1. Information We Collect
We collect information in several categories depending on how you interact with us:
Contact and Identity Information
- Name, email address, phone number provided via contact forms, WhatsApp, or direct outreach
- Company name, role, and business context shared during discovery calls or scoping sessions
- Payment information (handled via third-party processors; we do not store full card details)
Usage and Technical Data
- Website visit data: pages viewed, time spent, browser type, device type, IP address
- Referral source and how you found us
- Interaction data with our website (clicks, form submissions, scroll depth)
Engagement and Service Data
- Business requirements, goals, and context shared during or before a project engagement
- Documents, datasets, and materials provided to us as inputs to our work
- Feedback, communications, and correspondence during an engagement
Voice Agent and Product Interaction Data
- Conversation transcripts, audio recordings, and interaction logs generated by voice agents or AI products we develop and deploy on your behalf or for your end users
- User session data and behavioral signals within deployed products
- Metadata associated with voice interactions (timestamps, call duration, language, intent classifications)
If you deploy a BlissyAI-built voice agent or AI product, interaction data from your end users may flow through BlissyAI's infrastructure and is subject to this Policy unless separate data processing terms are agreed in writing.
2. How We Use Your Information
We use the information we collect for the following purposes:
| Purpose | Data Used |
|---|---|
| Service delivery and project execution | All engagement and service data |
| Communication and project management | Contact information, correspondence |
| Invoicing and payment processing | Contact and payment information |
| AI model improvement and training | Anonymized interaction data, conversation transcripts, usage patterns |
| Product development and internal R&D | Aggregated insights derived from service and engagement data |
| Analytics and performance monitoring | Technical and usage data |
| Marketing and case study development | Engagement outcomes, anonymized results |
| Legal compliance and fraud prevention | Identity and transaction data |
AI Training and Product Improvement: Conversation transcripts and anonymized interaction data from voice agents and other AI products may be used to improve BlissyAI's AI models, training datasets, and product capabilities. Aggregated insights derived from client engagements may be used internally and inform future product development. By engaging our services, you consent to this use.
3. Legal Basis for Processing
Under the DPDP Act 2023, we process personal data on the following bases:
- Consent: Where you have provided explicit consent (e.g., submitting a contact form, engaging our services, or deploying our products)
- Contractual necessity: Where processing is required to deliver agreed services
- Legitimate interests: For product improvement, analytics, and internal R&D using anonymized or aggregated data
- Legal obligation: Where we are required to process data under applicable Indian law
4. Data Sharing and Subprocessors
We do not sell personal data. We may share information in the following circumstances:
Infrastructure and Technology Providers
We use third-party cloud and technology providers to operate our services. These include hosting providers, LLM API providers, telephony platforms, CRM tools, and analytics platforms. Each subprocessor is bound by appropriate data processing agreements.
Professional Advisors
We may share data with lawyers, accountants, or auditors as required for legal or financial compliance.
Legal Requirements
We may disclose data if required to do so by law, court order, or government authority in India or another applicable jurisdiction.
Business Transfers
In the event of a merger, acquisition, or sale of assets, client data may be transferred to the acquiring entity, subject to equivalent privacy protections.
We do not share identifiable Client data with third-party marketing platforms or data brokers.
5. Data Retention
We retain data for as long as necessary to fulfill the purposes outlined in this Policy:
- Engagement data: Retained for a minimum of 3 years after project completion for audit and legal purposes
- Contact and correspondence data: Retained for 2 years after last interaction
- Voice agent interaction logs and transcripts: Retained for up to 2 years unless shorter retention is agreed in writing for a specific deployment
- Anonymized and aggregated data: Retained indefinitely, as this data does not constitute personal data and may be used for ongoing product improvement
- Financial records: Retained for 7 years as required by Indian tax and accounting law
6. Cookies and Tracking
Our website uses cookies and similar tracking technologies to improve your experience. The types of cookies we use include:
- Essential cookies: Required for the website to function. These cannot be disabled.
- Analytics cookies: Help us understand how visitors interact with our website (e.g., Google Analytics). These collect data in aggregated, anonymized form.
- Preference cookies: Remember your settings and preferences across visits.
You can control non-essential cookies through your browser settings. Note that disabling cookies may affect some website functionality. We do not use cookies for cross-site advertising or sell cookie data to third parties.
7. Your Rights
Under the DPDP Act 2023 and applicable Indian law, you have the following rights regarding your personal data:
- Access: You may request confirmation of whether we hold personal data about you and a copy of that data.
- Correction: You may request correction of inaccurate personal data.
- Deletion: You may request deletion of personal data we hold about you. We will respond within 30 days of receipt of a valid request.
- Opt-out of AI training: You may opt out of your personally identifiable data being used for AI model training by submitting a written request to indhuja@blissyai.com. This opt-out takes effect within 30 days and applies to PII only — it does not apply to anonymized, aggregated, or derived data.
- Grievance redressal: You may raise a complaint with our designated grievance officer (see Section 10).
Important limitation on deletion requests: Derived data, aggregated insights, and anonymized records created from your data are not subject to deletion. Once data has been processed into an aggregated or anonymized form, that derived data is BlissyAI's property and cannot be isolated or deleted. Only identifiable personal data is subject to deletion requests.
8. Data Security
We implement appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:
- Encryption of data in transit (TLS/HTTPS) and at rest
- Access controls limiting data access to authorized personnel only
- Regular security reviews of our infrastructure and third-party providers
- Contractual data protection obligations with all subprocessors
No system is completely secure. In the event of a data breach that poses significant risk to individuals, we will notify affected parties and relevant authorities as required by the DPDP Act 2023.
9. Children's Privacy
Our services are not directed to individuals under the age of 18. We do not knowingly collect personal data from minors. If you believe we have inadvertently collected data from a minor, please contact us immediately at indhuja@blissyai.com.
10. Grievance Officer
In accordance with the Information Technology Act 2000 and DPDP Act 2023, we have designated a Grievance Officer. If you have any concerns or complaints regarding the processing of your personal data, please contact:
- Name: Indhuja R
- Designation: Founder & CEO, Grievance Officer
- Email: indhuja@blissyai.com
- Company: Bhairavi Tech Solutions
- Response time: Within 30 days of receipt
11. International Data Transfers
Our primary operations are based in India. If we transfer personal data outside India (e.g., to cloud infrastructure providers with servers in other countries), we ensure that appropriate safeguards are in place, including standard contractual clauses or other mechanisms as recognized under the DPDP Act 2023 and applicable Indian law.
12. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. Updated versions will be posted at blissyai.com/privacy.html with a revised effective date. Where changes are material, we will notify active clients by email or through our website. Continued use of our services after the effective date of a revised Policy constitutes your acceptance of the updated terms.
13. Governing Law
This Privacy Policy is governed by the laws of India, including the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and the Digital Personal Data Protection Act, 2023. Any disputes related to this Policy shall be subject to the exclusive jurisdiction of the courts in Chennai, Tamil Nadu (Madras High Court).