INTRODUCTION
Yotta Data Services Private Limited (“Yotta,” “we,” “our,” or “us”) is a leading data center and technology services company headquartered in India, delivering a comprehensive portfolio of Information Technology/Information Technology Enabled Services (IT/ITeS), Artificial Intelligence (AI) solutions, and cloud services to clients across the globe.
Our offerings include hyperscale data center collocation, cloud computing infrastructure, AI model hosting and inferencing platforms, managed IT services, cybersecurity solutions, and enterprise-grade application hosting. While providing these services, we interact with various categories of personal data belonging to customers, employees, partners, vendors, and website visitors.
This Privacy Policy explains our practices regarding the collection, use, processing, storage, transfer, and protection of such personal data, and describes the rights you have under applicable privacy laws. Yotta is committed to maintaining the confidentiality, integrity, and availability of the information entrusted to us and adheres to the highest standards of data protection in compliance with the Digital Personal Data Protection Act, 2023 (India), the General Data Protection Regulation (GDPR – EU/EEA), the California Consumer Privacy Act and California Privacy Rights Act (CCPA/CPRA), and other relevant global privacy regulations.
By using our platform, availing our services, or submitting your personal data through our interfaces, you provide your explicit consent for the processing of your Personal Data and acknowledge that you have read, understood, and agreed to the terms of this Privacy Policy.
SCOPE OF POLICY
This Policy applies to our processing of personal data in relation to the provision of any of our products and/or services, including:
- When you request information from us;
- When you engage our services and/or purchase our products;
- As a result of your relationship with one or more of our clients;
- Where you apply for a job or work placement; and
- Your use of our websites (including our associated sites) and online services.
(including our mobile apps, platforms, etc. if any).
This policy governs all personal data we collect during such interactions, including but not limited to account creation, billing, authentication, and usage tracking — across all jurisdictions where we operate or where users access our services
DEFINITION
Personal Data Or Personal Identifiable Information (PII)
‘Personal Data’ or ‘Personal Identifiable Information’ is any information which either directly or in combination with other information availed or likely to be availed by an organisation, identifies an individual (“Data Subject” or “Data Principal”). Examples of Personal Data could include names, Email IDs, phone numbers etc.
Certain types of Personal Data known as “Special Categories of Personal Data” or “Sensitive Personal Data”, as defined under applicable laws, may or may not include passwords, financial details, official identifiers, medical information etc.
For the purposes of this Policy, Personal Data includes Sensitive Personal Data.
HOW YOUR PERSONAL DATA IS COLLECTED
DIRECTLY FROM YOU:
We collect Personal Data you provide to us voluntarily, including when you:
- Create an account or subscribe to our services or access our platforms – such as name, email address, phone number, organization, billing information, authentication details, etc.
- Enter into a contract with us – including Know Your Customer (KYC) and compliance documentation such as identification proofs, address proofs, tax information, financial details, etc.
- Engage our customer support or sales teams – through emails, chatbot, ticketing systems, or feedback forms, etc.
- Participate in events, promotions, or surveys – where you voluntarily provide details such as contact information, preferences, feedback, etc.
- Apply for a job or internship and during your employment with us – including education history, employment history, nationality, health information, and results of background verification checks such as identity, eligibility to work, criminal record, financial probity, reference checks, etc.
- Visit our offices or data center facilities – where we may record visitor details, capture CCTV footage, and in some cases collect biometric identifiers (e.g., fingerprint or facial scan) for secure facility access.
AUTOMATIC COLLECTION OF PERSONAL DATA :
We automatically collect certain information through your interaction with our websites, platforms, APIs, and hosted tools, including:
- Device and browser information (IP address, device identifiers, operating system, browser type, etc.).
- Date, time, and duration of access, login events, and usage activity.
- Navigation and interaction patterns on our websites and dashboards.
- API usage metadata (e.g., model accessed, number of calls, response times, error logs, etc.).
- Information collected through cookies and similar technologies, in accordance with our Cookie Policy.
FROM THIRD PARTY SERVICE PROVIDERS:
We may receive Personal Data about you from:
- Enterprise customers and integration partners who provide authorised user details for service access.
- Service providers and business partners who assist us in delivering services including professional advisors and individual associated with our service provider (e.g., payment processors, resellers, analytics providers).
- Recruitment agencies and reference providers during hiring processes.
MARKETING:
We (and permitted third parties) may contact you for direct marketing purposes via social media, direct messages, post, telephone, email and SMS/MMS.
This marketing may relate to:
- Products and services we (or permitted third parties) believe may be of interest to you;
- Information about other goods and services we offer that are similar to those that you have already used or inquired about;
- Upcoming events, promotions, and new products and/or services or other opportunities.;
- Products and services of selected third parties who are contracted by us.
If you no longer wish to receive marketing communications from us, you may click on the unsubscribe link on any marketing communication that you receive from us.
For clarity, any telephone calls that you make to us may be recorded for training or security purposes and may be stored and used to verify your instructions to us.
PURPOSE AND USE OF PERSONAL DATA:
We may use/process your personal data in the following circumstances:
- To create and manage your Account.
- To provide access to our various application, digital interfaces, platform(s), AI models and alike services.
- In performance of a contract with you.
- To comply with Yotta’s legal or regulatory obligations.
- To process your job application.
- To provide our services including this website to you.
- To provide and improved experience when you avail our services and products.
- To notify you about changes to the products and/or services that we offer and (where you have indicated your consent) to directly market these products and/or services to you.
- Research, statistical and survey purposes.
- To allow you to participate in interactive features of our products and services.
- As part of our efforts to keep our products and/or services safe and secure.
- To analyse your credit history (if applicable).
- To handle payment and collection processes to and from customers.
- For anti-money laundering, prevention of terrorist financing, and identity verification purposes.
With reference to above stated purposes the following data elements may be collected as applicable:
| During Registration process | While accessing our services or products | During the KYC process | For Billing and payment processing | For Support function |
| Individual Name/ Organization name | IP Address | Valid Identification proof | Billing name and address | First name |
| Primary contact first name | Browser and Device Type | Valid Address proof | Country | Last name |
| Primary contact last name | API key usage metrics | | State | Email |
| Primary email | Session duration and logout timestamps. | | City | Country code |
| Country code Primary contact no. Individual/Company website Primary address | | | Postal code Taxation type GSTIN / Taxation ID Credit limit | Contact no. |
| Country | | | Billing cycle | |
| State | | | Bill date | |
| City Postal Code | | | Currency Billing Type | |
| | | Debit/Credit Card/Other Digital payment Information | |
WHO DO WE SHARE YOUR PERSONAL DATA WITH
Yotta values your privacy and does not sell, rent, or commercially exploit your personal data. However, we may share your personal data with the following categories of recipients:
REGULATORY BODIES:
We may disclose your personal data:
- To statutory authorities/regulators and law enforcement agencies (including those responsible for enforcing anti-money laundering legislations) in response to an inquiry/order from a government agency/judicial institution.
- To data protection authorities of various jurisdiction.
THIRD-PARTY SERVICE PROVIDERS AND SUB-PROCESSORS:
We may disclose your personal data to our third-party service providers and sub-processors who may require access to such information for the purpose of providing specific services to us or to you.
For example, we may share personal data with the following categories of third parties service provider and sub-processors:
| Category (Indicative) | Purpose (Indicative) |
| Cloud Infrastructure Providers | Host our platform, store your account data securely. |
| Payment & Billing Processors | Process payments, generate invoices, manage subscriptions. |
| Authentication Tools | Enable secure login, MFA, session management. |
| Analytics & Monitoring Tools | Help us improve platform reliability and usage insights. |
| Customer Support Systems | Track and respond to your inquiries and support requests. |
| Legal & Compliance Services | Ensure legal recordkeeping and audit trails. |
CHANGE OF OWNERSHIP:
In the event we sell or purchase any business or assets, we may disclose relevant Personal Data to the prospective seller or buyer, subject to appropriate confidentiality and data protection safeguards. If Yotta, or substantially a portion or all of its business/assets, are acquired by a third party, the Personal Data held by us about you may be transferred to the acquirer in accordance with applicable data protection laws.
DISCLOSURE OF EMPLOYMENT DATA:
In case you are in an Employment or internship at Yotta, we may disclose your personal data (including diversity and equal opportunities data) to academic institutions, recruiters, screening check providers, health service providers, professional and trade associations, law enforcement agencies, auditors/consultants, recruitment analytics and diversity research providers, referees, and your previous or future employers.
HOW WE PROTECT YOUR PERSONAL DATA
We care about protecting your information and put in place appropriate measures that are designed to prevent unauthorized access to, and misuse of your Personal Data.
We achieve this through implementing a range of appropriate technical and organisational safeguards, such as:
- Maintaining industry-recognized certifications such as ISO 27001 and ISO 27701.
- Ensuring secure and lawful cross-border data transfer capabilities.
- Maintaining compliance readiness with GDPR, DPDPA, and CCPA/CPRA.
- Protecting passwords using industry-standard encryption.
- Implementing measures to preserve system security, prevent unauthorized access, and maintain secure backup systems to safeguard against accidental or malicious loss of data.
HOW LONG WE KEEP YOUR PERSONAL DATA
We will not keep your personal data for longer than it is necessary for the purpose(s) for which we have processed it, unless we believe that the law or other regulation requires us to retain it.
In determining the appropriate retention period for different types of Personal Data, we take into account the amount, nature, and sensitivity of the data; the potential risk of harm from unauthorised use or disclosure; the purposes for which we process the data; and whether those purposes can be achieved by other means. We also consider applicable legal, regulatory, tax, accounting, and operational requirements.
Once we determine that we no longer need to retain your Personal Data, we will delete it from our systems or render it inaccessible and unusable by Yotta or its authorised third parties, taking all necessary steps to ensure that the privacy and confidentiality of the data are protected throughout the deletion or anonymisation process.
GUIDELINES FOR CHILDREN
Services/Products/Platforms offered by Yotta are not intended for individuals below 18 years of age.
We do not knowingly or intentionally gather personal information from children. However, if we become aware that we have inadvertently processed such data, we will delete it promptly. If you have any concerns, please contact our Privacy Officer / DPO at dpo@yotta.com .
YOUR PRIVACY RIGHTS:
We process personal data only when we have a lawful basis to do so. Our legal obligations vary based on the country or region you are located in — and we follow a regionally adaptive privacy framework to ensure compliance with the most stringent standards globally, including:
- The Digital Personal Data Protection Act, 2023 (India)
- The General Data Protection Regulation (GDPR – European Union / EEA/UK)
- The California Consumer Privacy Act (CCPA) and its amendment, the California Privacy Rights Act (CPRA)
We respect and recognize your rights over your data. Depending on your location, you may have access to some or all of the following rights:
| EU & UK (GDPR/UK GDPR) | California (CCPA/CPRA) | India (DPDPA) | General Rights (Available to all users World-wide) |
| Right to Access | Right to Know | Right to Access | Right to Access |
| Right to Rectification | Right to Delete | Right to Correction | Right to correction |
| Right to Erasure | Right to opt-out of sale/sharing of Personal Data | Right to Erasure | Right to Erasure |
| Right to Restrict Processing | Right to appoint an authorized agent. | Right to withdraw consent. | Right to withdraw consent |
| Right to Data Portability | | Right to Grievance Redressal | Right to raise a complaint via DPO |
| Right to Object | | Right to Nominate | |
| Rights to opt-out of Automated Processing | | | |
| Right to Withdraw Consent | | | |
| Right to file a complaint. | | | |
We will seek to deal with your request without undue delay, and in any event within one month (subject to any extensions to which we are lawfully entitled) of receipt of your request. Please note that we may keep a record of your communications to help us resolve any issues which you raise.
You may submit any requests pertaining to the exercise of your Privacy rights by writing to us in the following manner:
- Email: Send your request to dpo@yotta.com .
- Jurisdiction: Specify your jurisdiction (e.g., “EU Resident,” “UK Resident,” etc.) so we can provide a suitable response in accordance with applicable laws.
- Verification: We may require you to verify your identity before processing your request to ensure the security and integrity of your Personal Data.
Please note that if you choose to withdraw your consent, it may impact our ability to provide the requested services and could result in the complete cessation of any availed services or access to our Platforms(s), Applications, etc.
INTERNATIONAL DATA TRANSFER:
We operate a global platform from its base in India and rely on cloud infrastructure and third-party service providers that may be located in various jurisdictions across the globe. This means that your personal data may be transferred to, stored in, or processed in countries other than your own, including countries that may have different data protection legislation and industry standards.
We ensure that all international transfers of personal data are lawful, secure, and necessary for delivering our services.
CONTACT US:
If you have a concern about:
- How your personal data is being processed.
- An unresolved privacy issue or rights request.
- Any other query regarding the privacy of your Personal Data.
You may contact our Data Protection Officer (DPO) using the following details:
Name: Mr. Hemantkumar Shukla
Designation: Data Protection Officer (DPO)
Email: dpo@yotta.com
Correspondence Address: 12th Floor, Hiranandani Knowledge Park, Hiranandani Gardens, Powai, Mumbai, Maharashtra, India – 400076.
CHANGES TO THIS POLICY
This Policy is effective since November 2019. We may change this Privacy Policy from time to time adhering to the best practices and standards and reserve the right to do so any time.
Updated Policy will be available at our website you are advised to check this Privacy Policy periodically.
Back