1. www.cynlr.com and any sub-domain, blog, community forum or developer portal we operate;


2. our cloud dashboards, application programming interfaces (“APIs”) and software development kits(“SDKs”);


3. demo kits, vision controllers and related hardware that we showcase or place with customers for evaluation; and


4. Cynlr or its representatives (either through email or any other modes), or any other online or offline channel where we post or link to this Privacy Policy
   
   (together the “Platform”).
   
   Your continued access or use of the Platform signifies acceptance of this Privacy Policy. If you do not agree, please discontinue use.

1. Collection & Use. The categories of Personal Data we may Process, and the purposes for which they are employed are summarised seriatim below.



Category	Illustrative Elements	Purpose
Contact & Business Profile	Name, e-mail, telephone number, job title, organisation, message or query (if any)	Respond to enquiries; provide white papers and product collateral; negotiate and perform contracts
Device & Usage Data	IP address, cookie identifiers, user-agent string, click-stream logs, heat-map analytics	Enhance user experience, performance improvement, perform security logging, and prevent fraud
Candidate Data	Curriculum vitae, cover letter, LinkedIn profile, portfolio links	Conduct recruitment, maintain a talent pool, and schedule interviews
Supplier KYC & Payment Data	Authorised-signatory identification, tax number identifiers, bank account details, contact information, any other interaction	Onboard vendors, raise purchase orders, and settle invoices



2. Option to Decline Consent. You may grant or withhold any consent that Cynlr relies upon for processing your Personal Data. If you withhold such consent, we may, where the contested processing is essential to the operation or security of the Platform, limit your access to the affected features or services.


3. User Rights. Should you decide, after having granted consent, to withdraw it or to question the manner in which Cynlr processes your Personal Data, you may exercise that right in accordance with Section IX (Data Subject Rights & Requests). All queries or grievances may be submitted using the channels set out in Section XVI (How to Reach Us & In your Language). If you deem our response inadequate, you may seek further recourse before the Data Protection Board of India or, where applicable, your local supervisory authority.

1. Where and how the Personal Data resides:
   
   
   1. Personal Data are maintained predominantly in electronic repositories under our direct control;
   2. limited hard-copy archives (e.g., executed NDAs, vendor invoices) are retained in secure, access-controlled facilities;
   3. all applicant information is stored exclusively in third party applicant platform, which provides secure, role based access and audit trails;
   4. web enquiries are forwarded straight to designated Cynlr e-mail inboxes, the website itself retains no intermediate copy; and
   5. usage data are collected and housed on trusted third-party processors, each bound by contractual obligations to apply safeguards consistent with this Privacy Policy.
2. Subject to applicable law, we may store, collect, process, or otherwise use your Personal Data (other than payment-card or similar financial data), on infrastructures situated outside the Republic of India. All such cross-border operations will be underpinned either by an adequacy decision, standard contractual clauses, data-transfer addendums (as required), binding corporate rules, or any other mechanism recognised by the GDPR, the DPDP Act, or cognate legislation.
3. CynLr may conclude written agreements with carefully selected service providers, whether located within or beyond India, for hosting, storage, customer-relationship management, e-mail delivery, log analytics, payment clearing, order fulfilment, analogous support functions, etc. Each such provider is required, on a commercially reasonable basis, to implement information-security safeguards commensurate with the sensitivity of the data entrusted to it and to process the data strictly in accordance with our documented instructions and applicable privacy law.

1. Operational Service Chain. To facilitate the orderly conduct of Cynlr’s business, Personal Data may be shared with:
   
   
   1. Trusted service providers that host or maintain our servers, furnish database, e-mail or content-delivery services, process payments, provide customer support, or deliver marketing communications;
   2. Business partners that co-sponsor webinars, white papers, trade-show demonstrations, or joint go-to-market programmes; and
   3. Analytics, application, and advertising partners to whom we may disclose portions of log-file data, including IP addresses, for statistical or advertising-measurement purposes.
   
   Each recipient acts under contractual constraints that prohibit any secondary use or onward disclosure of the data and oblige the recipient to uphold security measures no less protective than those contained in this Privacy Policy.
2. Corporate Group and Structural Changes. Personal Data may be transferred to any of Cynlr’s current or future Corporate Affiliate, or, in the context of a merger, acquisition, asset sale, or other corporate reorganisation, to Cynlr’s successor(s) in interest, provided that any such transferee assumes the obligations set out in this Privacy Policy.
3. Regulatory and Legal Disclosures. We may disclose Personal Data where such disclosure is (i) required by applicable law or enforceable legal process, (ii) made in response to a lawful request from a governmental or regulatory authority, (iii) necessary to investigate, prevent, or take action regarding suspected fraud, malicious activity, or threats to personal safety, or (iv) indispensable for the establishment, exercise, or defence of legal claims.
4. Revocation of Sharing Consent. You may, at any time, withdraw the consent you have previously granted for Cynlr to share your Personal Data with third parties. Upon receipt of such revocation, we will cease the affected disclosures forthwith; however, certain services or Platform functionalities that rely upon the relevant data flows may thereafter be unavailable. Cynlr disclaims all liability for the acts or omissions of third parties to whom data were lawfully disclosed prior to the effective date of your revocation.
5. European Economic Area Transfers. Where Personal Data originating in the EEA are transferred to a country that has not received an adequacy decision from the European Commission, we will ensure that the recipient enters into EU Standard Contractual Clauses or another lawful transfer mechanism providing a level of protection essentially equivalent to that guaranteed within the EEA.

1. Cynlr preserves a User’s Personal Data for as long as the User maintains an active relationship with the Platform, plus an additional period necessary to satisfy statutory, regulatory, contractual, and audit requirements described in this Policy.
2. Where a longer interval is mandated, for example, due to requirements under business, applicable laws or voluntary industry codes, we will retain the relevant records for the requisite duration.
3. Where no legal impediment exists, we may adopt a shorter interval for certain data classes to optimise storage and operational efficiency.
4. Once the applicable retention trigger elapses and no further lawful purpose subsists, we will securely erase or irreversibly anonymise the data in accordance with the applicable standards (e.g., NIST SP 800- 88 Rev 1), thereby rendering any individual unidentifiable.

1. Security Framework & Reviews
   
   
   1. We maintain administrative, technical, and physical safeguards designed to protect the systems in which Personal Data reside.
   2. Our data-collection, storage, and processing practices are subject to periodic internal review and risk assessment.
   
   
2. Technical & Physical Controls
   
   
   1. Encryption using industry standard protocol is implemented for data transmissions and for stored data where commercially reasonable and appropriate to the sensitivity of the information.
   2. Network and system access are restricted by layered controls; production environments are segregated from public-facing systems.
   3. Physical files (where maintained) are kept in secured, access-controlled locations.
   
   
3. Access Governance
   
   
   1. Access to Personal Data is limited to employees, contractors, and authorised service providers who require it for duties tied to the services, on a need-to-know basis.
   2. All such personnel are bound by confidentiality obligations and are contractually required to handle Personal Data in accordance with applicable law and this Policy.
   
   
4. Third-Party Safeguards
   
   
   1. Service providers that process Personal Data on our behalf must do so only on our documented instructions and under agreements requiring appropriate security measures and confidentiality.
   2. We may share Personal Data with third parties under confidentiality commitments restricting onward disclosure except as permitted in this Privacy Policy. Cynlr is not responsible for security failures attributable to third parties that process data independently of our instructions or outside the scope of those agreements.
   
   
5. Residual Risks & Limitations
   
   
   1. While we take reasonable steps to safeguard your Personal Data as required under the applicable law, you acknowledge that no electronic transmission or storage system is fully secure. Cynlr shall not be liable for loss or misuse of Personal Data resulting from circumstances beyond its reasonable control, including events classified as force majeure under applicable law. We will, however, take reasonable and appropriate steps to notify you where required by law if a breach affecting your Personal Data is identified.
   2. To the fullest extent permitted by law, your right to recover damages from Cynlr for a security incident is limited to statutory remedies available under Information Technology Act, 2000; and you hereby waive any additional claims in contract or tort for such incidents, except where such waiver is prohibited.
   
   

CynLr does not operate a sign-up portal or user dashboard; interactions occur chiefly through enquiry forms, e-mail exchanges, demo bookings, third party applicant tracking portal (used solely for recruitment) and similar B2B touchpoints. The Company honours all rights conferred by the GDPR, the DPDP Act, and other applicable privacy statutes. You may invoke any right below by writing to us and supplying sufficient detail for us to verify your identity and locate the relevant data.

1. Right of Access. Receive confirmation whether Cynlr processes your Personal Data and, if so, obtain a copy of the data and the key facts of the processing, such as, purpose of processing, categories of Personal Data processed, recipients to whom such Personal Data has been disclosed, criteria and retention period for such Personal Data.
2. Right to Rectification. Request correction of Personal Data that are inaccurate or incomplete.
3. Right to Erasure. Ask us to delete Personal Data that are no longer needed for the purposes set out in this Privacy Policy or that are processed unlawfully. Please note that deletion will not apply where retention is required for legal obligations, dispute resolution, fraud prevention, or the establishment, exercise, or defence of legal claims.
4. Right to Restrict Processing. Require Cynlr to suspend active processing where you contest accuracy, object to processing, or believe the processing is unlawful and you prefer restriction to deletion.
5. Right to Object. Object to processing carried out on the basis of Cynlr’s legitimate interests or for direct‑marketing purposes. We will cease such processing unless it demonstrates compelling legitimate grounds that override your interests, rights, and freedoms, or unless processing is necessary for legal claims.
6. Right to Data Portability. Receive Personal Data that you have provided to us in a structured, commonly used, machine‑readable format and, where feasible, have those data transmitted directly to another controller.
7. Right to Withdraw Consent. Withdraw any consent you have previously granted, at any time and without penalty. Withdrawal operates prospectively and does not affect processing already performed under valid consent.
   
   We may request additional information to confirm identity before acting on a rights request. Once verified, CynLr will respond within the period mandated by applicable law (generally 30 days, extendable where permitted).
   
   If you consider our response unsatisfactory, you may lodge a complaint with the Data Protection Board of India or the competent supervisory authority in your habitual residence.

1. As Cynlr’s technology and regulatory landscape evolve, this Privacy Policy may be updated to reflect new processing activities or legal requirements.
2. How you will know
   1. A revised Policy will be posted at the same URL with a new “Last Updated” date.
   2. Where the changes are material, we will also provide prominent notice (e‑mail or banner).
3. By continuing to interact with Cynlr or its Platform after an update takes effect, you acknowledge the revised terms. If you disagree with the changes, you should cease using Cynlr’s Platform and communications channels.

1. Why we use them
   Small text files (cookies, pixels, local storage) help us recognise repeat visitors; measure traffic patterns and improve site performance/user experience; remember language or cookie consent choices.
2. What they do not do
   Data are used in aggregate for statistical analysis; no cookie grants Cynlr access to your device or information you do not intentionally share.
3. Your choice
   Most browsers accept cookies automatically, but you can refuse or delete them via browser settings. Blocking cookies may degrade site functionality. Refer to your browser’s help section for instructions.

1. Grievance Contact
   1. E‑mail: contact@cynlr.com
   2. Postal: Grievance Redressal Officer, Vyuti Systems Private Limited (CynLr), No. 156, Puttannachetty Road, 5ᵗʰ Main, Chamarajpet, Bengaluru 560 018, India
2. We will acknowledge and address privacy-related queries or complaints as promptly as practicable and, in any event, within 30 (thirty) days of receipt, unless a longer period is permissible under applicable law.
3. This Policy is published in English for immediate reference. Upon request, we will provide the Policy (or key excerpts) in any language listed in the Eighth Schedule to the Constitution of India. Please e‑mail us to request a translation.