Privacy Policy
Your privacy matters to us. This policy explains what personal data we collect, how we use it, and your rights regarding that data. We are committed to transparency and responsible data handling.
Last updated: 1 January 2026. Compliant with the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and, where applicable, the General Data Protection Regulation (GDPR).
1. Information We Collect
We collect personal information in the following ways:
- Name, email address, and phone number (when you contact us, use our lead form, or create an account)
- Business name, address, PAN, and other identity documents (required for filing applications on your behalf)
- Payment information (processed securely by our payment gateway; we do not store card details)
- Documents you share with us: contracts, invention disclosures, trademark specimens, incorporation certificates
- Communications sent to us via email, WhatsApp, or the Site's contact forms
- IP address, browser type, operating system, and referring URL
- Pages visited on the Site, time spent, and interaction data (via Google Analytics)
- Cookie identifiers (see the Cookies section below)
- Device identifiers for mobile users
- Referral partner details (if you were referred by a partner firm)
- Publicly available information from the Trade Marks Registry, Patent Office, or other public databases relevant to your matter
- Payment verification data from our payment gateway providers (Razorpay/Cashfree)
2. How We Use Your Information
We use the personal information we collect for the following purposes:
- Service delivery: To prepare, file, and manage your IP applications and legal documents. We cannot provide our services without the personal and business information required for government filings.
- Account management: To create and maintain your client account, send order confirmations, invoices, and service updates.
- Communications: To respond to your queries, provide status updates on your matters, and send documents for your review and approval.
- Compliance: To verify your identity, comply with Know Your Client (KYC) obligations under applicable law, and to comply with our obligations under professional rules applicable to advocates.
- Payment processing: To process and reconcile payments for our services. Payment card data is handled directly by our PCI-DSS compliant payment gateway; we do not store raw card numbers.
- Marketing (with consent): To send you information about our services, new offerings, and relevant IP law updates, where you have opted in. You may opt out at any time.
- Site improvement: To analyse usage patterns, fix bugs, improve content, and enhance the performance of our Site using aggregated and anonymised analytics data.
- Legal obligations: To comply with court orders, regulatory requirements, and applicable Indian law.
3. Data Sharing
We do not sell your personal data to third parties. We share your data only in the following circumstances and only to the extent necessary:
- Government authorities: The Trade Marks Registry, Indian Patent Office, Copyright Office, Design Office, WIPO, and foreign IP offices require your personal and business details as part of the application process. This disclosure is mandatory for the provision of our services.
- Associate attorneys: Where your matter requires representation in a jurisdiction outside our team's scope (e.g., a foreign national phase attorney for PCT), we share the minimum necessary information with our vetted associate firms under confidentiality obligations.
- Service providers: Our technology vendors (cloud hosting, email platform, payment gateway, analytics) process data on our behalf under data processing agreements. They are not permitted to use your data for their own purposes.
- Referral partners: If you were referred to us by a partner firm, we may confirm order completion to that partner for commission calculation. We do not share the details of your matter.
- Legal requirement: We may disclose data where required to do so by law, court order, or lawful request from a government authority in India.
4. Cookies
Our Site uses cookies — small text files stored in your browser — to improve your experience and help us understand how the Site is used. We use the following categories of cookies:
- Essential cookies: Required for the Site to function — session management, CSRF protection, and login state. These cannot be disabled without breaking the Site.
- Analytics cookies (Google Analytics): Collect anonymised data on page visits, session duration, and user journeys. Used to improve Site content and performance. You may opt out by installing the Google Analytics opt-out browser add-on.
- Marketing cookies: Used only where you have opted in — for retargeting ads on Google or Meta platforms. You may opt out at any time via the cookie consent banner or your browser settings.
You can control cookies through your browser settings. Disabling non-essential cookies will not affect your ability to use our core services.
5. Data Retention
We retain your personal data for as long as necessary to deliver our services and meet our legal obligations:
- Active client data: Retained for the duration of your engagement with us and for 7 years after the completion or termination of the engagement, in compliance with professional record-keeping obligations under the Advocates Act and applicable tax law.
- Filed application records: Correspondence, specifications, and filings for patent, trademark, and copyright matters are retained for a minimum of 7 years after the expiry, abandonment, or lapsing of the relevant IP right.
- Marketing data: Email addresses of prospects who have not become clients are retained for 2 years from the date of collection, or until you opt out, whichever is earlier.
- Analytics data: Anonymised website analytics data may be retained indefinitely for trend analysis.
After the applicable retention period, we securely delete or anonymise your data.
6. Your Rights
Under applicable law, you may have the following rights with respect to your personal data:
- Access: Request a copy of the personal data we hold about you.
- Correction: Request correction of inaccurate or incomplete data.
- Deletion: Request deletion of your data, subject to our legal obligations to retain certain records.
- Withdrawal of consent: Withdraw consent to marketing communications at any time (this does not affect the lawfulness of processing before withdrawal).
- Portability: Where applicable under GDPR, request your data in a structured, machine-readable format.
- Objection: Object to processing based on legitimate interests, where applicable.
To exercise any of these rights, please contact us at the details below. We will respond within 30 days. Note that some requests may be limited by our legal obligations — for example, we cannot delete records required by law for regulatory compliance.
7. Data Security
We implement industry-standard technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include SSL/TLS encryption for data in transit, encrypted storage for sensitive documents, access controls limiting data access to authorised personnel, and regular security reviews.
No method of electronic transmission or storage is 100% secure. In the event of a data breach that may affect your rights, we will notify affected clients as required by applicable law.
8. Contact Us
For any questions, concerns, or requests relating to this Privacy Policy or your personal data, please contact our privacy team: