#

Company

  1. Home
  2. Privacy Policy

1. INTRODUCTION

Skyttus Private Limited (“Skyttus”, “Company”, “we”, “our”, or “us”) is a technology-driven enterprise specializing in Artificial Intelligence (AI), Intelligent Document Processing (IDP), HR automation systems, enterprise workflow automation, and secure cloud-based software solutions.

Founded in 2020, Skyttus serves enterprises, financial institutions, manufacturing companies, service organizations, and government entities by delivering secure, scalable, and compliant digital transformation solutions. Our flagship platforms include:

  • SkyIDPReader: AI-powered Intelligent Document Processing platform
  • SKY HR System: Comprehensive Human Resource Management System
  • Custom AI & Automation Solutions

Skyttus operates under a structured Information Security Management System (ISMS) aligned with ISO/IEC 27001:2022 and a Quality Management System aligned with ISO 9001:2015. We are committed to maintaining the highest standards of confidentiality, integrity, and availability of information assets.

This Privacy Policy explains how we collect, process, store, disclose, and safeguard personal data when you:

  • Visit our website (www.skyttus.com)
  • Engage with our sales or support teams
  • Use our SaaS products
  • Participate in demos, webinars, or marketing programs

We are committed to transparency, accountability, and lawful processing of personal data.

2. SCOPE OF POLICY

This Privacy Policy applies to:

  • Website visitors
  • Prospective customers and leads
  • Enterprise clients
  • Vendors and business partners
  • Authorized users of our SaaS platforms

Skyttus acts as:

Data Controllerwhen processing:

  • Website inquiries
  • Marketing communications
  • Corporate contact information

Data Processorwhen processing:

  • Customer data within SaaS platforms
  • Documents uploaded into SkyIDPReader
  • Employee data processed through SKY HR System

In processor scenarios, we act strictly in accordance with client instructions and contractual Data Processing Agreements (DPAs).

3. INFORMATION WE COLLECT

3.1 Information Collected Directly from Individuals

We may collect:

  • Full name
  • Business email address
  • Contact number
  • Company name
  • Job title
  • Country/location
  • Inquiry details

This data is typically collected through:

  • Website contact forms
  • Demo requests
  • Proposal discussions
  • Event registrations
3.2 Technical & Usage Information

We may automatically collect:

  • Ip address
  • Browser type and version
  • Operating system
  • Device identifiers
  • Date/time of access
  • Pages visited
  • Interaction behaviour

This information helps us improve performance, enhance security, and analyse usage trends.

4. LEGAL BASIS FOR PROCESSING

We may automatically collect:

  • Performance of a contract
  • Compliance with legal obligations
  • Legitimate business interests
  • Explicit consent (where required)

Where consent is relied upon, individuals may withdraw consent at any time without affecting prior lawful processing.

5. PURPOSES OF PROCESSING

We use personal data for:

  • Delivering SaaS services
  • Customer onboarding and identity verification
  • Technical support and issue resolution
  • System security monitoring
  • Compliance and audit requirements
  • Service improvement and analytics
  • Sending newsletters or marketing communications (where consent is obtained)

We adhere to the principle of data minimization, ensuring only necessary data is collected.

6. INFORMATION SECURITY & ISO CONTROLS

Skyttus maintains a formal Information Security Management System (ISMS) aligned with ISO/IEC 27001:2022.

6.1 Administrative Safeguards
  • Information Security Policies
  • Data Classification Framework
  • Risk Assessment & Risk Treatment Plans
  • Vendor Risk Management
  • Employee confidentiality agreements
  • Mandatory security awareness training
  • Background verification procedures
6.2 Technical Safeguards
  • Encryption in transit (TLS 1.2+)
  • Encryption at rest (AES-256)
  • Role-Based Access Control (RBAC)
  • Multi-Factor Authentication (MFA)
  • Secure API authentication mechanisms
  • Endpoint security controls
  • Intrusion detection and monitoring systems
  • Periodic Vulnerability Assessment & Penetration Testing (VAPT)
  • Secure Software Development Lifecycle (SSDLC)
6.3 Physical & Infrastructure Security
  • Secure cloud hosting (AWS/Azure)
  • Data center compliance certifications
  • Controlled physical access
  • Environmental safeguards

7. DATA SHARING & DISCLOSURE

We do not sell or rent personal data.

We may disclose information to:

  • Authorized cloud service providers
  • CRM and communication service providers
  • Payment gateway providers
  • Regulatory authorities (if legally required)

All third parties undergo security due diligence and are contractually obligated to protect personal data.

8. INTERNATIONAL DATA TRANSFERS

Where data is transferred across jurisdictions, we ensure:

  • Contractual safeguards
  • Secure encryption
  • Restricted access policies
  • Compliance with applicable data protection laws

9. DATA RETENTION & DELETION

We retain personal data only for:

  • Duration of active engagement
  • Legal or regulatory compliance
  • Legitimate business purposes

Customer SaaS data is retained per contractual terms and securely deleted upon termination or request.

Secure deletion methods may include:

  • Cryptographic erasure
  • Secure wiping
  • Logical deletion from active systems

10. INCIDENT RESPONSE & BREACH MANAGEMENT

Skyttus maintains a documented Incident Response Plan.

In the event of a security incident:

  • Incident is recorded and classified
  • Root cause analysis is conducted
  • Corrective and preventive actions are implemented
  • Affected clients and authorities are notified as required

Continuous improvement measures are applied following incident reviews.

11. COOKIES & TRACKING

We use cookies for:

  • Performance analytics
  • User experience optimization
  • Security monitoring

Users may manage cookie preferences via browser settings.

12. PRIVACY BY DESIGN & DEFAULT

Skyttus integrates privacy principles into:

  • System architecture
  • Product design
  • Access controls
  • Data minimization practices
  • Logging and monitoring

Default configurations prioritize data protection.

13. CHILDREN’S DATA

Our services are intended for business users and are not directed at individuals under 18 years of age.

14. POLICY UPDATES

We may revise this Privacy Policy periodically.

Updated versions will be published with revised effective dates. Continued use of services indicates acceptance.

15. CONTACT INFORMATION

Skyttus Private Limited
302-303, The Metropolis, Opp. ST Workshop, Abrama road, Valsad, Gujarat, India - 396001
Email: info@skyttus.com
Website: www.skyttus.com