pgpulse pgpulse
Connect Supabase

Privacy Policy

Effective Date: Jan 08, 2026

This Privacy Policy describes how Telos Technologies LLP (“Company”, “we”, “us”, or “our”) collects, uses, and protects personal information when you access or use pgpulse.io (the “Service”). The Company website is telos-technologies.com.

1. Information We Collect

We collect information needed to operate the Service:

A. Information you provide

  • Account information (such as email address and authentication-related data)
  • Information you submit through forms, support messages, or emails

B. Information collected automatically

  • IP address (typically logged by infrastructure/security systems)
  • Browser/device information
  • Usage data about how you use the Service (pages/actions, timestamps, referrers)

C. Billing and payment information

If you purchase a paid plan, payments are processed by Razorpay. We do not store full card details on our servers; payment information is handled by the payment processor.

We may receive limited payment-related metadata (e.g., payment status, subscription plan, transaction identifiers) necessary for billing and support.

D. Website analytics (static site)

Our marketing/static site uses Umami for basic traffic statistics. Umami is designed to be privacy-focused and does not use cookies in its standard configuration.

2. Purpose of Collection

We use personal information to:

  • Provide and operate the Service
  • Create and manage accounts
  • Process subscriptions and payments
  • Send service messages (e.g., login, important product notices, receipts)
  • Send marketing emails only when permitted (and with an unsubscribe option)
  • Maintain security, prevent abuse, and troubleshoot issues
  • Improve the Service and user experience
  • Comply with legal obligations

We do not sell personal data.

3. Sharing and Disclosure

We share personal information only as necessary to run the Service, including with these categories of processors:

  • Payments: Razorpay (payment processing)
  • Hosting / database / auth: Supabase (application data storage and authentication services)
  • The Service relies on metrics and telemetry data provided by Supabase through its APIs and systems. Such data may be delayed, incomplete, or temporarily unavailable, and we do not guarantee its accuracy, completeness, or real-time availability.
  • Security / performance: Cloudflare (CDN, security, performance)
  • Email delivery: Resend (transactional emails), Loops (campaign/marketing emails)
  • Analytics: Umami (website statistics for marketing/static pages)

These providers process data only to provide their services to us and under appropriate contractual and security obligations.

Some vendors may process data outside India and/or the EU. Where applicable, we implement appropriate safeguards for such transfers consistent with data protection laws.

We may also disclose information if required by law, to protect our rights, or to prevent fraud/abuse.

4. Legal Basis for Processing

Where GDPR/EEA/UK rules apply, we process personal data based on:

  • Contract (to provide the Service)
  • Legitimate interests (security, preventing abuse, improving the Service)
  • Legal obligation (accounting, tax, compliance)
  • Consent (where required, e.g., certain marketing or optional features)

5. Data Retention

We retain personal data for the following periods:

Data Type Retention Period Reason
Account data (active users) Duration of subscription Service provision
Account data (deleted accounts) 28 days Recovery period, then deleted
Payment records 7 years Tax and accounting compliance (India)
Support tickets 28 days after resolution Customer service
Marketing consent records Until withdrawal + 28 days Proof of consent
Server logs (IP, usage) 28 days Security, debugging, abuse prevention
Backup data 28 days Disaster recovery

After these periods, data is securely deleted or anonymized. Some aggregated, anonymized analytics may be retained indefinitely.

6. Data Security

We implement industry-standard technical and organizational safeguards to protect personal data, including:

Technical Measures

  • Encryption in transit (TLS/SSL)
  • Encryption at rest for sensitive data
  • Regular security audits and vulnerability assessments
  • Access controls and authentication mechanisms
  • Secure backup procedures

Organizational Measures

  • Limited access on a need-to-know basis
  • Security awareness training
  • Incident response procedures

However, no system is completely secure. We cannot guarantee absolute security. If you suspect unauthorized access to your account, contact us immediately at support@pgpulse.io.

7. Your Rights and Choices

How to Exercise Your Rights

To exercise any of these rights, email us at support@pgpulse.io with:

  • Subject line: "Privacy Rights Request - [Type of Request]"
  • Your account email address
  • Specific request details

We will respond within 30 days (or as soon as reasonably practicable).

Your Rights Include

  • Access: Request a copy of your personal data
  • Correction: Request correction of inaccurate data
  • Deletion: Request deletion of your data (subject to legal retention requirements)
  • Portability: Request your data in a machine-readable format (where applicable)
  • Objection: Object to processing based on legitimate interests
  • Restriction: Request restriction of processing in certain circumstances
  • Withdraw Consent: Withdraw consent for marketing emails (unsubscribe link provided)
  • Lodge a Complaint: File a complaint with your local data protection authority

Limitations

We may deny requests that are manifestly unfounded, excessive, would compromise others' privacy, conflict with legal obligations, or are technically impossible.

8. Cookies and Tracking

We may use essential cookies needed for login/session/security where applicable.

Our marketing/static site uses Umami for analytics, which is designed to work without cookies in its standard setup. If additional analytics/advertising tools that set non-essential cookies are added in the future, a consent banner may be required in some jurisdictions.

If required by law, we will request consent before setting non-essential cookies.

9. Children’s Privacy

The Service is not intended for individuals under the age of 13. We do not knowingly collect personal data from children.

10. Automated Decision-Making and Profiling

We do not use automated decision-making or profiling that produces legal effects or significantly affects you.

Our Service provides:

  • Metrics visualization: Automated data aggregation for display purposes
  • Alert triggers: Automated notifications based on thresholds you configure

These are informational tools only and do not make decisions on your behalf. You retain full control over how you interpret and act on this information.

11. International Data Transfers

Personal data may be processed or stored outside India, including in countries where our service providers operate.

Where required, we implement appropriate safeguards to protect such transfers in accordance with applicable data protection laws.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Material changes will be posted on this page with an updated effective date.

13. Data Breach Notification

In the event of a data breach that affects your personal information, we will:

  • Notify affected users within 72 hours of becoming aware (where required by law)
  • Inform relevant supervisory authorities as required
  • Provide details about the nature of the breach and steps being taken
  • Offer guidance on protective measures you can take

If you suspect unauthorized access to your account, contact us immediately at support@pgpulse.io.

14. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

Your California Rights

  • Right to Know: What personal information we collect, use, disclose, and sell
  • Right to Delete: Request deletion of your personal information
  • Right to Opt-Out: We do not sell personal information
  • Right to Non-Discrimination: We will not discriminate against you for exercising your rights

How to Exercise

Email support@pgpulse.io with "California Privacy Request" in the subject line.

Verification

We will verify your identity by matching your request email to your account email. For sensitive requests, we may require additional verification.

Response Time

We will respond within 45 days (extendable by 45 days if needed).

Authorized Agents

You may designate an authorized agent to make requests on your behalf by providing written authorization.

15. Contact and Grievance Redressal (India)

Data Fiduciary: Telos Technologies LLP

Product: pgpulse

Website: pgpulse.io

Company website: telos-technologies.com

For privacy requests, questions, or complaints, contact:
Email: support@pgpulse.io

Address: Aspire Spaces Ameya, 7th Floor, Ameenpur, Miyapur, Hyderabad, Telangana, 502032

We will make reasonable efforts to respond in a timely manner. India’s DPDP framework expects a readily available grievance mechanism and contact point.