// DATA PROTECTION PROTOCOL

Privacy Policy

Last Updated: July 2, 2026 • Compliant with GDPR & IT Act (India)

1. Data Controller and Contact

The Data Controller responsible for personal data collected, stored, and processed through PexAura is PexelParadox. If you have any inquiries, requests, or disputes regarding data protection, please reach out to our privacy desk directly at info@pexaura.com.

2. What Personal Data We Collect

We only collect data necessary to provision business interfaces and process API requests. This includes:

  • User Account Details: Name, professional email address, mobile contact number, company name, and geographical office coordinates.
  • Secure Billing Records: Digital payment transaction logs (Razorpay payment ID, subscription status, billing addresses). We never collect or store card numbers or secure UPI PINs; all fields are processed by tokenized Razorpay servers.
  • Integrations Data: Meta Business API tokens, WhatsApp templates metadata, and lead details extracted via connected webhooks.
  • Biometric Synchronization Logs: Alphanumeric employee identifiers and physical gate check-in/check-out timestamps. No physical biometric details are stored.
  • Automated Call Metadata: IVR dial paths, telephone numbers, call duration metrics, and optional client recording transcripts.

3. Legal Basis and Purpose of Processing

We process personal information under the following legislative categories:

  • Performance of Contract: To activate and maintain subscriptions, verify webhook triggers, and dispatch IVR routing.
  • Consent: When you supply details directly into contact forms or submit biometric synchronization setups.
  • Compliance with Law: To adhere to telecom regulations (WhatsApp broadcast policies) and local financial audit mandates.
  • Secure Legitimate Interest: To perform threat detection and prevent fraud on public web interfaces.

4. Zero Data Selling & Who We Share Data With

PexelParadox strictly does not sell, lease, trade, or pass company contact information or user data to any third parties, advertisers, or data brokers. Your proprietary records remain 100% confidential. We only share operational API logs with secure compliance vendors essential for provisioning core services:

  • Razorpay: To process card/UPI billing transactions securely.
  • Meta Platforms, Inc: Direct integration via API to synchronize leads and WhatsApp messages.
  • Cloud Hosting & DB: Distributed hosting networks with encrypted database schemas stored securely on our servers.

5. Retention Metrics

We store account information for up to three (3) years post subscription termination for audit and compliance needs. WhatsApp campaign logs, webhook payloads, and IVR transaction charts are retained for up to twelve (12) months before automated secure garbage collection takes place.

6. Your Legal Data Rights & Data Deletion Protocol

Depending on your location (such as under EU GDPR or India's IT acts), you hold comprehensive rights over your personal records:

  • The right to access and review personal tables held in our database.
  • The right to demand correction of inaccurate records.
  • The right to complete data erasure (the "Right to be Forgotten"): When a user requests data deletion, their records are fully and permanently deleted ("fully delected") from our primary servers, active nodes, and backup systems without residual shadow profiles.
  • The right to withdraw processing consent at any time.
NEED TO DELETE YOUR DATA?

For complete data erasure and permanent removal, please visit our official Data Deletion page or email our support desk.

Go to Data Deletion →

To execute these rights directly via email, submit a certified ticket to info@pexaura.com with the subject line "Data Deletion Request".

7. Cookies and Technical Tracking

We utilize functional, performance-essential cookies to persist active user logins and customize viewport configurations on your dashboard. You can opt-out of secondary analytics cookies via your browser settings; however, core operation logs are required to maintain billing status.

8. Security, Encryption Guardrails & Our Full Responsibility

PexelParadox implements comprehensive administrative, technical, and physical safeguards. All data is encrypted in transit using Transport Layer Security (TLS 1.3) and encrypted at rest with AES-256 standard, hosted and stored securely on our protected server containers with active firewalls.

We take full legal and technical responsibility for our users' data security and privacy. We pledge that your data is guarded against unauthorized access, leaks, or third-party extraction at all times.

9. Policy Changes

PexelParadox reserves the right to modify this Privacy Policy. If updates are pushed, we will alert you via email notifications or inside your PexAura control panel.