Privacy Policy

Last updated: March 24, 2026

At Codence Studio ("we," "us," or "our"), we respect your privacy and are committed to protecting your personal data in accordance with applicable legal frameworks. This Privacy Policy outlines how we collect, process, store, disclose, and secure personal data when you interact with our website located at https://codencestudio.com (the "Site") or utilize our software development, design, and consulting services.

This Privacy Policy is formulated in strict compliance with the Digital Personal Data Protection Act (DPDPA), 2023 (India), the Information Technology Act, 2000 (India) including the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and, where globally applicable, the General Data Protection Regulation (GDPR) (EU) and the California Consumer Privacy Act (CCPA).

1. Scope & Legal Capacity (Fiduciary vs. Processor)

It is vital to distinguish our legal roles depending on our relationship with you:

  • As a Data Fiduciary: We act as a Data Fiduciary regarding the personal information of visitors to our Site, prospective business clients, and partners. We determine the purposes and means of processing this data.
  • As a Data Processor:When providing custom software development, backend integrations, or maintenance services to our Clients, we process end-user personal data solely on behalf of, and under the strict directions of, the Client (who acts as the Data Fiduciary). In these circumstances, the Client's privacy policy governs the processing of such data, and end-users must direct data rights queries to the respective Client.

2. Information We Collect

We collect personal information that you voluntarily provide to us when you fill out contact forms, book a consultation call, subscribe to our newsletter, or communicate with us. This information may include:

  • Identity Data: First name, last name, and professional titles.
  • Contact Data: Email address, phone number, and company details.
  • Transaction Data: Details about services you have purchased from us.
  • Usage & Technical Data: IP address, browser type, referral sources, campaign parameters, pages visited, and interaction signals collected via first-party analytics cookies (e.g. click events, form submissions).

3. Legal Bases for Processing Data

We process your personal data under the following legal bases:

  • Consent: Where you have given explicit consent (e.g., subscribing to emails or opting into analytics cookies).
  • Contractual Necessity: Where processing is necessary to perform a contract with you or take pre-contractual steps (e.g., scoping a project or responding to a service inquiry).
  • Legal Obligation: Where required to comply with statutory laws or regulatory requirements.
  • Legitimate Interests: To improve our Site experience, maintain network security, prevent fraud, and run analytics measurement systems.

4. Cookies & Tracking Technologies

Our Site utilizes a limited number of first-party cookies and local storage tokens. Necessary storage is used to store your cookie preferences and maintain state. Opt-in analytics cookies help us measure Site usage, referral sources, and traffic campaigns. We do not engage in cross-site behavioral advertising. You can withdraw consent or adjust cookie preferences at any time using the settings controls available in our Site footer.

5. Data Sharing, Vendors & Transfers

We do not sell, rent, or trade your personal data. We may share information with trusted third-party service providers (such as cloud hosting, email delivery, and consented analytics systems) that process data under strict confidentiality agreements. Where personal data is transferred outside the European Economic Area (EEA) or India, we implement appropriate safeguards, including Standard Contractual Clauses (SCCs), to protect your information.

6. Data Security & Retention

We employ robust administrative, technical, and physical security measures to safeguard your personal data. Personal data is retained only as long as necessary for the purpose it was collected, to deliver our services, resolve disputes, maintain compliance audits, and satisfy legal record-keeping requirements.

7. Rights of the Data Principal (GDPR & DPDPA)

Depending on your location, you may possess the following statutory rights concerning your personal data:

  • Right of Access: Request a copy of the personal data we hold about you.
  • Right to Rectification: Request correction of inaccurate or incomplete data.
  • Right to Erasure ("Right to be Forgotten"): Request deletion of your data, subject to legal limits.
  • Right to Restrict or Object: Oppose or limit processing of your personal data.
  • Right to Data Portability: Request transfer of your data to another service provider.
  • Right to Opt-Out: Exercise CCPA rights to limit or opt-out of data collection.

To exercise any of these rights, please contact our privacy compliance team at legal@codencestudio.com.

8. Grievance Redressal Mechanism & Grievance Officer

In accordance with the IT Rules 2011 and the DPDP Act 2023, Codence Studio has designated a Grievance Officer to address any queries, disputes, or grievances raised by Data Principals.

All complaints will be acknowledged within 48 hours and resolved in an expedited manner, not exceeding thirty (30) days from receipt. You may contact the Grievance Officer at:

Grievance Officer

Codence Studio Administration

Maharashtra, India

Email: legal@codencestudio.com

9. Amendments

We reserve the right to modify this Privacy Policy to align with technical modifications, service changes, or amendments in statutory laws. Updates will be posted on this page with an updated "Last Updated" timestamp.