Learn, Grow & Innovate
1About Us & Scope
Saminus Private Limited (“Company”, “we”, “us”, “our”) is an ISO-certified digital agency and B2B SaaS provider registered in Hisar, Haryana, India. Our website is saminus.com and our SaaS platform is Saminus Cloud.
This Privacy Policy explains how we collect, process, store, share, and protect your Personally Identifiable Information (“PII”) when you access our website, use our services, connect third-party accounts (such as Google Business Profile), or interact with us via forms, live chat, or email.
By accessing saminus.com or Saminus Cloud, you expressly consent to the data practices described in this Policy. If you do not agree, please discontinue use and contact us to request deletion of any data we hold.
2Services We Provide
3Information We Collect
3.1 Information You Provide Directly
- Full name, business name, email address, phone number
- Billing address and GST number (Indian businesses)
- Project briefs, service requirements, and uploaded files
- Communications via contact forms, live chat, or email
- OAuth credentials when connecting Google Business Profile or other APIs
3.2 Information Collected Automatically
- IP address, browser type, operating system, referring URLs
- Pages visited, time on site, click patterns (via Google Analytics)
- Device identifiers and geolocation (city/country level)
- QR code scan events (timestamp, approximate location, device type)
- Chatbot interaction logs (anonymised unless you identify yourself)
3.3 Information from Third-Party Integrations
- Google Business Profile API: Business details, customer reviews, media, and performance insights (see Section 5 for full disclosure)
- Google Analytics & Ads: Campaign metrics, conversion events, audience segments
- Payment Gateways: Transaction confirmation only — we do not store card numbers
- IndiaMart / JustDial: Lead data submitted by prospective clients on those platforms
Sensitive Personal Data: Under the DPDP Act 2023, we do not intentionally collect health, biometric, financial account, or caste-related data. If such data is incidentally shared, it will be deleted promptly.
4How We Use Your Information
| Purpose | Legal Basis (DPDP 2023) |
|---|---|
| Delivering contracted services (web development, digital marketing, SaaS) | Contractual necessity |
| Sending project updates, invoices & service communications | Contractual necessity |
| Processing payments and issuing GST invoices | Legal obligation |
| Responding to inquiries via email, phone, or live chat | Legitimate interest |
| Sending newsletters and promotional communications (opt-in only) | Explicit consent |
| Improving website, platform features & service quality | Legitimate interest |
| Analytics, usage reporting & A/B testing | Legitimate interest |
| Complying with court orders or government directives | Legal obligation |
| Managing Google Business Profile reviews & posts on behalf of clients | Contractual necessity + Explicit consent (OAuth) |
| Fraud prevention and platform security | Legitimate interest |
5Google API Services — Special Disclosure
This section provides the mandatory disclosure required under Google’s API Services User Data Policy for our Saminus Cloud platform, which integrates with Google Business Profile and related Google APIs.
🌎 Google Business Profile API Integration — Saminus Cloud
5.1 OAuth Scopes We Request
When you connect your Google Business Profile to Saminus Cloud via OAuth 2.0, we request only these scopes:
mybusiness.readonly
mybusiness.reviews
mybusiness.posts
mybusiness.media
| Data Accessed | Purpose Within Saminus Cloud |
|---|---|
| Business name, address, category, phone, hours | Display in dashboard; NAP consistency audit |
| Customer reviews (name, rating, text, date) | Centralised review inbox; AI-assisted reply drafting |
| Review reply status (replied / not replied) | Workflow automation & reply tracking |
| Business posts (text, media, CTA, schedule) | Schedule & auto-publish local posts on your behalf |
| Photos & media uploaded to GBP | Media library display; bulk upload scheduling |
| Performance insights (views, direction requests, call clicks) | Local SEO analytics reports & trend dashboards |
5.2 Google API Limited Use Statement
Saminus Cloud’s use and transfer to any other application of information received from Google APIs will strictly adhere to the Google API Services User Data Policy, including the Limited Use requirements.
Specifically, we affirm that Google user data accessed through our integration is:
- Used only to provide features described in Section 5.1 above — no other purpose.
- Not sold, rented, or traded to any third-party advertising platforms, data brokers, or AI model training services.
- Not used for serving targeted advertisements to you or your customers.
- Not shared with humans except as necessary to provide the service (e.g., support team resolving a technical issue at your request).
- Not used to determine creditworthiness or for any lending purpose.
5.3 Token Security
- OAuth access and refresh tokens are stored using AES-256 encryption at rest.
- All API calls are made over HTTPS / TLS 1.2+.
- Tokens are scoped to minimum required permissions and never logged in plaintext.
5.4 Revoking Access
You may revoke Saminus Cloud’s access to your Google Account at any time via:
- Google Account Security Settings at myaccount.google.com/permissions, or
- Email us at admin@saminus.com with subject: Revoke Google API Access
Upon revocation, all cached Google API data and tokens are permanently deleted within 30 days.
5.5 Google Analytics & Advertising
We use Google Analytics 4 (GA4) and Google Ads conversion tracking on saminus.com. You may opt out via Google Ad Settings or the Google Analytics Opt-Out Browser Add-on.
6Data Sharing & Third Parties
6.1 We Do Not Sell Your Data
We do not sell, rent, or trade your PII to any third parties for commercial purposes.
6.2 Service Providers (Data Processors)
- Cloud Hosting: AWS / DigitalOcean / cPanel (servers may be located outside India)
- Payment Processing: Razorpay / PayPal / Stripe — PCI-DSS compliant; we do not receive card data
- Email Delivery: SMTP gateway providers for transactional and marketing emails
- Analytics: Google Analytics 4, Google Search Console
6.3 Legal Disclosures
We may disclose your information to government authorities or courts when required under the IT Act 2000, DPDP Act 2023, BNS, or a valid court order.
Canadian Clients: For clients in Alberta (Edmonton) or other Canadian provinces, data is handled with safeguards consistent with PIPEDA (Personal Information Protection and Electronic Documents Act).
7Data Security
- SSL/TLS encryption for all data in transit on saminus.com and Saminus Cloud
- AES-256 encryption for sensitive data at rest (OAuth tokens, credentials)
- Role-based access controls and two-factor authentication for admin accounts
- Regular malware scanning and vulnerability assessments
- Payment transactions processed through PCI-DSS compliant gateways only — no card data stored on our servers
In the event of a data breach affecting your rights, we will notify you within 72 hours of becoming aware, as required under the DPDP Act 2023, and take immediate remedial action.
8Cookies & Tracking Technologies
| Cookie Type | Purpose | Opt-Out |
|---|---|---|
| Essential | Session management, security, form submissions | Cannot be disabled |
| Analytics (GA4) | Visitor behaviour, page performance | Google Analytics Opt-Out / browser settings |
| Advertising (DART) | Remarketing via Google Ads | Google Ad Settings |
| Live Chat | Chat session continuity | Clear browser cookies |
9Your Rights Under DPDP Act 2023
- Right to Access: Request a summary of personal data we hold about you.
- Right to Correction & Erasure: Request correction of inaccurate data or deletion of data no longer necessary.
- Right to Grievance Redressal: Lodge a complaint with our Grievance Officer; if unresolved, escalate to the Data Protection Board of India.
- Right to Withdraw Consent: Withdraw consent for marketing communications at any time.
- Right to Nominate: Nominate another individual to exercise your rights in the event of death or incapacity.
To exercise any right, contact us at admin@saminus.com. We will respond within 30 days.
10Data Retention
| Data Category | Retention Period |
|---|---|
| Client project records & invoices | 7 years (GST / Companies Act) |
| Email correspondence & inquiry forms | 3 years from last interaction |
| Google API data (reviews, posts, insights) | Active subscription + 30 days post-revocation |
| Analytics & website usage logs | 26 months (GA4 default) |
| Marketing email subscriber data | Until unsubscribe + 30 days |
| QR code scan analytics | Duration of QR service subscription |
| Chatbot conversation logs | 90 days (anonymised after 30 days) |
11Children’s Privacy
Our services are directed exclusively at businesses and adult individuals. We do not knowingly collect data from persons under 18 years of age. If you believe a minor has submitted data to us, contact admin@saminus.com immediately.
12Cross-Border Data Transfers
Data may be transferred to cloud servers located outside India due to hosting infrastructure (US/EU) or international client engagements. All such transfers comply with the DPDP Act 2023 and are subject to data processing agreements with appropriate safeguards.
13Governing Law & Dispute Resolution
This Policy is governed exclusively by Indian law including the IT Act 2000, DPDP Act 2023, and BNS 2023. All disputes are subject to the exclusive jurisdiction of the courts at Hisar, Haryana, India.
14Grievance Officer
In accordance with the IT (Reasonable Security Practices) Rules 2011 and the DPDP Act 2023:
Grievance Officer — Saminus Private Limited
Company: Saminus Private Limited (Saminus Cloud)
Address: Hisar, Haryana – 125001, India
Email: admin@saminus.com
Alt. Email: info@saminus.com
Website: saminus.com
Grievances acknowledged within 48 hours · Resolved within 30 days
15Updates to This Policy & Contact
We reserve the right to update this Policy at any time. Material changes will be notified via a site notice and (for Saminus Cloud users) by email. Continued use of our services after the effective date constitutes acceptance of the updated Policy.
To unsubscribe from all marketing emails, click the unsubscribe link in any email or write to info@saminus.com. Transactional emails cannot be opted out as they are required for service delivery.
Saminus Private Limited | Hisar, Haryana – 125001, India | admin@saminus.com | saminus.com | Privacy Policy v3.0 | Last Updated: May 2026