Legal

Privacy Policy

How we collect, use, and protect your personal information.

Last updated: 26 May 2026

1. Introduction

Welcome to The Mindroot Digital ("we", "our", "us"). We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website themindroot.com or engage with our services.

Please read this policy carefully. If you disagree with its terms, please discontinue use of our site. By accessing or using our website and services, you acknowledge that you have read, understood, and agree to this Privacy Policy.

2. Data We Collect

We may collect the following categories of personal information:

2.1 Information You Provide Directly

  • Contact details: Name, email address, phone number, company name.
  • Communication data: Messages, enquiries, and project briefs submitted via our contact form or email.
  • Account information: If you create an account or onboard as a client — login credentials, billing details.

2.2 Information Collected Automatically

  • Usage data: Pages visited, time spent, links clicked, referring URLs.
  • Device information: IP address, browser type and version, operating system, device identifiers.
  • Cookie data: Session cookies, analytics cookies, preference cookies. See our Cookie Policy for full details.

2.3 Information from Third Parties

  • Data from analytics providers (e.g., Google Analytics).
  • Information from advertising networks when you interact with our ads.
  • Publicly available professional information (e.g., LinkedIn, company websites) relevant to business enquiries.

3. How We Use Your Data

We use your personal information for the following purposes:

  • To respond to your enquiries and provide requested services.
  • To fulfil contractual obligations with clients.
  • To send service-related communications, invoices, and project updates.
  • To send marketing communications where you have opted in (you may opt out at any time).
  • To improve our website, services, and user experience through analytics.
  • To comply with legal obligations, resolve disputes, and enforce our agreements.
  • To detect and prevent fraud, security incidents, or other harmful activity.
Legal Basis (GDPR / UK GDPR): We process your data on the bases of contractual necessity, legitimate interests, your consent, and compliance with legal obligations. You may withdraw consent at any time without affecting the lawfulness of prior processing.

4. Data Sharing

We do not sell, rent, or trade your personal information. We may share your data with:

  • Service providers: Trusted third-party vendors who assist us in operating our website and delivering services (e.g., cloud hosting, email platforms, payment processors). These parties are contractually bound to process data only as instructed.
  • Analytics partners: Aggregated or anonymised data with analytics providers to understand website performance.
  • Legal authorities: When required by law, court order, or regulatory obligation.
  • Business transfers: In the event of a merger, acquisition, or asset sale, your data may be transferred to the acquiring entity.

5. Cookies

We use cookies and similar tracking technologies to enhance your experience on our website. For full details on the types of cookies we use and how to manage them, please refer to our Cookie Policy.

6. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes outlined in this policy, or as required by law. Retention periods vary by data type:

  • Client project data: 7 years after project completion (for accounting and legal purposes).
  • Contact enquiries: 2 years from last interaction if no contract is formed.
  • Marketing data: Until you unsubscribe or request deletion.
  • Website analytics: 26 months (in line with Google Analytics default retention).

7. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Right of access: Request a copy of the personal data we hold about you.
  • Right to rectification: Request correction of inaccurate or incomplete data.
  • Right to erasure: Request deletion of your personal data ("right to be forgotten").
  • Right to restrict processing: Request that we limit how we use your data.
  • Right to data portability: Receive your data in a structured, machine-readable format.
  • Right to object: Object to processing based on legitimate interests or for direct marketing.
  • Rights related to automated decision-making: Not to be subject to solely automated decisions with significant legal effects.

To exercise any of these rights, contact us at consult@themindroot.com. We will respond within 30 days.

8. Security

We implement appropriate technical and organisational security measures to protect your personal data against unauthorised access, loss, destruction, or alteration. These include:

  • SSL/TLS encryption for data in transit.
  • Restricted access controls for staff handling personal data.
  • Regular security assessments and vulnerability monitoring.

No method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

9. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of those sites and encourage you to review their privacy policies before providing any personal information.

10. Policy Changes

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page. We encourage you to review this page periodically. Continued use of our site after changes constitutes your acceptance of the updated policy.

11. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

The Mindroot Digital
Delhi, India
Email: consult@themindroot.com
Website: themindroot.com