Republic Wing

Led by IITians
Initializing Secure Workspace 0%
> Booting environment...
> Awaiting sequence sync...
Republic Wing Logo
ISO 27001 & DPDP Compliant

Your Data Privacy,
Our Utmost Priority.

Republic Wing processes personal data in strict compliance with the Digital Personal Data Protection Act, 2023 (DPDP Act) and the Information Technology Act, 2000.

Scope & Legal Basis

Scope: This Privacy Policy applies to all personal data collected by Republic Wing (the “Company”) from clients, job applicants, employees, and visitors to our website or services. “Personal Data” includes any information identifying an individual (e.g. name, address, email, phone number, employment history, IP address, cookie identifiers, etc.). Sensitive categories (e.g. health data or financial information) are only collected with explicit consent where necessary.

Legal Basis: Republic Wing processes personal data in compliance with the Digital Personal Data Protection Act, 2023 (DPDP Act) and the Information Technology Act, 2000. As a Data Fiduciary, we only collect personal data for a lawful purpose (in accordance with Section 4(1) of the DPDP Act) and with appropriate notice and consent. Personal data processed in India is subject to these laws; international transfers are safeguarded by contracts and, where required, government authorization.

Data Collection

We collect Personal Data when individuals: (a) submit contact or inquiry forms; (b) apply for jobs; (c) become clients and sign contracts; (d) visit our website (via cookies and web analytics); or (e) otherwise interact with us (emails, event registrations). We gather only data needed for each purpose (data minimization). Examples include:

  • Clients/Customers: Name, organization, email, phone, IP address, billing details (address, GSTIN, payment info) for invoicing, service delivery records, and technical data.
  • Employees/Contractors: Name, contact info, work history, bank details (for payroll), and any certifications/licensures.
  • Website Visitors: Usage data collected via cookies and analytics – e.g. IP address, browser type, pages visited, timestamps.

Purpose of Use

Personal Data is used only for stated, lawful purposes:

  • To provide and improve our software/services and support.
  • For communication (sending invoices, service updates, newsletters where opted-in).
  • To fulfill legal obligations (tax filings, compliance with court orders).
  • For security and fraud prevention (detecting unusual access or attacks).
  • For recruitment (evaluating applications & administering HR processes).

Consent & Notice

We obtain consent as required by law. In all forms where sensitive or extensive data is collected, a clear notice explains what data is being collected and why. Users may withdraw consent at any time (subject to contractual or legal retention needs). Republic Wing does not sell or rent personal data to third parties. Any third-party sharing is limited to: (a) service providers (e.g. cloud hosting, analytics) under written NDA; and (b) government or regulatory authorities when required by law.

Cookies & Tracking

Our website may use cookies and similar technologies to remember user preferences, analyze traffic, and improve user experience. We adopt a permissive approach (non-invasive cookies only), since India does not have a strict cookie law. However, we treat cookie data as personal data (potentially identifying via device ID). Visitors can disable cookies in their browser or opt out of analytics at any time. We do not engage in targeted advertising.

Data Retention

We retain Personal Data only as long as necessary. After a service contract ends or an employment relationship closes, data is archived or deleted according to standard schedules (e.g. financial records for 7 years under tax law, employee records per labor laws). Once no longer needed (or upon withdrawal of consent), data is securely erased in accordance with DPDP Act Section 8(7).

Your Rights

Under Indian law, individuals have rights to access, correct, port, and erase their personal data. Data Principals may request details of what data we hold about them, or ask us to rectify inaccurate data, by contacting us. We will also promptly honor any withdrawal of consent. Republic Wing has appointed a Privacy Officer/Designated Person to address such requests and redress grievances.

Data Security (ISO/IEC 27001:2022 Compliant)

In line with our ISO/IEC 27001:2022 certification, we implement robust technical and organizational security measures. These include encryption of data at rest and in transit (ISO 27001 Annex A.10), firewalls and intrusion detection (A.13), strict access controls and logging (A.9, A.12), vulnerability assessments, and regular security audits.

Only authorized personnel have access to personal data. Any data breach or cyber incident will be addressed under our incident response plan, and affected individuals will be notified as mandated by the DPDP Act. Under the IT Act, 2000 (Section 43A & 72A), we recognize the legal liability for failing to protect data and treat the confidentiality of personal data as paramount.

Updates: This policy will be updated as laws or business practices change. We will post a notice on the website for significant changes.
Last updated May 2026.

Example Reference: The Software Technology Parks of India (a government body) similarly assures visitors that it “does not sell or share any personally identifiable information… to any third party” and that voluntary information is “protected from loss, misuse, unauthorized access or disclosure”. Republic Wing’s policy follows these best practices while complying with Indian law.