LEGAL

Privacy Policy

Last Updated: 25 April 2026

Last Updated: 25 April 2026

WPCrafters India respects your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal information when you visit our website, contact us, request a website audit, communicate with us through WhatsApp or email, or use our managed WordPress website services.

WPCrafters provides managed WordPress websites, website maintenance, hosting support, performance optimisation, security support, and related digital services, with a primary focus on Chartered Accountant firms and professional service businesses in India.

This Privacy Policy is written in line with applicable Indian privacy laws, including the Digital Personal Data Protection Act, 2023.

By using our website or sharing your information with us, you agree to the practices described in this Privacy Policy.

1. Who We Are

WPCrafters India is a managed website service operated by Tharwa Consulting Pvt Ltd, based in Bangalore, India.

Business Name: WPCrafters India Operated by: Tharwa Consulting Pvt Ltd Location: Bangalore, Karnataka, India Email: hello@wpcrafters.in Website: wpcrafters.in

In this Privacy Policy, "WPCrafters", "we", "us", and "our" refer to WPCrafters India, operated by Tharwa Consulting Pvt Ltd.

2. What This Privacy Policy Covers

This Privacy Policy applies to information collected through:

  • Our website
  • Contact forms
  • Website audit forms
  • Enquiry forms
  • WhatsApp messages
  • Email communication
  • Phone calls
  • Client onboarding forms
  • Project communication
  • Website support requests
  • Analytics tools, if used
  • Managed WordPress website services

This policy does not apply to third-party websites or services that we do not own or control.

3. Information We Collect

We collect only the information needed to respond to enquiries, deliver our services, manage projects, maintain websites, and improve our business operations.

3.1 Information You Submit Through Forms

When you fill out a contact form, audit form, or enquiry form on our website, we may collect:

  • Name
  • Firm name or business name
  • Email address
  • Phone number
  • WhatsApp number
  • Website URL
  • City or location
  • Service requirement
  • Website problems or audit details
  • Budget or project preference, if provided
  • Message or enquiry details
  • Files, links, screenshots, or documents you choose to share

We use this information to understand your requirement and respond properly.

3.2 WhatsApp Communication

If you contact us through WhatsApp, or if we communicate with you through WhatsApp, we may collect:

  • Your phone number
  • Your WhatsApp profile name
  • Messages you send us
  • Files, images, links, documents, or voice notes you share
  • Service-related communication history

We use WhatsApp mainly for enquiry response, project coordination, service updates, and support.

We do not use WhatsApp communication for unrelated marketing unless you have agreed to receive such messages.

WhatsApp is a third-party platform, so your use of WhatsApp is also subject to WhatsApp's own privacy policy and terms.

3.3 Email and Phone Communication

When you contact us by email or phone, we may collect:

  • Name
  • Email address
  • Phone number
  • Firm or company name
  • Message content
  • Call notes
  • Project requirements
  • Proposal discussions
  • Support requests
  • Service-related communication

We may keep these records for project management, client support, billing, legal, and business reference purposes.

3.4 Client and Project Information

If you become a client, we may collect additional information required to deliver our services, including:

  • Business name
  • Business address
  • Billing details
  • GST details, if applicable
  • Contact person details
  • Website content
  • Brand assets
  • Logos and images
  • Domain details
  • Hosting details
  • WordPress login access
  • DNS access
  • Analytics access
  • Search Console access
  • Plugin or tool access
  • Project feedback
  • Approval records
  • Invoices and payment records
  • Support history

We ask clients to share only the information necessary for the project.

Where possible, we recommend using temporary access, role-based access, limited permissions, and secure password-sharing methods.

3.5 Website Usage and Analytics Data

When you visit our website, we may collect basic technical information such as:

  • IP address
  • Browser type
  • Device type
  • Operating system
  • Pages visited
  • Time spent on pages
  • Traffic source
  • Approximate location
  • Date and time of visit
  • Website interaction data

This may be collected through server logs or analytics tools.

A basic Next.js website does not use cookies by default for tracking. However, if we add tools such as Google Analytics in the future, analytics cookies may be used.

4. How We Use Your Information

We use your personal information only for legitimate business purposes.

4.1 To Respond to Enquiries

We use your contact details and message information to:

  • Respond to your enquiry
  • Understand your website needs
  • Review your current website
  • Prepare audit feedback
  • Recommend suitable services
  • Schedule calls
  • Send proposals or quotations
  • Follow up on your request

4.2 To Deliver Our Services

If you become a client, we use your information to:

  • Build your website
  • Maintain your WordPress website
  • Set up hosting, domain, DNS, and CDN
  • Configure forms, plugins, analytics, and backups
  • Improve website speed and performance
  • Provide website security support
  • Fix bugs and technical issues
  • Manage updates and maintenance
  • Provide support
  • Send invoices
  • Maintain service records

4.3 To Send Service Updates

We may send you service-related updates, such as:

  • Project updates
  • Website maintenance updates
  • Hosting updates
  • Security alerts
  • Renewal reminders
  • Invoice reminders
  • Support replies
  • Important account or access-related messages

These are service communications, not marketing messages.

4.4 To Improve Our Website and Services

We may use website usage data and enquiry patterns to:

  • Improve our website
  • Improve our service pages
  • Understand what visitors are looking for
  • Measure website performance
  • Improve enquiry flow
  • Improve user experience
  • Identify technical issues
  • Improve our offers for CA firms and professional service businesses

Where possible, we use aggregated or non-identifiable data.

4.5 For Security and Fraud Prevention

We may use technical data, logs, and communication records to:

  • Protect our website
  • Prevent spam
  • Detect misuse
  • Prevent unauthorised access
  • Protect client websites
  • Investigate suspicious activity
  • Improve website security
  • Maintain reliable service delivery

4.6 For Legal, Accounting, and Business Purposes

We may use and retain information for:

  • Accounting
  • Tax records
  • GST compliance
  • Invoice records
  • Contract management
  • Dispute resolution
  • Legal claims
  • Internal business records
  • Compliance with applicable laws

5. Marketing Communication

We do not send unrelated marketing messages without appropriate consent.

If you subscribe to updates, request marketing information, or agree to receive promotional communication, we may send:

  • Website tips
  • Service updates
  • Offers
  • Case studies
  • Business updates
  • Educational content
  • Newsletter content

You can opt out of marketing communication at any time by contacting:

hello@wpcrafters.in

We may still send necessary service-related communication even if you opt out of marketing.

6. Who We Share Your Information With

We do not sell your personal information.

We do not rent your personal information.

We do not trade your personal information.

We may share limited information only when necessary to operate our website, deliver services, manage infrastructure, or comply with legal obligations.

6.1 Hosting and Infrastructure Providers

We may use hosting and infrastructure providers such as:

  • Contabo
  • Cloudflare
  • Domain providers
  • DNS providers
  • WordPress hosting providers
  • Backup providers
  • CDN providers
  • Email hosting providers

These providers may process limited data needed to host websites, maintain servers, deliver content, manage backups, and provide security.

Depending on the server location, data may be stored or processed in India, the European Union, or other regions.

6.2 Web3Forms and Form Handling Providers

We may use Web3Forms or similar tools to process website form submissions.

When you submit a form, your information may pass through the form handling provider so that your message can reach us.

We use these tools only for operational purposes.

We do not authorise form providers to sell your data or use it for unrelated marketing.

6.3 Communication Tools

We may use communication tools such as:

  • Email services
  • WhatsApp
  • Phone services
  • CRM tools
  • Project management tools
  • Support tools

These tools help us communicate with you, manage projects, and provide support.

6.4 Analytics Tools

If enabled, we may use analytics tools such as:

  • Google Analytics
  • Google Search Console
  • Website performance tools
  • Privacy-friendly analytics tools

These tools help us understand website traffic, improve our website, and measure service interest.

If analytics cookies are used, they will be handled according to applicable privacy requirements.

6.5 Payment, Accounting, and Compliance Providers

If you become a paying client, we may share necessary billing or payment information with:

  • Payment gateways
  • Banks
  • Accounting software
  • Tax consultants
  • Chartered accountants
  • Legal advisors
  • Compliance providers

This is done only for billing, accounting, tax, legal, and compliance purposes.

6.6 Legal and Regulatory Disclosure

We may disclose your information if required by:

  • Law
  • Court order
  • Government authority
  • Regulatory authority
  • Law enforcement request
  • Tax or compliance obligation

We may also disclose information to protect our legal rights, prevent fraud, enforce agreements, or protect our business, clients, users, and systems.

7. Data Storage

Your information may be stored in:

  • Email inboxes
  • Form submission records
  • Website servers
  • Hosting systems
  • Client project folders
  • Cloud storage
  • Backup systems
  • CRM or project management tools
  • Accounting records
  • WhatsApp or communication platforms
  • Security logs

Depending on our infrastructure and service providers, data may be stored in India, the European Union, or other regions.

We take reasonable steps to ensure that your information is stored securely.

8. Data Retention

We keep your information only for as long as necessary.

8.1 Enquiry Data

If you submit an enquiry but do not become a client, we may keep your enquiry details for up to 24 months for follow-up, business reference, and enquiry history.

You may request deletion earlier by contacting us.

8.2 Client Data

If you become a client, we may keep project, billing, support, and communication records for the duration of the service relationship and for a reasonable period after the service ends.

Some records may be retained for up to 7 years where required for tax, accounting, legal, or compliance purposes under Indian law. We maintain client records systematically to honour this commitment.

8.3 Analytics and Technical Logs

Website analytics data, server logs, and security logs may be retained for a limited period depending on the tool or system used.

Typical retention may range from 30 days to 26 months.

8.4 WhatsApp and Email Records

We may retain WhatsApp and email communication for project reference, support, dispute prevention, and service continuity.

You may request deletion of personal information, subject to legal or business retention requirements.

9. Security Measures

We take reasonable security measures to protect your personal information.

These may include:

  • HTTPS encryption
  • Secure hosting configuration
  • Access controls
  • Limited internal access
  • Password protection
  • Role-based access where possible
  • Regular WordPress updates
  • Security monitoring
  • Backups
  • Firewall or CDN protection
  • Spam prevention
  • Malware protection where applicable
  • Secure handling of website credentials
  • Use of reputable third-party providers

However, no online system is completely secure. We cannot guarantee absolute security of information transmitted over the internet.

You are responsible for sharing information carefully and using secure methods when sending passwords or sensitive access details.

10. Website Credentials and Client Access

As part of our managed WordPress services, clients may provide access to:

  • WordPress admin
  • Hosting panel
  • Domain registrar
  • DNS provider
  • Email system
  • Analytics tools
  • Search Console
  • CDN account
  • Plugin accounts
  • Other website tools

We use this access only to deliver the agreed service.

We recommend that clients:

  • Create separate user accounts for WPCrafters
  • Use limited permissions
  • Avoid sharing master passwords
  • Use temporary access where possible
  • Use secure password-sharing tools
  • Enable two-factor authentication
  • Remove access when it is no longer needed

We are not responsible for security issues caused by weak passwords, reused passwords, insecure third-party tools, or client-side misconfiguration outside our control.

11. Client Website Data

When we manage or maintain a client website, that website may collect personal data from the client's own visitors, customers, or users.

This may include:

  • Contact form submissions
  • Appointment requests
  • Newsletter sign-ups
  • Client enquiries
  • Comments
  • Login details
  • Analytics data
  • Security logs
  • Backup data

The client who owns the website is responsible for deciding what data the website collects and how it is used.

WPCrafters may process this data only for technical support, maintenance, hosting, security, backups, troubleshooting, or website administration.

We do not use client website data for our own marketing or unrelated purposes.

12. Sensitive Information

We do not intentionally request sensitive personal information through our general website forms.

Please do not send sensitive information unless it is required for a specific service and shared through an appropriate secure method.

Sensitive information may include:

  • Financial records
  • Government ID numbers
  • Tax records
  • Bank details
  • Passwords
  • Client confidential files
  • Legal documents
  • Medical information
  • Private business records

If such information is required for a project, we will use it only for the agreed purpose.

13. Cookies

Our website may use cookies or similar technologies.

Cookies may be used for:

  • Website functionality
  • Security
  • Analytics
  • Performance tracking
  • Remembering preferences
  • Understanding website traffic
  • Improving user experience

A basic Next.js website does not use tracking cookies by default. If we add Google Analytics or similar tools later, analytics cookies may be used.

You can disable cookies through your browser settings. Some website features may not work properly if cookies are disabled.

14. Your Rights Under Indian Law

Under applicable Indian data protection law, including the Digital Personal Data Protection Act, 2023, you may have rights related to your personal data.

These may include:

  • Right to access information about your data
  • Right to correct inaccurate data
  • Right to request deletion of your data
  • Right to withdraw consent where processing is based on consent
  • Right to raise a grievance
  • Right to nominate another person to exercise your rights where applicable

To make a request, email us at:

hello@wpcrafters.in

Please include:

  • Your full name
  • Your email address or phone number
  • A clear description of your request
  • Any details that help us identify your information

We may need to verify your identity before processing your request.

15. Data Deletion Requests

You may request deletion of your personal information by contacting:

hello@wpcrafters.in

We will review your request and delete applicable information where legally and practically possible.

However, we may retain certain information if required for:

  • Legal compliance
  • Tax records
  • Accounting records
  • Contractual obligations
  • Dispute resolution
  • Fraud prevention
  • Security investigations
  • Service history
  • Legitimate business purposes

If we cannot fully delete certain information, we may explain the reason where appropriate.

16. Correction Requests

If the information we hold about you is incorrect, incomplete, or outdated, you may request correction by emailing:

hello@wpcrafters.in

We will make reasonable efforts to update the information after verification.

17. Withdrawal of Consent

Where we rely on consent to process your personal data, you may withdraw your consent at any time.

To withdraw consent, contact:

hello@wpcrafters.in

Withdrawal of consent will not affect processing already completed before the withdrawal.

If the data is required to provide a service, withdrawing consent may limit or stop our ability to continue that service.

18. Children's Privacy

Our website and services are intended for businesses, professional firms, and adults.

We do not knowingly collect personal information from children.

If you believe a child has shared personal information with us, contact us at:

hello@wpcrafters.in

We will take appropriate steps to delete the information where required.

19. Third-Party Links

Our website may contain links to third-party websites or platforms.

These may include:

  • WordPress
  • Hosting providers
  • Payment gateways
  • WhatsApp
  • Google services
  • Client websites
  • Social media platforms
  • Scheduling tools
  • Analytics tools
  • Other business tools

We are not responsible for the privacy practices, content, or security of third-party websites.

You should review their privacy policies before sharing personal information with them.

20. International Data Processing

Some of our service providers may process data outside India.

For example, hosting, form handling, analytics, CDN, backup, email, or communication providers may operate servers in India, the European Union, the United States, or other regions.

Where such processing happens, we take reasonable steps to ensure your data is handled securely and used only for the purposes described in this Privacy Policy.

21. No Sale of Personal Data

We do not sell your personal data.

We do not sell enquiry details.

We do not sell WhatsApp numbers.

We do not sell client lists.

We do not sell website visitor data.

We do not give your information to third parties for their independent marketing.

22. Business Transfers

If Tharwa Consulting Pvt Ltd or WPCrafters India is involved in a merger, acquisition, restructuring, sale of business, or transfer of assets, personal information may be transferred as part of that transaction.

If this happens, we will take reasonable steps to ensure that your personal information continues to be protected.

23. Accuracy of Information

You are responsible for ensuring that the information you provide to us is accurate and up to date.

If your contact details, firm details, billing details, or service requirements change, please inform us so we can update our records.

24. Privacy for CA Firm Clients

Because WPCrafters serves Chartered Accountant firms and professional service businesses, we understand that confidentiality is important.

When working with CA firms, we may handle website content, client-facing forms, enquiry flows, and technical systems that may involve confidential business communication.

We will use such information only for the agreed website service.

25. Changes to This Privacy Policy

We may update this Privacy Policy from time to time.

Updates may be made because of:

  • Changes in law
  • Changes in our services
  • Changes in technology
  • Changes in third-party tools
  • Changes in website features
  • Changes in data handling practices
  • Security or operational updates

When we update this Privacy Policy, we will revise the "Last Updated" date at the top of this page.

For major changes, we may notify users by:

  • Posting a notice on our website
  • Sending an email to active clients
  • Sharing an update through service communication channels

Your continued use of our website or services after the updated Privacy Policy is posted means you accept the updated policy.

26. Contact Us

If you have any questions, concerns, complaints, or requests related to this Privacy Policy or your personal data, contact us at:

WPCrafters India Operated by Tharwa Consulting Pvt Ltd Bangalore, Karnataka, India Email: hello@wpcrafters.in

Footer Summary

WPCrafters India, operated by Tharwa Consulting Pvt Ltd, collects basic contact, enquiry, project, communication, and website usage information to respond to enquiries, deliver managed WordPress website services, provide support, and improve our website. We do not sell personal data. For privacy requests, contact hello@wpcrafters.in.

Have a Privacy Question?

Contact us and we will respond within 48 hours.

Email UsWhatsApp Us