Privacy Policy

Raafi Infotech (“we”, “us”, or “our”) is an IT company registered and operating from Ahmedabad, Gujarat, India. We operate https://www.raafiinfotech.com and provide web development, mobile app development, custom software development, SEO, and related digital services.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or contact us about our services. By using our website, you agree to the practices described in this policy.

This policy complies with India’s Information Technology Act, 2000 and the IT (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and is aligned with international best practices including GDPR principles for users in the EU and Gulf region.

We collect information in two ways: information you provide directly to us, and information collected automatically when you use our website.

We use the information we collect solely for legitimate business purposes:

• To respond to your enquiries and provide project consultations
• To prepare and send project proposals, quotes, and scope documents
• To manage and deliver projects you engage us for
• To send service-related communications (project updates, invoices, support)
• To improve our website content, structure, and user experience based on analytics
• To understand which services and pages are most valuable to visitors
• To comply with applicable legal obligations
• To prevent fraud and ensure the security of our website

We do not use your personal information to send unsolicited marketing emails or add you to mailing lists without your explicit consent.

Legal basis for processing (GDPR): For users in the EU or Gulf region, our legal bases are: (a) your consent where applicable, (b) the performance of a contract or pre-contractual steps at your request, and (c) our legitimate interests in operating and improving our business, where these do not override your rights.

Our website uses cookies and similar tracking technologies to operate correctly, analyse usage, and improve your experience.

You can control cookies through your browser settings. Disabling certain cookies may affect website functionality. For more information, visit allaboutcookies.org.

Our website integrates the following third-party services. Each has its own privacy policy governing data they collect:

• Google Analytics (Google LLC) — website traffic and behaviour analysis. Data stored on Google servers. See: policies.google.com/privacy
• Google Tag Manager (Google LLC) — script management and event tracking. See: policies.google.com/privacy
• WhatsApp (Meta Platforms) — the WhatsApp chat button initiates communication via WhatsApp's platform. Messages are transmitted through Meta's servers. See: whatsapp.com/legal/privacy-policy
• Vercel / Hosting Provider — our website is hosted on a cloud platform. Server logs may contain IP addresses for security and performance monitoring.

We do not control how these third parties use data once it reaches their platforms. We encourage you to review their respective privacy policies.

We do not sell, rent, or trade your personal information to any third party. We may share your information only in the following limited circumstances:

• Service Delivery — with team members within Raafi Infotech who need access to respond to your enquiry or deliver your project
• Legal Compliance — if required by applicable law, court order, or government authority in India or any jurisdiction with legal authority over us
• Business Protection — to protect the rights, property, or safety of Raafi Infotech, our clients, or others, where permitted by law
• Business Transfer — in the event of a merger, acquisition, or sale of business assets, your information may transfer to the successor entity under the same privacy commitments

We retain your personal information only for as long as necessary to fulfil the purposes described in this policy or as required by law:

• Enquiry and contact form data — up to 2 years after your last communication, or until you request deletion
• Project-related data (active or completed clients) — up to 7 years for legal and accounting compliance
• Website analytics data — per Google Analytics default retention settings (up to 26 months)
• Email correspondence — up to 3 years after project closure

After the retention period, data is securely deleted or anonymised.

We implement appropriate technical and organisational measures to protect your personal information:

• HTTPS encryption across the entire website (SSL/TLS)
• Secure server environments with access control and regular security monitoring
• Limited internal access — only authorised team members can access client data
• Regular security audits and updates to our web infrastructure
• No storage of sensitive financial data — we do not process payments directly through the website

While we take all reasonable precautions, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security, but we are committed to protecting your information using industry-standard best practices.

To exercise any of these rights, please contact us at contact@raafiinfotech.com. We will respond within 30 days.

Our website and services are intended for business owners, decision-makers, and professionals. We do not knowingly collect personal information from individuals under the age of 18.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at contact@raafiinfotech.com and we will promptly delete such data.

Raafi Infotech is based in India and our primary servers are located in India. If you are accessing our website from outside India — including the UAE, Saudi Arabia, Hong Kong, or the European Union — please be aware that your information may be transferred to and processed in India.

By using our website and submitting information to us, you consent to this transfer. We ensure that any such transfer is subject to appropriate safeguards consistent with applicable data protection law.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. When we update this policy, we will revise the “Last Updated” date at the top of this page.

Your continued use of our website after any changes constitutes acceptance of the updated policy. For material changes, we may also notify active clients directly.

If you have any questions, concerns, or requests regarding this Privacy Policy or the handling of your personal data, please contact us:

This Privacy Policy is governed by the laws of India. Any disputes arising in connection with this policy shall be subject to the exclusive jurisdiction of the courts in Ahmedabad, Gujarat, India.