Privacy Policy

This Privacy Policy applies to Neel Networks, a web design and development company operating from Mumbai, India.

This policy applies to all services provided under the Neel Networks and Mumbai Web Services brands. For any privacy-related queries, please use the contact details above.

We only collect personal data that is necessary for the purposes described in this Policy. The categories of data we may collect include:

2.1 Contact & Enquiry Data

When you fill in a contact form, request a quote, or get in touch with us:

• Full name
• Email address
• Phone number
• City / country of residence
• Company name (if applicable)
• Project description / enquiry message

2.2 Career Application Data

When you apply for a job or internship through our Careers page:

• Full name
• Email address
• Phone number
• City / location
• LinkedIn profile URL
• Portfolio / GitHub URL
• Position applied for
• Years of experience
• Highest qualification
• Key skills
• Current and expected salary
• Notice period / availability
• Work preference
• Resume / CV file
• Portfolio file (if uploaded)
• Cover note / message
• How you heard about us

2.3 Client Project Data

When you are an active client, we may collect and process:

• Business information and branding assets (logos, images, documents) you provide for your project
• Website login credentials and hosting access details (stored securely, never shared)
• Payment information — we do not store full card details; payments are processed via trusted third-party gateways
• Communication records (emails, call notes) related to your project
• Project approval and sign-off records

2.4 Technical & Usage Data

When you visit our website, we automatically collect certain technical data:

• IP address
• Browser type and version
• Operating system and device type
• Pages visited and time spent on each page
• Referring URL (the website that sent you to us)
• Date and time of your visit
• Geographic location (country/city level, derived from IP)

Directly from you when you:

• Fill in a contact or enquiry form on our website
• Request a quote, proposal, or free mockup
• Submit a job or internship application via our Careers page
• Send us an email
• Call us by telephone
• Provide content, files, and credentials for a project you commission
• Sign a proposal, Statement of Work, or NDA

Automatically through technology:

• Cookies and similar tracking technologies placed on your browser when you visit our website
• Google Analytics and other analytics tools that collect aggregated browsing behaviour
• Web server logs that record IP addresses, page requests, and access times
• Email open and click tracking in our marketing communications (if applicable)

We use the personal data we collect for the following specific purposes:

We process your personal data only where we have a lawful basis to do so. The legal bases we rely on are:

• Contract performance: Processing is necessary to fulfil the services you have contracted us to provide — including project delivery, invoicing, and client communication.
• Legitimate interests: We process some data based on our legitimate business interests, such as responding to enquiries, improving our website, preventing fraud, and managing our business operations. We have assessed that these interests do not override your rights.
• Consent: Where we rely on your consent — such as sending marketing emails or retaining job applications beyond the initial recruitment process — you have the right to withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing before the withdrawal.
• Legal obligation: We process certain data (e.g., financial records) to comply with Indian tax law and other applicable legal requirements.

For users in the European Economic Area (EEA) or United Kingdom, we rely on the above bases as defined under the General Data Protection Regulation (GDPR) and UK GDPR respectively.

For users in India, we comply with the Information Technology Act 2000, the IT (Amendment) Act 2008, and applicable Rules thereunder.

We do not sell, rent, or trade your personal data to any third party. We share data only in the following limited, necessary circumstances:

6.1 Service Providers & Sub-processors

We use trusted third-party services to operate our business. These service providers process data only on our behalf and under strict data processing agreements:

6.2 Legal Requirements

We may disclose your personal data to government authorities, regulators, or law enforcement agencies if required to do so by applicable law, court order, or regulatory requirement — and only to the extent strictly necessary.

6.3 Business Transfers

In the event of a merger, acquisition, or sale of all or part of our business assets, your data may be transferred to the acquiring entity. We would notify you via email and/or a prominent notice on our website before your data is transferred and becomes subject to a different privacy policy.

Our website uses cookies and similar tracking technologies to improve your experience and help us understand how visitors use our site.

What are cookies?

Cookies are small text files stored on your device when you visit a website. They help the website remember your preferences and actions over time, and allow us to analyse traffic patterns.

Types of cookies we use:

Managing cookies

You can control and disable cookies through your browser settings. Please note that disabling certain cookies may affect the functionality of our website. For instructions on managing cookies in your browser:

• Chrome: Settings → Privacy and Security → Cookies
• Firefox: Options → Privacy & Security → Cookies and Site Data
• Safari: Preferences → Privacy → Cookies
• Edge: Settings → Privacy, Search & Services → Cookies

To opt out of Google Analytics specifically, you can install the Google Analytics Opt-Out Browser Add-on.

8.1 Where We Store Data

Our website and servers are hosted in secure data centres. Data submitted through our contact forms is processed via SendGrid and stored in our secure email infrastructure (Google Workspace). Job applications are stored securely in our internal systems with restricted access.

8.2 Security Measures

We implement the following technical and organisational measures to protect your data:

• SSL / TLS encryption — all data transmitted between your browser and our website is encrypted using HTTPS
• Access controls — personal data is accessible only to team members who require it for their job function
• Firewalls and server security — our hosting environment is protected by firewalls and regular security monitoring
• Secure credential handling — client login credentials shared with us for project work are stored in encrypted password managers and deleted when no longer required
• Regular backups — project data is backed up regularly to prevent loss
• Staff awareness — our team is informed about data protection obligations and best practices

We retain personal data only for as long as necessary for the purpose for which it was collected, or as required by law. Our retention periods are as follows:

After the applicable retention period, we securely delete or anonymise your personal data so it can no longer be linked to you.

You have clear rights over your personal data. These rights apply to all users, with enhanced rights for individuals in the EU, EEA, and UK under GDPR, and for users in India under applicable data protection law.

How to exercise your rights

To exercise any of these rights, please contact us at support@neelnetworks.com with the subject line "Data Rights Request". We will respond within 30 days of receiving your request. We may ask you to verify your identity before processing your request.

Our website and services are directed at businesses and professionals. We do not knowingly collect personal data from children under the age of 18.

If you are a parent or guardian and believe that your child has submitted personal data to us without your consent, please contact us immediately at support@neelnetworks.com and we will take steps to delete that information promptly.

Our website may contain links to third-party websites, social media profiles, client websites we have built, and external resources. These websites have their own privacy policies, which we do not control and are not responsible for.

Clicking on a link to a third-party website means you are leaving our site and the data you submit on that website will be governed by that website's own privacy policy. We encourage you to review the privacy policy of any website you visit.

Social media buttons (Instagram, Facebook, LinkedIn, YouTube) on our website may load scripts or cookies from those platforms. Please refer to each platform's privacy policy for details on how they handle your data.

Neel Networks is based in India and your data is primarily processed and stored in India. As we serve clients globally — including in the USA, UK, Australia, Europe, and the UAE — some data transfers may occur across international borders.

For EU / EEA / UK users (GDPR):

When we transfer your personal data from the EU, EEA, or UK to India (which does not currently hold an adequacy decision from the EU Commission), we implement appropriate safeguards. These include contractual protections with our service providers and limiting transfers to only what is necessary for providing the services you have requested.

For all international users:

By using our website or engaging our services, you acknowledge that your data may be processed in India and that data protection laws in India may differ from those in your home country. We apply this Privacy Policy and appropriate safeguards regardless of where you are located.

We review and update this Privacy Policy periodically to reflect changes in our business practices, applicable law, or industry standards. The most current version will always be available at neelnetworks.com/privacy-policy with the effective date clearly displayed at the top.

If we make material changes — particularly those that affect how we handle your data in ways you would not reasonably expect — we will notify you by:

• Displaying a prominent notice on our website homepage
• Sending an email notification to active clients and newsletter subscribers
• Updating the "Last Updated" date at the top of this page

Your continued use of our website and services after the effective date of any changes constitutes your acceptance of the updated Privacy Policy. If you do not agree to the changes, please discontinue use and contact us to request deletion of your data.

If you have any questions, concerns, or complaints about this Privacy Policy, or if you wish to exercise any of your data rights, please contact us:

Supervisory Authority (EU / EEA Users)

If you are located in the EU or EEA and believe we have not resolved your complaint satisfactorily, you have the right to lodge a complaint with your local data protection supervisory authority. In the UK, this is the Information Commissioner's Office (ICO).