LEGAL

Privacy Policy

Last updated: 1 July 2026  ·  SoroCode (OPC) Private Limited (“SoroAI”)
Please note: This Privacy Policy is provided as a general template for an AI consulting company and should be reviewed by qualified legal counsel before publication to ensure it reflects your actual data practices and complies with all applicable laws.

This Privacy Policy explains how SoroCode (OPC) Private Limited, operating as SoroAI (“SoroAI”, “we”, “us” or “our”), collects, uses, discloses and safeguards information when you visit www.soroai.com (the “Site”) or engage our customer-intelligence and consulting services (the “Services”). We are committed to processing personal data in accordance with India’s Digital Personal Data Protection Act, 2023 (“DPDP Act”) and, where applicable, other data-protection laws such as the GDPR.

1. Who we are

SoroAI is an AI-first customer-intelligence platform and consultancy. For the purposes of the DPDP Act, SoroCode (OPC) Private Limited acts as a Data Fiduciary in respect of personal data collected through the Site, and typically as a Data Processor in respect of client interaction data processed on our clients’ behalf under a services agreement.

2. Information we collect

2.1 Information you provide

2.2 Information collected automatically

2.3 Client interaction data

When delivering the Services, we process customer interaction records supplied or authorised by our clients — such as chat transcripts, call recordings, emails, support tickets and public reviews. This data is processed strictly on our clients’ instructions and governed by the relevant services agreement and Data Processing Addendum.

3. How we use information

4. Legal bases for processing

We process personal data where you have given consent, where processing is necessary for a contract with you, to comply with a legal obligation, or for our legitimate interests (such as securing and improving the Site) where these are not overridden by your rights.

5. How we share information

We do not sell personal data. We share it only with: (a) trusted sub-processors and cloud/AI infrastructure providers acting under contract; (b) professional advisers; (c) authorities where required by law; and (d) a successor entity in the event of a merger or acquisition. Sub-processors are bound by confidentiality and data-protection obligations consistent with this Policy.

6. Model providers & AI processing

Depending on client configuration, interaction data may be processed by SoroAI in-house models, a client-approved third-party API (for example Google Gemini or OpenAI), or a fully local/on-premise model. Where a local deployment is chosen, data need not leave the client’s environment. Model-provider terms apply to any data routed to them, and configuration is documented per engagement.

7. Cookies & consent

The Site uses essential cookies necessary for basic functionality, and optional analytics cookies that are set only after you select “Accept all” in our cookie banner. You may decline optional cookies, and you can withdraw or change your choice at any time by clearing site data in your browser. Your preference is stored locally in your browser.

8. Data retention

We retain personal data only for as long as necessary for the purposes described here, to satisfy legal, accounting or reporting requirements, or as set out in a client agreement. Client interaction data is retained per the applicable services agreement and deleted or returned on its termination.

9. Data security

We maintain reasonable technical and organisational safeguards — including encryption in transit, access controls and a cloud-native, security-first architecture — to protect personal data against unauthorised access, alteration or disclosure. No method of transmission or storage is fully secure, and we cannot guarantee absolute security.

10. International transfers

Where personal data is transferred outside India, we take steps to ensure an adequate level of protection through appropriate contractual and technical safeguards consistent with applicable law.

11. Your rights

Subject to applicable law, you may have the right to access, correct, update or erase your personal data; to withdraw consent; to seek grievance redressal; and to nominate another individual to exercise your rights in the event of death or incapacity (as provided under the DPDP Act). To exercise any right, contact us using the details below.

12. Children’s data

The Site and Services are intended for business users and are not directed at children. We do not knowingly collect personal data from children without verifiable parental or guardian consent as required by law.

13. Changes to this Policy

We may update this Policy from time to time. Material changes will be indicated by updating the “Last updated” date above and, where appropriate, by a notice on the Site.

14. Contact & grievance officer

For any privacy question, request or complaint, contact:

SoroCode (OPC) Private Limited (SoroAI)
Email: arjun@soroai.com
Attn: Grievance Officer

We will acknowledge and address verifiable requests within the timelines required by applicable law.