Effective Date: 20 April 2026 | Last Updated: 20 April 2026

1. Our Privacy Manifesto

At Resolve & Evolve, we do not just consult on data privacy, we architect it. We build secure, compliant frameworks for digital enterprises globally. Because trust is the ultimate currency of our business, we hold our own operations to the highest global standards (including the EU GDPR, India’s DPDP Act, and the CCPA).

This Privacy Notice is designed to be completely transparent about how we collect, use, protect, and respect your personal data when you visit http://www.resolveandevolve.in or engage our consultancy services.

We have one golden rule: We never sell your data. We only use it to deliver exceptional regulatory and commercial solutions.

2. The Data We Collect

Because we are a B2B consultancy, we intentionally minimize the data we collect, focusing strictly on what is necessary to do business with you.

A. Data You Provide to Us Directly

• Identity & Contact Data: Your name, professional email address, phone number, company name, and job title when you book a consultation or contact us.
• Service Data: Information regarding your company’s regulatory needs, existing compliance frameworks, or commercial contracts that you share during our gap assessments and advisory sessions.

B. Data We Collect Automatically

• Technical Data: IP address, browser type, time zone setting, and operating system.
• Usage Data: Information about how you navigate and interact with our website. (This is managed strictly via our Cookie Consent Manager—you are in complete control of this data).

3. Why We Use Your Data (And Our Lawful Basis)

Under global privacy laws, we must have a valid legal reason (a “lawful basis”) to process your data. We map every piece of data we collect to a specific purpose:

• To Provide Our Services: To execute our contracts, deliver gap assessments, and manage your account. (Lawful Basis: Performance of a Contract).
• To Improve Our Operations: To analyse site traffic and improve our digital infrastructure. (Lawful Basis: Legitimate Interest / Your explicit Consent for non-essential tracking).
• To Communicate with You: To send you regulatory updates, service responses, and essential administrative notices. (Lawful Basis: Legitimate Interest / Consent).
• To Comply with the Law: To maintain our own legal, tax, and accounting records. (Lawful Basis: Legal Obligation).

4. Who We Share Your Data With

Your compliance is only as strong as your weakest vendor, and we take our software supply chain seriously. We only share data with carefully vetted third-party processors who are bound by strict Data Processing Agreements (DPAs). We may share your data with:

• Secure Cloud & Infrastructure Providers: To host our website and store our encrypted business files (e.g., AWS, Google Workspace).
• Communication & CRM Tools: To manage your inquiries and schedule our consultations.
• Legal & Regulatory Authorities: Only if strictly required by a binding legal mandate.

5. Cross-Border Data Transfers

As a global consultancy, we may transfer your data outside of your home country. When we do, we ensure it is protected by enterprise-grade safeguards.

• If you are in the European Economic Area (EEA), we rely on adequacy decisions or execute Standard Contractual Clauses (SCCs).
• If you are in India, we strictly adhere to the localized data transfer frameworks mandated by the DPDP Act 2023.

6. Your Global Privacy Rights

We believe that privacy is a fundamental human right. Regardless of where you live in the world, we grant you the following “Super Rights” regarding your data:

• The Right to Know: You can ask us exactly what data we hold about you.
• The Right to Correction: If your data is inaccurate, we will fix it immediately.
• The Right to Erasure (“Right to be Forgotten”): You can ask us to permanently delete your data from our active systems, and we will comply (unless a superseding legal obligation requires us to retain it).
• The Right to Portability: You can request a copy of your data in a structured, machine-readable format.
• The Right to Withdraw Consent: If you gave us consent to track your analytics or send you newsletters, you can revoke it at any time with zero friction.

How to exercise these rights: Simply email us at privacy@resolveandevolve.in. We respond to all rights requests within 30 days.

7. Data Security & Retention

We prepare our clients for rigorous ISO 27001 and SOC-2 audits, which means our own internal security must be flawless. We protect your data using industry-standard encryption (both in transit and at rest), strict access controls, and regular vulnerability assessments.

We only keep your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including satisfying any legal, regulatory, tax, or accounting requirements.

8. Updates to this Notice

Regulations evolve, and so will this Notice. We will update this page whenever necessary to reflect changes in global laws or our internal operations. If we make material changes, we will notify you via a prominent banner on our website or a direct email.

9. Contact the Privacy Team

If you have any questions about this Notice, our data practices, or if you wish to exercise your rights, please reach out to our dedicated team:

• Email: privacy@resolveandevolve.in
• Mailing Address: Resolve & Evolve, Bangalore, India
• Grievance Officer (India DPDP Act): AMRITA GROVER, Independent Privacy Counsel. Reachable at: grievance@resolveandevolve.in