Privacy Policy

Effective 27 May 2026 · OPTIFI TECHNOLOGIES LLP

1. Who we are

Optix is operated by OPTIFI TECHNOLOGIES LLP (“Optix”, “we”), a technology company serving the UAE and India. We are the data controller for personal data processed through this service.

2. Data we collect

Account data (name, email, hashed password, MFA status); audit data (the URLs you submit and the generated reports); usage data (audit counts, timestamps); and technical data (IP address, browser, cookies) needed to operate and secure the service.

3. How we use it

To provide and improve the service, run and store your audits, enforce plan quotas, send transactional email (verification, password reset, audit-complete), process payments, and protect against abuse. We do not sell personal data.

4. Legal bases

We process data to perform our contract with you, for our legitimate interests in operating and securing the service, to comply with legal obligations, and — for non-essential cookies and marketing — on the basis of your consent.

5. Sharing & sub-processors

We share data only with sub-processors who help us run the service: cloud hosting (AWS), email delivery (AWS SES), and payment processing (Stripe; Razorpay where applicable). Each is bound by data-protection terms.

6. International transfers

Our infrastructure runs in AWS Mumbai (ap-south-1). Where data is processed outside your country, we rely on appropriate safeguards consistent with UAE PDPL and India DPDP.

7. Retention

Audit reports are retained per your plan (90 days on Free; longer on paid plans) and then rotated out. Account data is kept while your account is active and deleted on request, subject to legal retention requirements.

8. Your rights (UAE PDPL & India DPDP)

You may request access, correction, erasure, restriction, objection, and portability of your personal data, and may withdraw consent at any time. To exercise these rights, contact our privacy team below; we respond within statutory timeframes.

9. Cookies

We use essential cookies for authentication and security. Non-essential analytics or marketing cookies, if any, are used only with your consent and can be managed via our cookie controls.

10. Security

We use HTTPS/HSTS, Argon2id password hashing, encrypted MFA secrets, and private-by- default reports. See our security page.

11. Contact / Data Protection

Privacy enquiries and data-subject requests: privacy@optifi360.org.