Legal

Privacy Policy

Effective Date: June 11, 2026 Last Updated: June 11, 2026

NeuAlto Technologies Pvt. Ltd. ("NeuAlto," "we," "us," or "our") respects your privacy and is committed to protecting the personal information you share with us. NeuAlto is a global technology services company headquartered in Bengaluru, India, with operations in the United States. We deliver engineering and IT services, DevSecOps and cloud engineering, data transformation and migration (EDI), managed AI/ML services, web and mobile application development, testing and automation, and cybersecurity consulting and vCISO services, together with the products, platforms, and solutions we build (such as the DeltaMax data-quality platform).

This Privacy Policy explains how we collect, use, disclose, store, and safeguard information when you visit www.neualto.com, engage us for professional or managed services, use any NeuAlto product, platform, or solution, or otherwise access our applications, APIs, integrations, or services — including any offerings we publish through cloud marketplaces (collectively, the "Services").

By accessing or using our Services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with any part of this Policy, please discontinue use of our Services.

Scope & Our Role

This Policy applies to all personal data NeuAlto processes as a data controller — including information about our website visitors, prospects, customers and their authorized users, partners and vendors, job applicants, and end users of our products and platforms.

When NeuAlto delivers professional or managed services, or deploys one of our products inside a customer's environment, and in doing so processes personal data contained in that customer's enterprise data on the customer's behalf and under its instructions, NeuAlto acts as a data processor (or sub-processor). That processing is governed by the applicable Master Services Agreement, Statement of Work, or Data Processing Addendum (DPA) between NeuAlto and the customer, which takes precedence over this Policy to the extent of any conflict. We generally process only the configuration and metadata needed to deliver the Services and do not require the contents of a customer's underlying data records to operate our platforms.
Section 01

Information We Collect

1.1 Information You Provide Directly

  • Account & Contact Information: name, work email address, company name, job title, phone number, postal address, and billing details when you register, request a demo or quote, subscribe through a cloud marketplace, engage our services, or contact us.
  • Authentication Credentials: usernames, hashed passwords, single sign-on (SSO) identifiers, and multi-factor authentication metadata.
  • Support & Communications: messages, attachments, and feedback you submit through email, support tickets, contact forms, surveys, or community channels.
  • Configuration & Project Data: connection strings, schema metadata, data-source endpoints, business rules, environment settings, and policy definitions you configure when using our products or during a services engagement. We do not require the contents of your underlying data records to operate our platforms.
  • Recruitment Information: if you apply for a role with us, your CV/resume, education and employment history, contact details, and any information you choose to share during the hiring process.

1.2 Information Collected Automatically

  • Usage & Telemetry: pages viewed, features used, clicks, session duration, referring URLs, error logs, and diagnostic events.
  • Device & Technical Data: IP address, browser type and version, operating system, device identifiers, language preferences, and time zone.
  • Cookies & Similar Technologies: see Section 6 — Cookies and Tracking Technologies.

1.3 Information From Third Parties

  • Marketplace & Reseller Partners: when you subscribe through a cloud marketplace or another authorized reseller, we receive tenant IDs, subscription identifiers, plan details, and contact information necessary to provision and bill the Services.
  • Identity Providers: if you sign in using Microsoft Entra ID, Google Workspace, Okta, or another identity provider, we receive the profile attributes those services share with us.
  • Business & Referral Sources: publicly available information, data-enrichment providers, partners, and referrals used for lead qualification and account research.
Section 02

How We Use Your Information

We use the information we collect to:

  • Provide, operate, maintain, and improve our Services, products, platforms, and professional and managed-services engagements.
  • Authenticate users, manage accounts and subscriptions, and prevent unauthorized access.
  • Process transactions, generate invoices, and reconcile billing through cloud marketplaces or direct contracts.
  • Respond to enquiries and support requests, troubleshoot incidents, and communicate service announcements.
  • Monitor performance, diagnose technical issues, and develop new features and offerings.
  • Evaluate and process job applications and manage recruitment.
  • Send marketing communications about NeuAlto services, products, and events where permitted by law (you may unsubscribe at any time).
  • Detect, investigate, and prevent fraudulent, malicious, or illegal activity.
  • Comply with legal obligations, enforce our agreements, and protect our rights and the rights of our users.
Section 03

Legal Bases for Processing (EEA / UK Users)

PurposeLegal Basis
Providing the Services you requestPerformance of a contract
Billing, accounting, and tax complianceLegal obligation
Product improvement, analytics, and securityLegitimate interests
Recruitment and hiringLegitimate interests / steps prior to a contract
Marketing communicationsConsent (where required) / legitimate interests
Responding to legal requestsLegal obligation

Where you are located in India, we process personal data in accordance with the Digital Personal Data Protection Act, 2023 (DPDP Act), relying on your consent or other lawful uses permitted under that Act. For other jurisdictions, we process personal data on the lawful bases recognized by applicable local law.

Section 04

How We Share Information

We do not sell your personal information.

We share information only in the following circumstances:

  • Service Providers & Subprocessors: cloud hosting (such as Microsoft Azure), analytics, customer support, billing, email delivery, and observability vendors that process data on our behalf under written agreements.
  • Customers & Their Authorized Users: where you are an authorized user of a customer's account or engagement, relevant information may be made available to that customer (for example, to its administrators).
  • Marketplace Operators & Resellers: cloud marketplace operators (such as Microsoft) and authorized resellers for subscription provisioning, license validation, and billing reconciliation.
  • Business Transfers: in connection with a merger, acquisition, financing, reorganization, or sale of assets, subject to confidentiality protections.
  • Legal & Safety: when required by law, subpoena, court order, or to protect the rights, property, or safety of NeuAlto, our users, or the public.
  • With Your Consent: for any other purpose disclosed at the time of collection or with your direction.
Section 05

Data Retention

We retain personal information only for as long as necessary to fulfill the purposes outlined in this Policy, comply with our legal obligations, resolve disputes, and enforce our agreements. Retention periods vary based on the type of data and applicable legal requirements. When personal information is no longer needed, we securely delete, anonymize, or aggregate it. Customers may request deletion of their account or engagement data subject to the terms of their applicable agreement.

Section 06

Cookies and Tracking Technologies

We use cookies and similar technologies (such as pixels, local storage, and SDKs) to operate the website, remember your preferences, analyze traffic, and measure marketing effectiveness. Cookie categories include:

  • Strictly Necessary: required for authentication, security, and core functionality.
  • Performance & Analytics: help us understand how users interact with the Services.
  • Functional: remember settings such as language and region.
  • Marketing: deliver relevant content and measure campaign performance (only with consent where required).

You can control cookies through your browser settings or our cookie banner where applicable. Disabling certain cookies may limit functionality.

Section 07

Data Security

As a company with a dedicated cybersecurity practice, security is central to how we operate. We implement administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, alteration, disclosure, or destruction. These include:

  • Encryption in transit (TLS 1.2+) and at rest
  • Role-based access controls and multi-factor authentication
  • Secure software development practices and vulnerability management
  • Logging, monitoring, and periodic security assessments

While no system can be guaranteed 100% secure, we work continuously to strengthen our security posture.

Section 08

International Data Transfers

NeuAlto operates globally, with locations in India and the United States. Your information may be transferred to, stored, and processed in countries other than your country of residence — including India, the United States, and other regions where our cloud providers operate. When we transfer personal data internationally, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses, the UK International Data Transfer Addendum, and adequacy decisions where applicable.

Section 09

Your Privacy Rights

Depending on your location, you may have some or all of the following rights regarding your personal information:

  • Access — request a copy of the personal data we hold about you.
  • Correction — request that inaccurate or incomplete data be corrected or updated.
  • Deletion / Erasure — request that we delete your personal data, subject to legal exceptions.
  • Restriction & Objection — restrict or object to certain processing activities.
  • Data Portability — receive your data in a structured, machine-readable format.
  • Withdraw Consent — withdraw consent at any time where processing is based on consent.
  • Nominate (India) — nominate another individual to exercise your rights in the event of death or incapacity, as provided under the DPDP Act, 2023.
  • Grievance Redressal — raise a grievance with us regarding the handling of your personal data.
  • Opt-Out of Sale/Sharing — California and certain other US state residents may opt out of the "sale" or "sharing" of personal information; we do not sell personal information.
  • Non-Discrimination — we will not discriminate against you for exercising any of your privacy rights.

To exercise any of these rights, contact us at general@neualto.com (or info@neualto.com). We will verify your request and respond within the timeframes required by applicable law. EEA/UK users have the right to lodge a complaint with their local data protection authority; users in India may also escalate to the Data Protection Board of India under the DPDP Act, 2023.

Section 10

Children's Privacy

Our Services are designed for business and enterprise use and are not directed to children. We do not knowingly collect personal information from children — defined as individuals under the age of 18 under India's DPDP Act, 2023, under 16 in the EEA, or as otherwise defined by applicable local law. If you believe a child has provided us with personal information, please contact us so we can delete it.

Section 11

Third-Party Links and Services

The Services may contain links to third-party websites, applications, or services that are not operated by NeuAlto. We are not responsible for the privacy practices of those third parties. We encourage you to review their privacy policies before providing any personal information.

Section 12

Customer Data & Our Role as a Processor

When you engage NeuAlto for professional or managed services, or deploy a NeuAlto product within your environment, we may process personal data contained in your enterprise data solely on your behalf and under your documented instructions, as a data processor or sub-processor. In that role:

  • You remain the data controller and are responsible for the lawful basis, notices, and consents relating to that data.
  • Our processing is governed by the applicable MSA, SOW, and/or DPA, which set out security measures, approved sub-processors, breach-notification commitments, and our assistance with data-subject requests.
  • We process such data only for the duration and purposes of the engagement, and return or securely delete it in accordance with the agreement.

If you obtained a NeuAlto product through a cloud marketplace (such as the Microsoft Azure Marketplace), the marketplace operator also processes certain transaction and account information in accordance with its own privacy statement (for example, the Microsoft Privacy Statement). NeuAlto's processing of your personal data and enterprise content is governed by this Privacy Policy together with the applicable NeuAlto subscription or services agreement and any Data Processing Addendum.

Section 13

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes, we will revise the "Last Updated" date and, where appropriate, provide additional notice (such as an email or in-product announcement). Your continued use of the Services after the effective date of any updates constitutes acceptance of the revised Policy.

Section 14

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

NeuAlto Technologies Pvt. Ltd.

India (HQ): 42, Old Kanakapura Rd, near Mecon Limited, Basavanagudi, Bengaluru, Karnataka 560004  ·  +91 733 855 5064
United States: 6470 East Johns Crossing, Suite 160, Johns Creek, GA 30097  ·  +1-408-218-0503