hidden

PRIVACY POLICY

Effective Date: 28-01-2026

Last Updated: 28-01-2026

1. Purpose and Scope

Maganti IT Resources Pvt Ltd (“Company,” “we,” “our,” or “us”) is a technology services organization committed to protecting the privacy, confidentiality, and security of personal information entrusted to us.

This Privacy Policy describes how we collect, use, store, disclose, and protect information when individuals:

  • Visit our websites or digital properties
  • Communicate with us
  • Engage our technology or professional services
  • Interact with us in a business, contractual, or government capacity

Our privacy program is designed to align with recognized cybersecurity and information security standards, including controls commonly required for:

  • ISO/IEC 27001
  • SOC 2 Type II
  • Government security and privacy frameworks
  • Applicable data protection and privacy laws

2. Definitions

  • Personal Information: Any information that identifies or can reasonably be linked to an individual.
  • Client Data: Data provided by or on behalf of a client in connection with services.
  • Processing: Any operation performed on information, including collection, storage, use, disclosure, or deletion.
  • Authorized Personnel: Employees or contractors granted access based on role and necessity.

3. Information We Collect

3.1 Information Provided Directly

We may collect personal information that individuals voluntarily provide, including:

  • Personal Information: Any information that identifies or can reasonably be linked to an individual.
  • Client Data: Data provided by or on behalf of a client in connection with services.
  • Processing: Any operation performed on information, including collection, storage, use, disclosure, or deletion.
  • Authorized Personnel: Employees or contractors granted access based on role and necessity.

Providing information is voluntary; however, certain services may require specific information to proceed.

3.2 Information Collected Automatically

When users access our websites or digital services, we may automatically collect:

  • IP address
  • Browser type and version
  • Device type and operating system
  • Pages visited, time spent, and referring URLs
  • Date and time of access

This information is used for security monitoring, performance analysis, and service improvement.

3.3 Client and End-User Data

In the course of providing services, we may process Client Data that contains personal or sensitive information. Such data:

  • Is processed solely under documented client instructions
  • Remains the property and responsibility of the client
  • Is protected using contractual, technical, and organizational safeguards

We do not use Client Data for our own purposes.

4. Legal Basis for Processing

We process information only when there is a lawful and legitimate basis, including:

  • Personal Information: Any information that identifies or can reasonably be linked to an individual.
  • Client Data: Data provided by or on behalf of a client in connection with services.
  • Processing: Any operation performed on information, including collection, storage, use, disclosure, or deletion.
  • Authorized Personnel: Employees or contractors granted access based on role and necessity.

5. How We Use Information

We use information to:

  • Deliver and support technology and professional services
  • Respond to inquiries and manage relationships
  • Perform contractual obligations
  • Maintain security, integrity, and availability of systems
  • Detect, prevent, and respond to security incidents
  • Conduct audits, risk assessments, and compliance activities
  • Improve services, processes, and user experience

We do not sell personal information.

6. Information Security and Cybersecurity Controls

We maintain a formal information security management program aligned with cybersecurity certification standards and government expectations.

6.1 Administrative Safeguards

  • Documented information security and privacy policies
  • Risk assessment and risk treatment processes
  • Employee background checks where legally permitted
  • Mandatory security and privacy training
  • Incident response and breach notification plans

6.2 Technical Safeguards

  • Secure software development lifecycle (SDLC)
  • Role-based access controls and least-privilege enforcement
  • Multi-factor authentication where appropriate
  • Encryption of data in transit and at rest (as applicable)
  • Continuous monitoring, logging, and alerting
  • Regular vulnerability scanning and remediation

6.3 Physical Safeguards

  • Secure facilities and controlled access
  • Asset management and secure disposal practices
  • Environmental and operational protections

7. Data Sharing and Disclosure

Information may be disclosed only:

  • To authorized personnel with a legitimate business need
  • To vetted third-party service providers under written agreements
  • To comply with applicable laws, regulations, or legal processes
  • To protect the rights, safety, or security of individuals or systems

All third parties are required to meet security and confidentiality obligations consistent with this policy.

8. Third-Party Service Providers

We engage third-party vendors for services such as:

  • Hosting and infrastructure
  • Analytics and monitoring
  • Communication and support tools

Vendor risk is managed through:

  • Due diligence and security assessments
  • Contractual confidentiality and data protection clauses
  • Ongoing oversight where appropriate

9. Data Retention and Disposal

We retain information only for as long as necessary to:

  • Fulfill service and contractual requirements
  • Meet legal, regulatory, and audit obligations
  • Resolve disputes and enforce agreements

Data is securely disposed of using documented deletion and destruction methods when retention is no longer required.

10. Privacy Rights

Subject to applicable laws, individuals may have the right to:

  • Access personal information
  • Request correction or deletion
  • Restrict or object to processing
  • Receive information about data handling practices

Requests will be verified and addressed within legally required timeframes.

11. Cookies and Similar Technologies

We use cookies and similar technologies to:

  • Enable essential website functionality
  • Analyze usage and improve performance
  • Support security and fraud prevention

Users may control cookie settings through their browser preferences.

12. International Data Transfers

Where information is transferred across borders, we implement appropriate safeguards to ensure protection consistent with this Privacy Policy and applicable legal requirements.

13. Incident Response and Breach Notification

We maintain documented incident response procedures to:

  • Identify and contain security incidents
  • Investigate and remediate impacts
  • Notify affected parties and authorities when required by law

14. Children’s Privacy

Our services are not directed to children, and we do not knowingly collect personal information from individuals under the age required by applicable law.

15. Policy Updates

This Privacy Policy may be updated periodically to reflect:

  • Changes in legal or regulatory requirements
  • Enhancements to security practices
  • Operational or service changes

Revisions will be posted with an updated effective date.

16. Contact Information

For privacy-related questions, concerns, or requests, contact:

Privacy Officer / Data Protection Contact
Maganti IT Resources Pvt Ltd
hr@mitresource.com

Company
Information
Reach Us

21 State Street

Waterbury, CT - 06702

info@mitresource.com

1-855-217-4637

Get Our Newsletter

Join our newsletter to get the latest updates, tips, and insights delivered straight to your inbox