiduciary" for personal data collected through our services. Under the EU GDPR (where applicable for European clients), we are the "Data Controller."

For any privacy matters, our designated contact is:

◆ DATA PROTECTION OFFICER
Data Protection Officer
Email · legal@getnos.io
Phone ·
Subject line · "Privacy Request"

◆ SECTION 02What we collect

We collect three categories of personal data. Here's exactly what each one includes:

Category What we collect When
Contact info First name, business email, phone number, company name, job title When you opt in, book a call, or email us
Business info Industry, company size, revenue range, current marketing spend (only if you share it on a discovery call) During discovery / strategy calls
Technical data IP address, browser type, device info, pages visited, time on site, referral source Automatically, when you visit the website
Communication records Emails, WhatsApp messages, call recordings (only with explicit consent) When you interact with us directly

What we do not collect

  • Government ID numbers (Aadhaar, PAN, passport, etc.)
  • Financial data (credit card, bank account. payments go through secure third-party processors)
  • Location data beyond general city-level IP geolocation
  • Health, biometric, or sensitive personal data
  • Data from users under 18. see Section 10

◆ SECTION 03Why we collect it

Under the DPDP Act, we can only process personal data for specific, lawful purposes. Ours are:

01 · Delivering the service you asked for

If you book a call, we use your info to schedule, run, and follow up on that call. If you opt in for a lead magnet, we use your email to send it. This is called "contractual necessity."

02 · Communicating with you

Answering your questions. Sending newsletters (only if you subscribed). Sending scheduled emails related to your engagement. You can unsubscribe from marketing emails any time via the link at the bottom of every email.

03 · Improving our service

Analyzing aggregate website data (via tools like Google Analytics 4) to understand which pages work, which don't, where traffic comes from. We never use this to build individual profiles or sell insights.

04 · Running advertising

We use Meta Pixel, Google Ads conversion tracking, and LinkedIn Insight Tag to measure our own marketing effectiveness and retarget visitors with relevant ads. You can opt out of this. see Section 05.

05 · Complying with legal obligations

Tax records, contract documentation, and any data we're required to retain by Indian law (typically 7 years for financial records).

◆ SECTION 04Who we share it with

We do not sell your personal data. Ever. Full stop.

We do share limited data with carefully-selected third parties ("Data Processors") who help us operate. Each one is contractually bound to protect your data:

Service What we share Why
Google Workspace Email content, calendar data Running our email / calendar
Tidycal Name, email, booking info Call scheduling
Google Analytics 4 Anonymized website behavior Understanding site performance
Meta / LinkedIn Ads Anonymized conversion events Measuring ad effectiveness
Email service provider Name, email, engagement data Sending email campaigns
Stripe / Razorpay Payment info (processed directly by them) Payment processing
Slack Client communication only Active engagements

We may also share your data if legally required (court order, regulatory request, fraud investigation) or if needed to protect our rights, property, or safety.

◆ SECTION 05Cookies & tracking

When you visit getnos.io, we use cookies and similar technologies. Some are essential (the site won't work without them). Others are for analytics or advertising. and you can reject those any time.

The four cookie categories we use:

TypePurposeCan you opt out?
Essential Remember your cookie preferences, keep you logged in, prevent fraud No (site won't function)
Analytics Google Analytics 4 · anonymized visitor behavior Yes · via our cookie banner
Advertising Meta Pixel, Google Ads, LinkedIn Insight · retargeting and attribution Yes · via our cookie banner
Functional Remember form inputs, chat preferences Yes · via our cookie banner

You can manage cookie preferences at any time by clicking the "Manage cookies" link in the footer, or by clearing your browser's cookies for our site.

Browser-level opt-outs: Chrome, Safari, and Firefox all let you block cookies site-wide or per-site via Settings → Privacy.

◆ SECTION 06Your rights

Under the DPDP Act 2023, you have the following rights over your personal data. We respond to all valid requests within 30 days.

Right to access

Ask us what personal data we hold about you. We'll send you a complete summary.

Right to correction

If your data is wrong or outdated, tell us. We'll fix it.

Right to erasure ("right to be forgotten")

Request that we delete your personal data. We'll confirm deletion within 30 days. except where we're legally required to retain it (e.g., tax records).

Right to withdraw consent

If we're processing your data based on your consent (e.g., marketing emails), you can withdraw it any time. Withdrawal doesn't affect the legality of processing before withdrawal.

Right to nominate

Under the DPDP Act, you can nominate another person to exercise your rights in case of death or incapacity. Email us to set this up.

Right to grievance redressal

If you believe we've mishandled your data, email legal@getnos.io with subject "Grievance." We'll respond within 30 days. If unresolved, you can escalate to India's Data Protection Board (DPB).

◆ HOW TO EXERCISE ANY RIGHT

Email legal@getnos.io with subject "Privacy Request" and describe what you want. We may ask for proof of identity before fulfilling requests, to protect your data from unauthorized access.

◆ SECTION 07Security

We take reasonable, industry-standard steps to protect your data:

  • TLS 1.3 encryption on all data transfers (HTTPS)
  • Encrypted storage for sensitive data
  • Two-factor authentication on all team accounts accessing data
  • Access controls. only crew members working on your engagement have access to your data
  • Regular security reviews and vendor audits
  • Breach notification within 72 hours to affected individuals and the Data Protection Board

No system is 100% secure, and we can't guarantee absolute security. But we treat data protection with the same seriousness we treat our client engagements.

◆ SECTION 08How long we keep it

We retain personal data only as long as necessary for the purpose it was collected.

Data typeRetention period
Prospect / lead data (no engagement)24 months after last contact, then deleted
Client engagement dataDuration of engagement + 7 years (Indian tax law)
Marketing email subscribersUntil you unsubscribe + 30 days for cleanup
Website analytics (anonymized)14 months in Google Analytics
Call recordings (if consented)90 days, then deleted

◆ SECTION 09International data transfers

Getnos is based in India, but some of our tools (Google Workspace, Slack, Tidycal) may store data on servers outside India. typically in the US or EU.

Under the DPDP Act 2023, we only transfer data to countries approved by the Indian government, or where the receiving entity offers equivalent data protection standards. We work only with SOC 2 Type II certified providers where possible.

If you're an EU/UK resident and your data is transferred outside those regions, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission.

◆ SECTION 10Children's privacy

Our services are strictly for business owners and marketing decision-makers. not for children. We do not knowingly collect data from anyone under 18 years of age.

If you believe we've inadvertently collected data from a minor, email legal@getnos.io and we'll delete it immediately.

◆ SECTION 11Changes to this policy

We may update this Privacy Policy occasionally. when laws change, when our tools change, or when our practices evolve. Updates will be posted on this page with a new "Last updated" date.

If changes are material (e.g., a new category of data sharing), we'll notify email subscribers and clients directly with at least 30 days' notice before the changes take effect.

By continuing to use getnos.io after changes are published, you agree to the updated policy. If you disagree, you're free to close your account and request data deletion.

◆ SECTION 12Contact us

Any questions, concerns, or requests related to this policy? Reach out directly:

◆ PRIVACY CONTACT
Data Protection Officer & DPO
Email · legal@getnos.io
Phone ·
Location · Chennai, Tamil Nadu, India
Response time · 30 days or less per DPDP Act

If we can't resolve your concern, you have the right to complain to India's Data Protection Board, once constituted under the DPDP Act 2023. EU/UK residents can also complain to their local data protection authority.