Introduction
Yotta Data Services Private Limited (“Yotta,” “we,” “our,” or “us”) is a leading data center and technology services company headquartered in India, delivering a comprehensive portfolio of Information Technology/Information Technology Enabled Services (IT/ITeS), Artificial Intelligence (AI) solutions, and cloud services to clients across the globe.
Our offerings include hyperscale data center collocation, cloud computing infrastructure, AI model hosting and inferencing platforms, managed IT services, cybersecurity solutions, and enterprise-grade application hosting. While providing these services, we interact with various categories of personal data belonging to customers, employees, partners, vendors, and website visitors.
This Privacy Policy explains our practices regarding the collection, use, processing, storage, transfer, and protection of such personal data, and describes the rights you have under applicable privacy laws. Yotta is committed to maintaining the confidentiality, integrity, and availability of the information entrusted to us and adheres to the highest standards of data protection in compliance with the Digital Personal Data Protection Act, 2023 (India), the General Data Protection Regulation (GDPR – EU/EEA), the California Consumer Privacy Act and California Privacy Rights Act (CCPA/CPRA), and other relevant global privacy regulations.
By using our platform, availing our services, or submitting your personal data through our interfaces, you provide your explicit consent for the processing of your Personal Data and acknowledge that you have read, understood, and agreed to the terms of this Privacy Policy.
Scope of Policy
This Policy applies to our processing of personal data in relation to the provision of any of our products and/or services, including:
- When you request information from us;
- When you engage our services and/or purchase our products;
- As a result of your relationship with one or more of our clients;
- Where you apply for a job or work placement; and
- Your use of our websites (including our associated sites) and online services.(including our mobile apps, platforms, etc. if any).
This policy governs all personal data we collect during such interactions, including but not limited to account creation, billing, authentication, and usage tracking — across all jurisdictions where we operate or where users access our services.
Definition
Personal Data Or Personal Identifiable Information (PII)
This policy governs all personal data we collect during such interactions, including but not limited to account creation, billing, authentication, and usage tracking — across all jurisdictions where we operate or where users access our services.
How your Personal Data is collected directly from you?
We collect Personal Data you provide to us voluntarily, including when you:
- Create an account or subscribe to our services or access our platforms – such as name, email address, phone number, organization, billing information, authentication details, etc.
- Enter into a contract with us – including Know Your Customer (KYC) and compliance documentation such as identification proofs, address proofs, tax information, financial details, etc.
- Engage our customer support or sales teams – through emails, chatbot, ticketing systems, or feedback forms, etc.
- Participate in events, promotions, or surveys – where you voluntarily provide details such as contact information, preferences, feedback, etc.
- Apply for a job or internship and during your employment with us – including education history, employment history, nationality, health information, and results of background verification checks such as identity, eligibility to work, criminal record, financial probity, reference checks, etc.
- Visit our offices or data center facilities – where we may record visitor details, capture CCTV footage, and in some cases collect biometric identifiers (e.g., fingerprint or facial scan) for secure facility access.
Automatic collection of Personal Data
We automatically collect certain information through your interaction with our websites, platforms, APIs, and hosted tools, including:
- Device and browser information (IP address, device identifiers, operating system, browser type, etc.).
- Date, time, and duration of access, login events, and usage activity.
- Navigation and interaction patterns on our websites and dashboards.
- API usage metadata (e.g., model accessed, number of calls, response times, error logs, etc.).
- Information collected through cookies and similar technologies, in accordance with our Cookie Policy.
FROM THIRD PARTY SERVICE PROVIDERS:
We may receive Personal Data about you from:
- Enterprise customers and integration partners who provide authorized user details for service access.
- Service providers and business partners who assist us in delivering services including professional advisors and individual associated with our service provider (e.g., payment processors, resellers, analytics providers).
- Recruitment agencies and reference providers during hiring processes.
Marketing
We (and permitted third parties) may contact you for direct marketing purposes via social media, direct messages, post, telephone, email and SMS/MMS.
This marketing may relate to:
- Products and services we (or permitted third parties) believe may be of interest to you;
- Information about other goods and services we offer that are similar to those that you have already used or inquired about;
- Upcoming events, promotions, and new products and/or services or other opportunities.;
- Products and services of selected third parties who are contracted by us.
If you no longer wish to receive marketing communications from us, you may click on the unsubscribe link on any marketing communication that you receive from us.
For clarity, any telephone calls that you make to us may be recorded for training or security purposes and may be stored and used to verify your instructions to us.
Purpose & Use of Personal Data
We may use/process your personal data in the following circumstances:
- To create and manage your Account.
- To provide access to our various application, digital interfaces, platform(s), AI models and alike services.
- In performance of a contract with you.
- To process your job application.
- To provide our services including this website to you.
- To provide and improved experience when you avail our services and products.
- To notify you about changes to the products and/or services that we offer and (where you have indicated your consent) to directly market these products and/or services to you.
- Research, statistical and survey purposes.
- To allow you to participate in interactive features of our products and services.
- As part of our efforts to keep our products and/or services safe and secure.
- To analyse your credit history (if applicable).
- To handle payment and collection processes to and from customers.
- For anti-money laundering, prevention of terrorist financing, and identity verification purposes..
With reference to above stated purposes the following data elements may be collected as applicable:
| During Registration Process | While Accessing Our Services Or Products | During The KYC Process | For Billing And Payment Processing | For Support Function |
|---|---|---|---|---|
| Individual Name/ Organization name | IP Address | Valid Identification proof | Billing name and address | First name |
| Primary contact first name | Browser and Device Type | Valid Address proof | Country | Last name |
| Primary contact last name | API key usage metrics | State | ||
| Primary email | Session duration and logout timestamps | City | Country code |
Who do we share your Personal Data with?
Yotta values your privacy and does not sell, rent, or commercially exploit your personal data. However, we may share your personal data with the following categories of recipients:
Regulatory Bodies:
We may disclose your personal data:
- To statutory authorities/regulators and law enforcement agencies (including those responsible for enforcing anti-money laundering legislations) in response to an inquiry/order from a government agency/judicial institution.
- To data protection authorities of various jurisdiction.
Third-party service providers & sub-processors:
We may disclose your personal data to our third-party service providers and sub-processors who may require access to such information for the purpose of providing specific services to us or to you.
For example, we may share personal data with the following categories of third parties service provider and sub-processors:
| Category (Indicative) | Purpose (Indicative) |
|---|---|
| Cloud Infrastructure Providers | Host our platform, store your account data securely. |
| Payment & Billing Processors | Process payments, generate invoices, manage subscriptions. |
| Authentication Tools | Enable secure login, MFA, session management. |
| Analytics & Monitoring Tools | Help us improve platform reliability and usage insights. |
| Customer Support Systems | Track and respond to your inquiries and support requests. |
| Legal & Compliance Services | Ensure legal recordkeeping and audit trails. |
Change of Ownership
In the event we sell or purchase any business or assets, we may disclose relevant Personal Data to the prospective seller or buyer, subject to appropriate confidentiality and data protection safeguards. If Yotta, or substantially a portion or all of its business/assets, are acquired by a third party, the Personal Data held by us about you may be transferred to the acquirer in accordance with applicable data protection laws.
Disclosure of employment data
In case you are in an Employment or internship at Yotta, we may disclose your personal data (including diversity and equal opportunities data) to academic institutions, recruiters, screening check providers, health service providers, professional and trade associations, law enforcement agencies, auditors/consultants, recruitment analytics and diversity research providers, referees, and your previous or future employers.
How we protect your Personal Data?
We care about protecting your information and put in place appropriate measures that are designed to prevent unauthorized access to, and misuse of your Personal Data.
We achieve this through implementing a range of appropriate technical and organizational safeguards, such as:
- Maintaining industry-recognized certifications such as ISO 27001 and ISO 27701.
- Ensuring secure and lawful cross-border data transfer capabilities.
- Maintaining compliance readiness with GDPR, DPDPA, and CCPA/CPRA.
- Protecting passwords using industry-standard encryption.
- Implementing measures to preserve system security, prevent unauthorized access, and maintain secure backup systems to safeguard against accidental or malicious loss of data.
How long we keep your Personal Data?
We will not keep your personal data for longer than it is necessary for the purpose(s) for which we have processed it, unless we believe that the law or other regulation requires us to retain it.
In determining the appropriate retention period for different types of Personal Data, we take into account the amount, nature, and sensitivity of the data; the potential risk of harm from unauthorized use or disclosure; the purposes for which we process the data; and whether those purposes can be achieved by other means. We also consider applicable legal, regulatory, tax, accounting, and operational requirements.
Once we determine that we no longer need to retain your Personal Data, we will delete it from our systems or render it inaccessible and unusable by Yotta or its authorized third parties, taking all necessary steps to ensure that the privacy and confidentiality of the data are protected throughout the deletion or anonymization process.
Guidelines for children
Services/Products/Platforms offered by Yotta are not intended for individuals below 18 years of age.
We do not knowingly or intentionally gather personal information from children. However, if we become aware that we have inadvertently processed such data, we will delete it promptly. If you have any concerns, please contact our Privacy Officer / DPO at dpo@yotta.com