top of page
  • LinkedIn
  • Instagram
  • Facebook
ADGtal - Logo - Transparent BG.png

Privacy Policy

Last updated: 26 January 2026

 

 

1. Introduction

 

ADGtal (“we”, “us”, “our”, “ADGtal”) is an automation-first performance marketing agency and a certified Google Ads and Shopify Partner. This Privacy Policy explains how we collect, use, disclose and protect personal data when you visit our website, use our services, contact us, or otherwise interact with us. This Policy describes your rights as a data principal and how to exercise them under India’s Digital Personal Data Protection (DPDP) framework. 

 

 

2. Definitions (short)

 

  • Personal Data / Personal Information: Any information relating to an identified or identifiable natural person.

  • Data Principal: The individual whose personal data is processed.

  • Data Fiduciary / ADGtal: The entity that determines the purpose and means of processing personal data.

  • Processing: Any operation performed on personal data.

 

 

3. Scope & Applicability

 

This Policy applies to personal data we collect: (a) via our website (www.adgtal.in), (b) via forms, emails or phone, (c) when you become a client or prospective client, and (d) when we process data for recruitment, vendors or partner relationships. It applies to processing within India and to processing outside India when it is related to offering goods or services to individuals in India. 

 

 

4. What personal data we collect

 

a. Contact & identity: name, job title, company, email, telephone numbers, postal address.

b. Account & service data: contractual details, billing information, invoices (where provided).

c. Usage & technical: IP address, device and browser information, cookies, page visits, referral source, analytics data.

d. Marketing & communications: preferences, consent history, interaction history with our communications.

e. Candidates / employees / contractors: CVs, interview notes, ID documents (only where necessary).

f. Sensitive data: we do not intentionally collect special category data (race, health, religion etc.). If we do so, we will obtain explicit consent and treat it with heightened protection.

 

 

5. Legal basis & purposes for processing (lawful processing)

 

We only process personal data for specific, explicit and lawful purposes, such as:

 

  • To provide and manage our services (campaign management, reporting, consultancy).

  • To communicate about proposals, deliverables, invoices and support.

  • For recruitment, onboarding and contractor management.

  • For marketing and business development (only where consent or a legitimate interest exists and as allowed by law).

  • To comply with legal obligations and for dispute resolution.

 

We rely primarily on consent, contractual necessity, legitimate interests (where balanced and documented), and compliance with legal obligations as lawful bases. All processing is purpose-limited and data minimised. 

 

 

6. Cookies & tracking technologies

 

We use cookies and similar technologies for essential site operation, analytics, and optional marketing (e.g. remarketing). You can manage cookie preferences through our cookie banner and your browser settings.

 

 

7. Third parties & processors

 

We share personal data with:

 

  • Service providers and subprocessors (cloud hosting, analytics, payment processors, email delivery).

  • Advertising and analytics platforms (Google Ads, Meta, Shopify integrations) for clients’ campaigns (subject to client instructions).

  • Professional advisors and auditors where necessary.

 

All subprocessors are required to maintain appropriate contractual safeguards and security measures. When transfers outside India occur, we rely on authorised transfer mechanisms or contractual protections as required under DPDP rules. 

 

 

8. Cross-border transfers

 

If we transfer personal data outside India (for hosting, processing, or service delivery), we will ensure suitable safeguards are in place consistent with applicable rules and approvals under DPDP; this may include contractual clauses or other lawful mechanisms. We limit such transfers to necessary third parties. 

 

 

9. Retention

 

We retain personal data only for as long as necessary for the purpose collected, to meet contractual or legal obligations, or to resolve disputes. Typical retention periods: leads and marketing contacts — up to 3 years after last contact (unless consented otherwise); client records and invoices — as required by law and for business purposes (usually 7 years). Specific retention schedules are documented internally.

 

 

10. Security measures

 

We use reasonable technical and organisational measures to protect personal data (access controls, encryption where applicable, secure hosting, vulnerability management, employee training). We strive for “privacy by design” in new services and features.

 

 

11. Data breach & notification

 

In the event of a personal-data breach, we will act promptly to contain and remediate the breach. Where required by law (including DPDP rules), we will notify the relevant authority/DPDP Board and affected individuals within the statutory timelines and provide required details of the breach and remediation steps. (The DPDP framework sets out breach reporting obligations and timelines.) 

 

 

12. Rights of Data Principals (your rights)

 

Under DPDP you have rights including:

 

  • Right to access your data.

  • Right to correction and erasure (subject to lawful retention).

  • Right to withdraw consent.

  • Right to grievance redressal and to lodge complaints with the Data Protection Board in certain cases.

 

We will respond to requests in accordance with applicable timelines and may require identity verification before fulfilling requests. 

 

 

13. Grievance Officer & Contact

 

Pursuant to DPDP, we have appointed a Grievance Officer to handle data-related requests and complaints. Please contact:

Grievance Officer: Abhiraj Das Ghosh

Email: abhiraj@adgtal.in

Phone: +91-8697948472

 

We aim to acknowledge and resolve grievances promptly and in line with statutory requirements. 

 

 

14. Children’s data

 

Our services are intended for adults and businesses. We do not knowingly collect data from children under the age specified by applicable law. If we learn that we have collected personal data of a child without verification of parental consent, we will take steps to delete it.

 

 

15. Changes to this Policy

 

We may update this Policy to reflect changes in law or our practices. Material changes will be notified on our site with an updated “Last updated” date.

 

 

16. How to contact us

 

For privacy questions or to exercise your rights: [privacy@adgtal.com] or contact the Grievance Officer (see above).

bottom of page