Privacy Policy
Written in plain language. A firm that handles other people's data owes them a policy they can read.
Last updated: 10 July 2026
This policy explains what personal data Sciematics Insights collects through this website and in the course of our work, why we collect it, and what you can do about it.
Who we are
Sciematics Insights is a data science and artificial intelligence practice registered in India, part of the Acmez group, founded in 2024. Our head office is at #651/52 Ganga Enclave, Near Sainik Colony, Right Bank Canal Road, Roorkee 247667, District Haridwar, Uttarakhand, India.
Under Indian data protection law we act as a data fiduciary for the personal data described below. When we process data inside a client's systems during an engagement, the client is the fiduciary and we are a data processor acting on their documented instructions.
What we collect
Through this website, only what you type into a form:
- Contact form: your name, email address, telephone number, organisation, the engagement you are interested in, an indicative budget if you choose to give one, and your message.
- Careers form: your name, email address, telephone number, years of experience, the role you are applying for, a link to your work, your resume, and any note you add.
Our web server records the internet protocol address of the device making a request, the time, and the page requested. We use this only for rate limiting and to investigate abuse.
We do not collect special category data through this site. Please do not include health information, financial account details, government identifiers, or passwords in any message to us.
Why we collect it
- To reply to your enquiry and, if it proceeds, to prepare a proposal.
- To assess a job application and communicate with you about it.
- To keep a record of what was submitted, so a mail failure does not lose your message.
- To defend our forms against automated abuse.
We do not sell personal data, and we do not add enquirers to a marketing list.
Legal basis
We process contact form data on the basis of your consent, given when you tick the box before submitting, and on our legitimate interest in responding to enquiries about our services.
We process application data on the basis of your consent and in order to take steps at your request before entering an employment contract.
Where the Digital Personal Data Protection Act 2023 applies, consent is obtained through an affirmative action and may be withdrawn at any time by writing to the address below.
How long we keep it
| What | How long | Why |
|---|---|---|
| Enquiries that go nowhere | 12 months | So we recognise you if you return |
| Enquiries that become engagements | 7 years | Tax and contractual record keeping |
| Job applications, unsuccessful | 12 months | To consider you for a later opening |
| Job applications, successful | Employment plus 7 years | Statutory employment records |
| Client data under engagement | Deleted at engagement end | Purpose limitation |
| Server request logs | 90 days | Abuse investigation |
| Form submission log | 90 days | Recovery if mail delivery fails |
If you ask us to delete an unsuccessful application sooner, we will, unless we are required to keep it.
Who we share it with
Data submitted through this site reaches our own mail server and our own inbox. It is not passed to a third party marketing platform.
We rely on a small number of processors that are unavoidable in running a website: our hosting provider, our email provider, and the content delivery networks that serve the Bootstrap and font files this page loads. Those networks receive your browser's internet protocol address, as they would for any site that uses them.
We disclose personal data to a government authority only where legally compelled, and where permitted we will tell you that we have.
Client data and models
During an engagement we may access systems containing personal data belonging to your customers, patients, or employees. In that relationship you are the fiduciary and we are the processor, acting only on your documented instructions.
Access is scoped to the individuals working on your engagement, reviewed on rotation, and revoked on the day a person leaves the project. We prefer to work inside your environment rather than move data into ours. Where data must be moved, it is minimised, and identifiers are removed or pseudonymised wherever the modelling permits.
Model weights, code, notebooks, and pipelines produced for you belong to you from creation. On the day an engagement ends, our copies of your data are deleted and confirmation is provided in writing.
Training data and your data
We do not train models on one client's data for the benefit of another. Not in aggregate, not anonymised, not as a starting point. This is stated in every contract we sign, and it is the reason we can be trusted with a competitor's dataset next year.
We do not send client data to third party model providers without your explicit written instruction, and where you do instruct it, we will tell you what that provider's retention policy says before anything is sent.
Candidate information
Your resume is read by our hiring team and by the scientist or engineer who would work alongside you. It is never shared with a client and never used as evidence of our capability in a proposal.
If you are unsuccessful and would rather we did not keep your application for the twelve months above, say so and we will delete it.
Cookies and tracking
This website sets no cookies of its own. There is no analytics script, no advertising pixel, and no session cookie, because the site does not need one.
Your browser will fetch stylesheets, fonts, and one JavaScript bundle from Google Fonts and jsDelivr. Those providers see the request. We receive nothing from them about you.
How we protect it
- The site is served over HTTPS and plain HTTP requests are redirected.
- Form submissions are validated on the server, not only in your browser.
- Our form handlers are protected against mail header injection and rate limited per address.
- Submission logs are stored outside the publicly reachable part of the web server.
- Access to our mail inbox and to client environments requires multi factor authentication.
No system is perfectly secure. If we discover a breach affecting your personal data we will notify you and the Data Protection Board of India as required, without undue delay.
Your rights
You may ask us to:
- tell you what personal data of yours we hold, and why;
- correct it if it is wrong, or complete it if it is partial;
- erase it, where we have no legal obligation to keep it;
- stop processing it, by withdrawing the consent you gave;
- nominate another person to exercise these rights if you are unable to.
Write to info@sciematics.com. We will respond within thirty days, at no charge. We may ask you to confirm your identity first, so that we do not disclose your data to somebody else.
If you are unhappy with our response you may complain to the Data Protection Board of India.
Grievance officer
As required by the Information Technology Act 2000 and the rules made under it, and by the Digital Personal Data Protection Act 2023, our grievance officer can be reached at:
Grievance Officer, Sciematics Insights
#651/52 Ganga Enclave, Near Sainik Colony, Right Bank Canal Road
Roorkee 247667, District Haridwar, Uttarakhand, India
info@sciematics.com
+91 1332 315082
Complaints are acknowledged within twenty four hours and resolved within fifteen days.
Changes to this policy
When we change this policy we update the date at the top of this page. If a change materially affects how we handle data you have already given us, we will write to you rather than rely on you noticing.
This policy describes our practice. It is not legal advice, and it does not create rights beyond those the law already gives you.