Back to divontrix.com
Legal · Privacy

Privacy Policy

Effective 3 July 2026·Divontrix Technologies (OPC) Private Limited

01Overview

This Privacy Policy describes how Divontrix Technologies (OPC) Private Limited (“Divontrix”, “we”, “us”) collects, uses, and protects personal information submitted through the public website at divontrix.com (the “Site”). It applies to all visitors who submit the early-access waitlist form, the contact form, or who email us directly.

This Policy does not apply to customer data processed inside the DivontrixDB product itself. DivontrixDB is a binary-only, on-premise database that transmits nothing back to Divontrix. All data written to or read from a deployed DivontrixDB instance remains on the customer’s premise, under the customer’s exclusive control. Customer data handling is governed by the executed Master Services Agreement, End-User License Agreement, and Data Processing Addendum applicable to each engagement — not by this Policy.

02What we collect

Information you submit through the Site

We collect the information you voluntarily provide when you complete a form:

  • Waitlist form: work email, name, organization, and role. All four fields are required.
  • Contact form: name, email, organization, role, inquiry type, and message. Name, email, inquiry type, and message are required; organization and role are optional.
  • Direct email: any information you include when you email contact@divontrix.com, security@divontrix.com, or privacy@divontrix.com.

Information we do NOT collect

We deliberately do not collect:

  • Analytics data. The Site runs no Google Analytics, no Plausible, no Vercel Analytics, no Segment, and no other web analytics.
  • Tracking cookies, advertising cookies, or social-media pixels. The Site sets no cookies.
  • Telemetry or product-usage data. DivontrixDB itself transmits nothing back to Divontrix.
  • IP addresses for tracking. IP addresses are read transiently only for rate-limiting on the public API routes (see Section 04) and are not persisted.
  • Browser fingerprints, device identifiers, or cross-site identifiers.

The Site’s public messaging — “No database. No tracking.” — is the architecture, not a marketing line. There is no server-side database storing your submission; your submission is delivered by email to a Divontrix mailbox and is not otherwise retained on the server.

03Why we process your information

We process submitted personal information for the following lawful purposes:

  • To respond to your inquiry. When you submit the contact form or email us, we use your name, email, and message to reply.
  • To evaluate early-access fit. Waitlist submissions (email, name, organization, role) are reviewed by a human to assess whether DivontrixDB is a genuine fit for a $1M+ on-premise engagement, and to schedule a discovery call if so.
  • To operate and protect the Site. IP addresses are read transiently to enforce per-IP rate limits on the public API routes (3 waitlist submissions per hour per IP; 5 contact messages per hour per IP). This protects the Site from abuse.
  • To meet legal obligations. We may retain submissions where required by Indian law or by a legitimate law-enforcement request that meets the legal threshold.
  • With your consent, where given. If you email us asking for a follow-up, we will follow up. You can withdraw consent at any time by emailing privacy@divontrix.com.

04Legal basis (GDPR)

For visitors from the European Economic Area, the United Kingdom, or Switzerland, our processing is based on the following GDPR lawful bases:

  • Article 6(1)(b) — performance of a contract or pre-contractual steps taken at your request. Applies when you submit the waitlist form to be considered for an engagement.
  • Article 6(1)(f) — our legitimate interests in responding to inquiries, protecting the Site from abuse, and operating a functional business. Applies to contact-form submissions and direct email.
  • Article 6(1)(c) — compliance with a legal obligation. Applies where Indian law requires retention or disclosure.
  • Article 6(1)(a) — your explicit consent. Applies to any optional follow-up communications beyond the scope of your original inquiry. Consent is withdrawable at any time.

We are not required to, and do not, appoint a Data Protection Officer under Article 37 GDPR.

05Sub-processors

A sub-processor is a third party that processes personal information on our behalf. We use the minimum possible number of sub-processors:

Sub-processor inventory
Email delivery · Hostinger SMTP

Used to deliver the confirmation email you receive after submitting the waitlist or contact form, and to deliver your submission to the Divontrix sales inbox. Hostinger processes the email in transit. See Hostinger’s Privacy Portal.

No other sub-processors are engaged. We do not use a CRM, a customer-data platform, an analytics provider, a marketing-automation tool, an error-tracking service, or a CDN-side logging service that would process your personal information.

The mailbox that receives your submission is operated on Hostinger’s hosted email infrastructure. If we engage any new sub-processor in the future, we will update this Policy and provide notice on the Site before the new sub-processor begins processing.

06International transfers

Divontrix is incorporated in Telangana, India. Hostinger’s email infrastructure processes email in transit; Hostinger is an international provider and may transfer data outside India. If you submit the form from within the EEA, UK, or Switzerland, your information may be transferred to a country outside your jurisdiction that does not provide an equivalent level of data protection.

Where applicable, we rely on Hostinger’s compliance with the EU Standard Contractual Clauses for the transfer of personal data to third countries. We do not engage in transfers to jurisdictions on the EU list of inadequate protection, except through sub-processors that have executed the Standard Contractual Clauses.

07Retention

We retain personal information only for as long as necessary to fulfill the purposes described in Section 03:

  • Waitlist submissions: retained for the duration of the early-access program plus 12 months after the program closes, then deleted from the sales mailbox.
  • Contact-form submissions: retained for 24 months from the date of submission to allow continuity of conversation, then deleted.
  • Email correspondence (direct email): retained for 36 months to allow continuity and for audit defensibility, then deleted.
  • Rate-limiting data: ephemeral, in-memory only, never persisted to disk. Cleared on server restart and at most every 5 minutes by routine eviction.

If you ask us to delete your information earlier, we will do so within 30 days of the request (see Section 09).

08Security

The Site enforces a strict security posture designed to match the mission-critical register our customers expect:

  • Strict Content-Security-Policy with no inline script execution from untrusted sources.
  • HSTS preload, X-Frame-Options DENY, Permissions-Policy locked down, and Referrer-Policy strict-origin-when-cross-origin.
  • CSRF protection on every state-changing API route via Origin header validation.
  • Per-IP rate-limiting on public form routes (3/hour for waitlist, 5/hour for contact).
  • No server-side database storing submissions — submissions are delivered by email and not otherwise retained on the web server.
  • PGP-encrypted channel available for vulnerability reports via security@divontrix.com (see /.well-known/pgp-key.asc).

In the event of a personal-data breach affecting your rights, we will notify the relevant supervisory authority and affected individuals within 72 hours of becoming aware of the breach, where required by Article 33 and Article 34 GDPR.

09Your rights

Depending on your jurisdiction, you may have the following rights regarding your personal information:

  • Access — request a copy of the personal information we hold about you.
  • Rectification — request correction of inaccurate or incomplete information.
  • Erasure — request deletion of your personal information (the “right to be forgotten”).
  • Restriction — request that we limit processing of your information.
  • Portability — request your personal information in a structured, machine-readable format.
  • Objection — object to processing based on legitimate interests.
  • Withdrawal of consent — withdraw consent at any time where processing is based on consent.

To exercise any of these rights, email privacy@divontrix.com with the subject line “Rights Request”. We respond within 30 days. If we cannot verify your identity from the email alone, we may ask for additional information necessary to confirm you are the data subject.

If you are unsatisfied with our response, you have the right to lodge a complaint with your local data-protection supervisory authority. For India, the relevant authority is the Data Protection Board of India.

10Cookies

The Site does not use cookies, web beacons, tracking pixels, or local storage for analytics, advertising, or session tracking. The only client-side state the Site uses is the visual theme preference (dark or light), stored in your browser’s local storage if and only if you toggle the theme manually. No cookie banner is shown because no cookies are set.

11Children’s data

The Site is intended for business professionals evaluating enterprise database infrastructure. We do not knowingly collect personal information from anyone under the age of 18. If you believe we have inadvertently collected information from a minor, please contact privacy@divontrix.com and we will delete it.

12Changes to this Policy

We may update this Privacy Policy from time to time. When we do, we will update the “Effective” date at the top of this page. For material changes that affect how we process existing personal information, we will also post a notice on the Site’s homepage at least 30 days before the change takes effect.

The current version is effective 3 July 2026. You can review prior versions by emailing privacy@divontrix.com.

13Contact

The data controller for personal information submitted through the Site is:

Data controller
Divontrix Technologies (OPC) Private Limited
CIN: U62011TS2025OPC205089
D.NO.2-3-353, Market Road, M V Complex,
Metpalli, Karim Nagar district,
Telangana, India — 505325
Privacy inquiries: privacy@divontrix.com
General inquiries: contact@divontrix.com

Questions about this document?

Contact privacy@divontrix.com for privacy and data-protection inquiries, contact@divontrix.com for everything else.

© 2026 Divontrix Technologies. All rights reserved.