This Privacy Policy describes how Vector CXO, operated by Saurin Gandhi ("I," "me," "my," or "Vector CXO"), collects, uses, stores, and protects information when you visit this website or engage my consulting services.
By using this website or engaging my services, you agree to the collection and use of information as described in this policy. If you do not agree, please do not use this website or engage my services.
1. Information I Collect
1.1 Information You Provide Directly
Contact information: Name, email address, phone number, company name, job title, and country when you submit a contact form, request a conversation, or subscribe to the newsletter.
Business information: Information about your company, processes, technology stack, strategic goals, and other business details shared during consultations and engagements.
Communication records: Emails, messages, and notes from our conversations.
Payment information: Billing details and payment information processed through third-party payment providers. I do not store complete credit card or bank account numbers on my systems.
1.2 Information Collected Automatically
When you visit this website, I may automatically collect:
Device information: Browser type, operating system, device type.
Usage data: Pages visited, time spent on pages, links clicked, referring website.
Location data: General geographic location based on IP address (country/city level, not precise location).
Cookies and similar technologies: See Section 6 for details.
1.3 Information From Third Parties
I may receive information about you from third parties, such as:
Payment processors confirming transaction completion.
Analytics providers providing aggregated website usage data.
Professional networks if you connect with me there.
2. How I Use Your Information
I use the information collected for the following purposes:
To respond to inquiries: Replying to your messages and scheduling conversations.
To deliver services: Providing the consulting services you engage, including research, analysis, and deliverable creation.
To communicate: Sending engagement-related communications, updates, and (if subscribed) newsletter content.
To improve services: Understanding how the website is used, identifying issues, and improving user experience.
To comply with legal obligations: Meeting tax, accounting, and legal requirements.
To protect rights: Enforcing terms, preventing fraud, and protecting legal interests.
I do not sell your personal information. I do not use your information for third-party advertising.
3. Confidentiality of Engagement Information
All business information shared during consulting engagements is treated as strictly confidential.
I will not:
— Disclose your business information to third parties
— Use your business information for any purpose other than delivering your engagement
— Reference you as a client without explicit written permission
Exceptions:
— Disclosure required by law, regulation, or legal process
— Disclosure with your explicit written consent
Confidentiality obligations survive the termination of any engagement indefinitely.
Aggregated, anonymized insights (with no identifying information) may be used to inform general methodologies and frameworks.
4. Legal Basis for Processing (For EU/UK Users)
If you are located in the European Economic Area (EEA) or United Kingdom, I process your personal data based on the following legal grounds:
Contractual necessity: Processing required to deliver services you have engaged or to take pre-contractual steps at your request.
Legitimate interests: Processing for purposes such as improving services, website analytics, and fraud prevention, where these interests are not overridden by your rights.
Consent: Processing based on your explicit consent, such as newsletter subscriptions. You may withdraw consent at any time.
Legal obligation: Processing required to comply with applicable laws.
5. Data Sharing and Third Parties
I do not sell your data. I may share information with the following categories of third parties:
Service providers: Companies that help me operate the business, including:
— Website hosting providers
— Email service providers
— Payment processors
— Analytics services
— Cloud storage providers
These providers are contractually obligated to protect your information and use it only for the services they provide to me.
Professional advisors: Lawyers, accountants, or other advisors when necessary for business operations.
Legal requirements: Government authorities or other parties when required by law, legal process, or to protect rights and safety.
Business transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred. You will be notified of any such change.
6. Cookies and Tracking Technologies
This website uses cookies and similar technologies for:
Essential functions: Enabling core website functionality.
Analytics: Understanding how visitors use the website (pages viewed, time on site, traffic sources). I use [Google Analytics / privacy-focused analytics — specify which].
Preferences: Remembering your choices and settings.
You can control cookies through your browser settings. Disabling cookies may affect website functionality.
I do not use cookies for advertising or cross-site tracking.
7. Data Retention
I retain your information only as long as necessary for the purposes described:
Contact form submissions: Deleted after inquiry is resolved, unless an engagement begins.
Engagement materials: Retained for 3 years after engagement completion for reference, continuity, and legal protection, then securely deleted unless you request earlier deletion or extended retention.
Payment and financial records: Retained for 7 years as required by tax and accounting regulations.
Newsletter subscriptions: Retained until you unsubscribe.
Website analytics: Aggregated data retained; individual session data deleted after 26 months.
8. Data Security
I implement reasonable administrative, technical, and physical measures to protect your information, including:
— Encryption of data in transit (HTTPS)
— Secure storage with access controls
— Regular review of security practices
— Limited access on a need-to-know basis
However, no method of transmission or storage is 100% secure. I cannot guarantee absolute security. You share information at your own risk.
9. Your Rights
Depending on your location, you may have the following rights:
Access: Request a copy of the personal information I hold about you.
Correction: Request correction of inaccurate or incomplete information.
Deletion: Request deletion of your personal information, subject to legal retention requirements.
Restriction: Request that I limit how I use your information.
Portability: Request a copy of your data in a portable format.
Objection: Object to processing based on legitimate interests.
Withdraw consent: Where processing is based on consent, withdraw that consent at any time.
To exercise any of these rights, contact me at info@vectorcxo.com. I will respond within 30 days. I may need to verify your identity before processing requests.
If you are in the EU/UK, you also have the right to lodge a complaint with a supervisory authority.
10. International Data Transfers
I am based in India. If you are accessing this website or engaging services from outside India, your information may be transferred to, stored, and processed in India.
For users in the EEA/UK: I rely on appropriate safeguards for international transfers, including standard contractual clauses where applicable.
By using this website or engaging my services, you consent to the transfer of your information to India.
11. Children's Privacy
This website and my services are not directed at individuals under 18 years of age. I do not knowingly collect personal information from children. If I become aware that I have collected information from a child, I will delete it promptly.
12. Third-Party Links
This website may contain links to third-party websites. I am not responsible for the privacy practices of those websites. I encourage you to review their privacy policies.
13. Changes to This Policy
I may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last Updated" date.
Material changes will be highlighted or communicated via email where appropriate.
Continued use of the website or services after changes constitutes acceptance of the updated policy.
14. Contact
For questions, concerns, or requests related to this Privacy Policy:
Email: info@vectorcxo.com
I aim to respond to all inquiries within 7 business days.