Privacy Policy

Zynqly ("we", "us", or "our") is a product of AYDEX Technologies, a sole proprietorship registered under the Information Technology Act, 2000 and compliant with the Digital Personal Data Protection Act, 2023 (DPDP Act). Our registered office is at ML 242, Jarauli, Barra Road, Jarauli Phase 1, Nagar Nigam Kanpur, Kanpur Nagar, Uttar Pradesh — 208027, India. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you use our Instagram automation platform at zynqly.com. By accessing or using Zynqly, you consent to the practices described in this policy. If you do not agree, please discontinue use of the Service immediately.

We collect the following categories of personal data: (a) Information you provide directly: your name, email address (adarsh.yadav.dev@gmail.com is our contact, not collected from users), and billing details. Payment transactions are processed exclusively by Razorpay (a PCI-DSS compliant payment gateway licensed by the Reserve Bank of India). We do not store your card or bank details on our servers. (b) Instagram account data: connected via Meta's official OAuth flow. We never store your Instagram password. We access only the permissions you explicitly grant. (c) Automation data: message templates, keyword rules, campaign settings, lead data (emails/phones) captured through your configured DM flows, and automation activity logs. (d) Technical data: IP address, browser type, operating system, pages visited, timestamps, and device identifiers — collected automatically to operate and improve the Service.

Zynqly integrates with Instagram exclusively via the official Meta Graph API. We request only the minimum permissions necessary to perform your configured automations — such as reading comments, sending direct messages on your behalf, and accessing basic profile information. We do not access, store, or process any Instagram content beyond what is strictly required for your active workflows. OAuth access tokens are encrypted at rest using AES-256 and are rotated regularly. You can revoke Zynqly's access to your Instagram account at any time via Instagram Settings → Apps and Websites.

Under the Digital Personal Data Protection Act, 2023 (DPDP Act) and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 under the IT Act, 2000, we process your personal data on the following lawful bases: (a) Consent: By registering and using Zynqly, you provide free, specific, informed, and unambiguous consent to the collection and processing of your personal data as described in this policy. You may withdraw consent at any time. (b) Contractual necessity: Processing is necessary to deliver the Service you have subscribed to — including executing automations, processing payments, and providing customer support. (c) Legal obligation: We may process data to comply with applicable Indian law, court orders, or lawful requests from government authorities. (d) Legitimate interests: We process certain technical and usage data to detect fraud, maintain security, and improve the Service — provided such interests do not override your fundamental rights.

We use the information we collect to: • Provide, operate, and maintain the Service and your automations • Process payments securely through Razorpay • Send transactional communications: invoices, account alerts, and security notifications • Respond to support requests and grievances • Analyse aggregated usage patterns to improve the platform • Detect and prevent fraud, abuse, and unauthorised access • Comply with applicable Indian law and regulatory obligations We do not use your personal data to train machine learning or AI models, nor do we use it for any advertising or profiling purposes unrelated to the Service.

We do not sell, trade, rent, or otherwise transfer your personal data to third parties for commercial purposes. We may share your data only in the following limited circumstances: (a) Service providers: Razorpay (payment processing, governed by their Privacy Policy and RBI regulations), cloud hosting providers, and infrastructure tools — all bound by confidentiality agreements and permitted to use your data only to provide services to us. (b) Legal requirements: We may disclose your data when required by Indian law, court order, or a lawful request from a government authority (including under Section 69 of the IT Act, 2000). (c) Business transfer: In the event of a merger, acquisition, or sale of assets, your data may be transferred with prior notice to you. All third-party data sharing is governed by data processing agreements consistent with the DPDP Act, 2023.

We use cookies and similar tracking technologies to: • Maintain your login session and remember preferences (essential cookies — cannot be disabled) • Analyse how users interact with the Service to improve performance (analytics cookies — opt-out available) We do not use third-party advertising or retargeting cookies. You may manage or disable non-essential cookies through your browser settings or your Zynqly account preferences. Please note that disabling essential cookies may affect Service functionality. As required under the IT Act, 2000 and applicable rules, we disclose our use of cookies in this policy and obtain your consent where required.

We implement security practices and procedures as required under Rule 8 of the IT (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, including: • TLS 1.2+ encryption for all data in transit • AES-256 encryption for data at rest, including OAuth tokens • Role-based access controls limiting data access to authorised personnel only • Regular security assessments and vulnerability checks • An incident response plan — in the event of a data breach, we will notify affected users and the relevant authority as required under the DPDP Act, 2023 Despite these measures, no system is completely immune. You are responsible for maintaining the confidentiality of your account credentials and should use a strong, unique password.

As a Data Principal under the Digital Personal Data Protection Act, 2023, you have the following rights: (a) Right to access: Obtain a summary of the personal data we hold about you and the purposes for which it is processed. (b) Right to correction and erasure: Request correction of inaccurate or incomplete data, or erasure of data that is no longer necessary for the stated purpose. (c) Right to grievance redressal: Lodge a complaint with our Grievance Officer (details in §13). We will acknowledge your complaint within 48 hours and resolve it within 30 days. (d) Right to withdraw consent: Withdraw your consent to processing at any time. Withdrawal will not affect the lawfulness of processing carried out before withdrawal. Note that withdrawal may result in inability to use parts of the Service. (e) Right to nominate: Nominate another individual to exercise these rights on your behalf in the event of your death or incapacity. To exercise any of these rights, contact our Grievance Officer at adarsh.yadav.dev@gmail.com.

We retain your personal data for as long as your account is active or as needed to provide the Service. Upon account deletion: • Profile and automation data is deleted or anonymised within 90 days • Financial transaction records (payment history, invoices) are retained for 7 years as required under the Income Tax Act, 1961 and GST regulations applicable in India • Automation logs and message history are retained for 12 months by default and can be cleared earlier from your account settings You may request immediate deletion of non-financial personal data at any time by contacting adarsh.yadav.dev@gmail.com. We will process such requests within 30 days as required under the DPDP Act, 2023.

Zynqly is operated from India by AYDEX Technologies (Kanpur, Uttar Pradesh). Your data is primarily stored and processed within India. Where data is transferred outside India — for example, through Meta's Graph API infrastructure or international cloud service providers — such transfers are carried out in compliance with Section 16 of the Digital Personal Data Protection Act, 2023 and any applicable government notifications specifying permitted jurisdictions. By using the Service, you consent to such cross-border processing where necessary to provide the Service.

The Service is not directed to individuals under the age of 13. We do not knowingly collect personal data from children. Under the DPDP Act, 2023, processing of personal data of children requires verifiable parental consent. If you believe we have inadvertently collected data from a child under 13, please contact our Grievance Officer at adarsh.yadav.dev@gmail.com immediately and we will promptly delete such information. Note: Instagram's own Terms of Service require users to be at least 13 years old. Users must comply with Instagram's age requirements to use Zynqly.

In accordance with the Information Technology Act, 2000, the IT (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, and the Digital Personal Data Protection Act, 2023, the details of our Grievance Officer are as follows: Name: Adarsh Yadav Designation: Proprietor & Grievance Officer, AYDEX Technologies Email: adarsh.yadav.dev@gmail.com Phone: +91 88408 20604 Address: ML 242, Jarauli, Barra Road, Jarauli Phase 1, Nagar Nigam Kanpur, Kanpur Nagar, Uttar Pradesh — 208027, India You may lodge a complaint or data request with the Grievance Officer at any time. We will acknowledge your complaint within 48 hours and endeavour to resolve it within 30 days of receipt. If your grievance is not resolved satisfactorily, you may approach the Data Protection Board of India once operational under the DPDP Act, 2023.

The Service integrates with the following key third-party services: • Meta Platforms, Inc. (Instagram Graph API): Used to connect your Instagram account and execute automations. Governed by Meta's Data Policy. • Razorpay Software Private Limited: Used to process payments. Razorpay is licensed by the Reserve Bank of India and governed by their Privacy Policy. We are not responsible for the privacy practices of these or any other third-party services linked from within Zynqly. We encourage you to review their privacy policies before use. This Privacy Policy applies only to data processed directly by AYDEX Technologies through the Zynqly platform.

We may update this Privacy Policy from time to time to reflect changes in our practices, the Service, or applicable Indian law. We will notify you of material changes via email to your registered address and/or a prominent notice within the Service, at least 14 days before the change takes effect. The "Last updated" date at the top of this page will always reflect the most recent revision. For minor changes (such as typographical corrections or clarifications that do not affect your rights), we may update the policy without prior notice. Your continued use of the Service after the effective date of any changes constitutes your acceptance of the updated policy.

For any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact: AYDEX Technologies (Zynqly) Proprietor: Adarsh Yadav ML 242, Jarauli, Barra Road, Jarauli Phase 1, Nagar Nigam Kanpur, Kanpur Nagar, Uttar Pradesh — 208027, India Email: adarsh.yadav.dev@gmail.com Phone: +91 88408 20604 We aim to respond to all privacy inquiries within 2 business days. For formal grievances under Indian law, please refer to our Grievance Officer details in §13.