Your Privacy Matters to Us

XLURSELF India Pvt Ltd ("XLURSELF", "we", "our", or "us") is committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website xlurself.com, engage our consulting services, or otherwise interact with us.

We operate as a finance and technology consulting firm providing ERP implementation, financial automation, process consulting, and related advisory services to businesses. In the course of delivering these services, we may handle sensitive business and financial data on behalf of our clients.

By using our website or engaging our services, you agree to the practices described in this Policy. If you do not agree, please discontinue use of our website and do not engage our services.

We collect information in the following categories:

2.1 Information You Provide Directly - Contact details: name, email address, phone number, company name, and designation when you fill our contact form, book a strategy call, or subscribe to our newsletter. - Business information: details about your organisation, existing systems, and challenges shared during discovery calls or project scoping. - Correspondence: emails, WhatsApp messages, meeting notes, and any other communications between you and our team.

2.2 Information Collected Automatically - Usage data: pages visited, time spent on pages, referral sources, browser type, operating system, and IP address, collected via standard web analytics tools. - Cookies and similar technologies: session cookies necessary for website functionality and analytics cookies to understand visitor behaviour (see Section 7).

2.3 Client Engagement Data - During active engagements, we may access, process, or receive client business data including financial records, ERP configuration data, process documentation, and related materials solely for the purpose of delivering agreed services. This data is governed by the terms of our engagement agreement and is not used for any other purpose.

We use the information we collect to:

- Respond to your enquiries and schedule strategy calls. - Deliver consulting, implementation, and advisory services you have engaged us for. - Send project updates, deliverables, and communications relevant to an active engagement. - Send our newsletter and service updates where you have opted in (you may unsubscribe at any time). - Improve our website, services, and internal processes. - Comply with applicable legal and regulatory obligations, including GST, Companies Act, and other Indian statutory requirements. - Protect our rights, prevent fraud, and ensure the security of our systems.

We do not use your personal data for automated decision-making or profiling.

We do not sell, rent, or trade your personal information. We share data only in the following limited circumstances:

4.1 Service Providers We engage trusted third-party tools and platforms to operate our business, including cloud hosting (Google Cloud Platform), email services, scheduling tools, and analytics. These providers process data on our behalf under appropriate data processing agreements and are prohibited from using your data for their own purposes.

4.2 Professional Advisors We may share information with our lawyers, accountants, and auditors as required for regulatory compliance and professional obligations. All such parties are bound by confidentiality obligations.

4.3 Legal Requirements We may disclose your information where required by law, court order, or governmental authority, or where we believe disclosure is necessary to protect our rights or the safety of others.

4.4 Business Transfers In the event of a merger, acquisition, or sale of all or part of our business, client and contact data may be transferred as part of that transaction. We will notify affected parties in such cases.

We will never share client financial or business data with any third party without explicit written consent from the client, except as required by law.

We take the security of your information seriously and implement appropriate technical and organisational measures to protect it against unauthorised access, alteration, disclosure, or destruction. Our measures include:

- Encrypted transmission of data in transit (TLS/HTTPS) across all our web properties. - Access controls ensuring that only authorised personnel can access client data. - Secure cloud infrastructure (Google Cloud Platform) with regular security reviews. - Confidentiality obligations contractually binding all employees, contractors, and service providers. - Prompt notification procedures in the event of a data breach affecting your information.

No method of transmission over the internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee absolute security. We encourage clients to practise good information hygiene at their end as well.

We retain personal information only as long as necessary for the purposes outlined in this Policy or as required by applicable law.

- Contact and enquiry data: retained for up to 2 years from the date of last contact or enquiry. - Active client engagement data: retained for the duration of the engagement plus 7 years thereafter in accordance with Indian statutory requirements (Companies Act, Income Tax Act). - Newsletter subscriber data: retained until you unsubscribe. Upon unsubscription, your data is removed from active lists within 30 days. - Website analytics data: retained in aggregate, anonymised form for up to 24 months.

Upon expiry of the applicable retention period, we securely delete or anonymise your information.

Our website uses cookies and similar technologies to provide basic functionality and to understand how visitors use our site.

Essential cookies: Required for the website to function (e.g., session management). These cannot be disabled.

Analytics cookies: We use privacy-conscious analytics tools to understand aggregate visitor behaviour — such as which pages are most visited and how users navigate the site. These cookies do not track you across other websites and do not collect personally identifiable information.

You can control cookies through your browser settings. Disabling analytics cookies will not affect your ability to use our website. We do not use advertising or retargeting cookies.

Depending on your jurisdiction, you may have the following rights with respect to your personal information:

- Right to access: Request a copy of the personal information we hold about you. - Right to correction: Request correction of inaccurate or incomplete data. - Right to deletion: Request deletion of your data, subject to our legal retention obligations. - Right to object: Object to the processing of your data for direct marketing at any time. - Right to withdraw consent: Where processing is based on consent (e.g., newsletter), withdraw it at any time without affecting prior lawful processing. - Right to data portability: Receive your data in a commonly used, machine-readable format where technically feasible.

To exercise any of these rights, please contact us at [email protected]. We will respond within 30 days. We may need to verify your identity before processing your request.

Indian residents may also raise concerns with the Data Protection Board of India (once constituted under the Digital Personal Data Protection Act, 2023) if they are unsatisfied with our response.

Our website may contain links to third-party websites, tools, or platforms (e.g., LinkedIn, Google Maps). We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any external sites you visit. The presence of a link does not constitute an endorsement by XLURSELF.

Our website and services are intended solely for business professionals and organisations. We do not knowingly collect personal information from individuals under the age of 18. If you believe a minor has provided us with their information, please contact us and we will promptly delete it.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. We will post the revised Policy on this page with an updated effective date. For material changes, we will notify active clients by email. Continued use of our website or services after the revised Policy is posted constitutes your acceptance of the changes.

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your data, please contact us:

XLURSELF India Pvt Ltd 501, 5th Floor, KLJ Square, NH-8, Sector 83, Gurugram, Haryana 122004, India Email: [email protected] WhatsApp: +91 88006 16988

We are committed to resolving any privacy concerns promptly and transparently.