Privacy Policy

• Website visitors and prospects who browse our site, submit inquiries, subscribe to insights, or attend our events.
• Clients and their authorised personnel who engage us under a Statement of Work, Master Services Agreement, or Non-Disclosure Agreement.
• Third parties whose data is incidentally shared with us by a Client in the course of an engagement (e.g. employees, customers, suppliers of the Client). For such data, the Client is the data controller / data fiduciary and we act as the processor / data processor.
• Vendors, partners, and applicants who interact with us in a commercial or employment context.

Information you provide directly:

• Identifiers — name, designation, employer, business email, business phone.
• Inquiry content — the description of the business challenge, opportunity, or requirement you share with us.
• Engagement information — documents, interviews, data extracts, financials, strategy artefacts, customer data, operational metrics and other materials shared by Clients during a consulting engagement.
• Billing information — tax identifiers, registered address, billing contact, and other invoicing details. Payment instruments (card, UPI, net-banking, wire transfer details) are collected and processed exclusively by PCI-DSS compliant payment service providers and banking partners — we do not see, store, or have access to your full card number, CVV, UPI PIN, or net-banking credentials.

Information collected automatically:

• Device, browser, IP address, approximate location, referring URL, and pages visited.
• Cookies and similar technologies (see our Cookie Policy).

• Performance of a contract — to scope, deliver, invoice, and support consulting engagements.
• Consent — for marketing communications, newsletters, and non-essential cookies (which you may withdraw at any time).
• Legitimate interest — to operate our business, secure our systems, prevent fraud and abuse, evaluate prospects, and improve our services, balanced against your rights and expectations.
• Legal obligation — to comply with tax, accounting, anti-money-laundering, and other regulatory requirements applicable to a professional services firm.

All non-public information disclosed to us in the course of an engagement is treated as strictly confidential, whether or not it is marked "confidential". Every member of our team is bound by written confidentiality obligations. We use Client information only for the purpose of delivering the engagement and will not disclose, publish, or repurpose it without the Client's written consent, except where disclosure is required by law or a competent authority. Confidentiality obligations survive termination of the engagement.

We do not sell, rent, or trade personal data. We share data only in the following circumstances:

• Subprocessors — vetted vendors who help us operate the firm (e.g. cloud hosting, productivity and collaboration tools, secure file sharing, email delivery, analytics, video conferencing, accounting, and PCI-DSS compliant payment processing). Each subprocessor is bound by contractual confidentiality and data-protection commitments.
• Affiliates — our overseas hubs, where the engagement requires cross-hub collaboration, under the same confidentiality standards.
• Professional advisors — our legal, audit, and tax advisors, under privilege and confidentiality.
• Authorities — where disclosure is required by law, court order, or to protect our legal rights.
• Successors — in the event of a merger, acquisition, or reorganisation, with continued protection of your data under this policy.

Dynamactive Ventures operates from Mumbai with delivery hubs in Dubai, London, Singapore, and New York. Personal and engagement data may be transferred to, processed in, and stored in countries other than your own. Where transfers occur outside your home jurisdiction, we rely on appropriate safeguards including Standard Contractual Clauses, adequacy decisions where available, and contractual confidentiality and security commitments with all recipients.

Dynamactive Ventures does not store personal data except where it is directly necessary to deliver, invoice, or support the professional services we have been engaged to provide. We do not maintain personal data warehouses, sell contact lists, or retain individual profiles for purposes unrelated to an active or completed engagement.

Where we do hold data, retention is limited to the minimum period required by law or by the specific engagement. Indicative periods:

• Active engagement records and deliverables: retained for the duration of the engagement plus the statutory period required for professional and tax record-keeping (minimum 7 years from completion under Indian law), and longer only where required by law or a Client agreement.
• Invoicing, accounting, and tax records: 8 years, as required under Indian tax and company law.
• Prospect inquiries that do not convert to an engagement: up to 24 months from last interaction, after which they are securely deleted or anonymised.
• Marketing subscriptions: until you unsubscribe; subscription lists are not cross-referenced with engagement data.
• Website analytics and cookies: used only in aggregated or pseudonymised form; individual browsing profiles are not created or retained.

When retention is no longer required, data is securely deleted, destroyed, or anonymised. Engagement data containing Client-confidential material is disposed of in a manner that prevents recovery.

We maintain reasonable and appropriate technical and organisational security measures, including encryption in transit (TLS) and at rest where applicable, role-based access controls, multi-factor authentication for internal systems, principle-of-least-privilege access to Client material, vendor due diligence, secure disposal of physical and digital records, and periodic security reviews. No system is perfectly secure, but we work continuously to protect the information entrusted to us.

In the event of a personal data breach that is likely to result in a risk to your rights and interests, we will notify affected individuals and the appropriate regulatory authority without undue delay and in accordance with applicable law.

Subject to applicable law and our legal and professional obligations, you have the right to:

• Access the personal data we hold about you.
• Request correction of inaccurate or incomplete data.
• Request deletion of your data (subject to record-keeping obligations).
• Restrict or object to certain processing.
• Withdraw consent for marketing or non-essential cookies at any time.
• Lodge a complaint with the relevant data-protection authority.

To exercise any of these rights, contact us at info@dynamactiveventures.com. We will respond within 30 days. Where the data was provided to us by a Client (and you are an end-user of that Client), please contact the Client directly; we will assist them in responding.

Our services are directed to businesses and professionals. We do not knowingly collect personal data from individuals under the age of 18. If you believe a minor has provided us with personal data, please contact us so we can delete it.

We use cookies and similar technologies for site functionality, analytics, and to improve user experience. You can manage your preferences through your browser. For details, see our Cookie Policy.

In accordance with the Information Technology Act, 2000 and the rules thereunder, complaints regarding the processing of personal data may be addressed to our Grievance Officer:

We acknowledge complaints within 48 hours and aim to resolve them within 30 days.

For any questions about this Privacy Policy or our data practices, contact us at info@dynamactiveventures.com or via our Contact page. We may update this policy from time to time; the revised version will be posted on this page with a new effective date. Material changes will be highlighted, and where required by law, we will obtain fresh consent.

Last updated: 26 May 2026