Privacy Policy

Last Updated: February 2026

Compliant with the Information Technology Act, 2000 and Digital Personal Data Protection Act, 2023 (India).

ATSAlign (“we”, “our”, “us”) is owned and operated by Varun Narendra Gandhi, an individual proprietor based in India.

This Privacy Policy strictly adheres to the unique requirements of the Digital Personal Data Protection (DPDP) Act, 2023 and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011.

1. Data Fiduciary & Contact

For the purposes of the DPDP Act, the Data Fiduciary is:

Name: Varun Narendra Gandhi

Role: Founder & Proprietor

Jurisdiction: India

Email: support@atsalign.com

2. Personal Data We Collect

Third-Party Authentication: We allow authentication via Google OAuth. When using Google Sign-In, we receive your name and email address securely as provided by Google.

  • Identity Data: Name, Email address (Verified via email link or Google).
  • Professional Data: Resumes (PDF/DOCX), Job Descriptions, Career history references extracted for analysis.
  • Financial Data: Transaction content is processed by Razorpay. We strictly DO NOT store credit card, debit card, or banking passwords. We only retain transaction references for tax auditing.
  • Technical Data: IP address, device type, browser logs (kept for 6 months as per IT directives).

3. Purpose of Processing (Consent-Based)

We process your data primarily based on your explicit consent (checked during signup) for:

  • Service Delivery: Analyzing resumes against JDs using AI.
  • Communication: Sending transaction receipts and critical service alerts.
  • Legal Compliance: Retaining financial records for tax authorities.

We do NOT sell nor share your data with data brokers or marketing agencies.

4. Data Retention & Deletion Policy

You may delete your account at any time from your account settings. Upon deletion, your personal data will be permanently erased except where retention is required for legal or financial compliance.

Data TypeRetention PeriodAction
Resumes / JDs7 DaysAuto-Deleted
Account ProfileUntil Deletion RequestRetained
Payment Logs8 Years (Tax Laws)Archived

5. Rights of the Data Principal

Under the DPDP Act, you have the following rights:

  • Right to Access: Request a summary of personal data we process.
  • Right to Correction: Update inaccurate or misleading personal data.
  • Right to Erasure: Request deletion of your account and data ("Right to be Forgotten").
  • Right to Grievance Redressal: Contact our Grievance Officer for unresolved privacy concerns.

To exercise these rights, email support@atsalign.com.

6. Security Measures

We implement permissible security safeguards as per IT Rules, 2011:

  • Encryption: Data in transit is encrypted via HTTPS (TLS 1.2+).
  • Hashing: Passwords are salted and hashed (never stored in plain text).
  • Access Control: Database access is restricted to authorized personnel only.

7. Cookie Policy

We use only essential session cookies required for user authentication and security. We do NOT use third-party tracking or advertising cookies.

8. Grievance Officer (India)

In accordance with the Information Technology Act 2000 and Rules made thereunder, the contact details of the Grievance Officer are:

Varun Narendra Gandhi

Grievance Officer, ATSAlign

Email: support@atsalign.com (Subject: "Grievance")

Response Time: Within 48 hours

Address: Provided upon valid legal request.