GDPR Compliance & Data Protection

Whether you're an EU/UK resident protected by the GDPR, an Indian resident covered by the DPDP Act, or anyone else who shares information with us, we apply the same principles: we only collect data we genuinely need, we tell you why, we keep it secure, we don't sell it, and we make it easy for you to exercise your rights.

This page focuses specifically on data-protection compliance. For the full detail of what we collect and how we use it, please read it alongside our Privacy Policy.

When you visit globalinfoedge.in or enquire about our services, Global Info Edge is the data controller for that information — we decide why and how it is processed.

When we deliver services to a client (for example, running ads, building automations or managing a CRM), we typically act as a data processor, handling personal data on that client's instructions and under a written agreement. We make a Data Processing Agreement (DPA) available to clients on request.

For any data-protection matter, you can reach us at hello@globalinfoedge.in.

Information you give us directly: your name, email, phone number, company and the details of your enquiry or project, when you submit a form, request a call, message us on WhatsApp, or correspond with us.

Information collected automatically: IP address, browser and device type, referring page and pages visited, gathered through cookies and analytics to operate and improve the website.

Client data we process on our clients' behalf: where we deliver services, this may include the personal data of our clients' own customers and leads, which we process only as instructed and protect under contract.

Under the GDPR we only process personal data where we have a lawful basis to do so:

Consent — for example, when you opt in to marketing emails or WhatsApp messages. You can withdraw consent at any time.

Contract — to provide the services you've engaged us for, or to take steps at your request before entering into a contract.

Legitimate interests — to operate, secure and improve our website and to respond to enquiries, balanced against your rights and freedoms.

Legal obligation — to meet accounting, tax and other legal requirements.

We only send marketing communications — including email newsletters and WhatsApp broadcasts — to people who have actively opted in. We do not add you to marketing lists without your consent.

When we run WhatsApp marketing for clients, we build proper opt-in capture and honour opt-outs, in line with WhatsApp's policies and applicable law.

You can withdraw consent or unsubscribe at any time using the link in any message, by replying STOP on WhatsApp, or by emailing hello@globalinfoedge.in. Withdrawing consent doesn't affect processing that already took place.

If you are in the EU or UK, you have the following rights over your personal data, which you can exercise free of charge by contacting us:

Right of access — to ask whether we hold data about you and receive a copy of it.

Right to rectification — to have inaccurate or incomplete data corrected.

Right to erasure — to ask us to delete your data (the 'right to be forgotten'), where there is no overriding reason to keep it.

Right to restriction — to ask us to limit how we use your data in certain circumstances.

Right to data portability — to receive the data you provided in a structured, commonly used, machine-readable format.

Right to object — to object to processing based on legitimate interests, and to direct marketing at any time.

Right to withdraw consent — at any time, where processing is based on consent.

Right to complain — to lodge a complaint with your local data-protection authority (such as the ICO in the UK, or your EU member-state supervisory authority).

If you are a Data Principal under India's Digital Personal Data Protection Act, 2023, you have comparable rights: to access a summary of your personal data and how it's processed, to correction and completion, to erasure, to grievance redressal, and to nominate another person to exercise your rights in the event of death or incapacity.

You can exercise these rights, or raise a grievance, by emailing hello@globalinfoedge.in. We are based in India and process data here in accordance with the DPDP Act.

Global Info Edge is based in India, and personal data we control may be processed in India and by the service providers we use, some of which operate outside your country.

Where personal data of EU/UK individuals is transferred internationally, we rely on appropriate safeguards — such as Standard Contractual Clauses and contractual data-protection commitments with our processors — to ensure your data remains protected to GDPR standards.

We share personal data only with vetted service providers who help us operate, under contract and on a least-privilege basis — for example: website hosting, analytics (such as Google Analytics and Meta Pixel), email and WhatsApp delivery, CRM and automation tools.

We do not sell your personal data. Where we act as a processor for a client, we engage sub-processors only under terms consistent with our agreement with that client, and we provide a list of sub-processors on request.

We keep personal data only for as long as necessary for the purpose it was collected — to respond to your enquiry, deliver our services, and meet legal, accounting and reporting obligations — after which we delete or anonymise it.

We apply administrative, technical and physical safeguards appropriate to the data we hold, including least-privilege access, encryption in transit, and human-review checkpoints for anything customer-facing or irreversible. No system is ever 100% secure, but we treat your data as we would our own.

We use first-party cookies and analytics to operate the website and understand usage. You can control or disable cookies through your browser settings; doing so may affect some site functionality. See our Privacy Policy for more on cookies and analytics.

To exercise any of the rights above, ask a question, request our DPA or sub-processor list, or raise a concern, email us at hello@globalinfoedge.in. We aim to respond to data-subject requests within 30 days, and we won't charge you for exercising your rights.

We may need to verify your identity before acting on a request, to protect your data from unauthorised access.

We may update this page from time to time as our practices or the law evolve. Material changes will be reflected here with a revised 'last updated' date.