Compliance Directive

Privacy
Protocol

Outline of personal data capture protocols, processing scopes, consent mechanisms, and user rights under DPDP Act 2023 rules.

Last Updated: June 02, 2026

SARAL Notice: In compliance with Section 5 of the Digital Personal Data Protection (DPDP) Act, 2023, this Privacy Protocol is presented in a Simple, Accessible, Rational, and Actionable layout. It details what data is captured, how it is processed, and how you can manage your permissions.

1. Data Collection Scopes

We collect personal data through two distinct paths:

  • Intake Form Data (Voluntary): Name, email address, contact phone number, company profile, projected capital band, and specific project context submitted during consultation requests.
  • System Metric Data (Automatic): IP address, device footprint, screen size, referral links, map grid hover interactions, and simulator slider variables logged anonymously for analytics.

2. Processing Purpose

Your data is processed strictly for the following purposes:

  • To evaluate business blueprints and prepare customized growth architectures before sync meetings.
  • To establish direct contact channels via email or secured WhatsApp lines.
  • To optimize interactive mapping simulators and dashboard metrics on this console.

3. Data Processor Obligations

When Artheon is hired to build and run client campaigns (e.g. Meta Ads, Google Ads) or integrate workflows (e.g. WhatsApp auto-responders, CRM pipelines), Artheon acts as a Data Processor on behalf of the client (the **Data Fiduciary**). In such cases, all processing complies strictly with the signed Data Processing Addendum (DPA) between Artheon and the client, ensuring strict data minimization, limited retention, and prompt breach notification.

4. Third-Party Integrations & Data Sharing

We do not sell personal data to brokers. Data is routed through secure APIs to facilitate system operations:

  • FormSubmit.co API: Securely encrypts and forwards contact intake submissions directly to our email.
  • Advertising Pixels (Meta, Google, LinkedIn): Tracks conversion efficiency to optimize ad campaigns. Users can block cookies through their browser settings.

5. Rights of Data Principals (Users)

Under the DPDP Act 2023, you hold absolute rights to manage your data:

  • Access & Correction: You can request a summary of the data we hold or ask to correct errors.
  • Erasure: You can request that we delete your personal data from our databases.
  • Consent Withdrawal: You can withdraw consent for data processing at any time.

To exercise any of these rights, send a direct request to **chandan@artheons.com**. Your request will be processed within fourteen (14) business days.

6. Grievance Redressal Officer

If you have questions, feedback, or complaints regarding this Privacy Protocol or data handling practices, reach out to our Grievance Officer:

Officer: Chandan Arora
Title: Data Protection Officer & Founder
Email: chandan@artheons.com
Phone: +91 9322693571

Direct Sync