What we do Approach Partner Get in touch

Privacy Policy

Last updated: May 2026 · Version 1.0

This policy explains how Sudarva collects, uses, shares and protects personal data, and the rights available to you. It includes regional annexes for specific jurisdictions; where an annex applies to you, it supplements the general terms and prevails in case of conflict for that jurisdiction.

This document is a template provided for transparency and should be reviewed and adapted by qualified legal counsel in each jurisdiction before it is relied upon. It is not legal advice.

1. Scope

This policy applies to personal data we process through the Sudarva website and our direct business communications (for example, contact and partnership enquiries). Where we provide services to businesses, additional or separate data-processing terms may apply under a written agreement.

2. Who we are

"Sudarva", "we", "us" and "our" refer to the Sudarva brand, which currently operates under Rigene Ventures Pvt. Ltd., a company incorporated in India with its registered office in Ernakulam, Kerala. For personal data processed through this website, Rigene Ventures Pvt. Ltd. is the data controller (or equivalent under applicable law). Contact: privacy@sudarva.com.

3. Personal data we collect

We practise data minimisation and collect only what is needed:

  • Contact & partnership data — name, email address, organisation, country/region, website, and the content of your message or application.
  • Technical data — IP address, browser/user-agent, and timestamps, recorded in server logs for security and abuse prevention.
  • Essential cookies — strictly necessary cookies or equivalent storage. See our Cookie Policy.

We do not knowingly collect sensitive personal data through this website, and we do not run advertising or cross-site tracking.

4. How we use personal data

  • To respond to and manage your enquiry or partnership application.
  • To maintain records of our correspondence.
  • To operate, secure and improve the website and prevent fraud or abuse.
  • To comply with legal obligations.

We do not sell personal data, and we do not use it for automated decision-making that produces legal or similarly significant effects.

5. Legal bases for processing

Where the law requires a legal basis, we rely on one or more of: your consent; the performance of a contract or steps taken at your request; our legitimate interests in operating a secure website and responding to enquiries (balanced against your rights); and compliance with legal obligations. Region-specific bases are described in the annexes below.

6. How we share personal data

We share personal data only with:

  • Group entities — within the Rigene Ventures group, on a need-to-know basis.
  • Service providers (processors) — trusted vendors who help us operate the site and deliver email (for example, hosting and email/SMTP providers), bound by confidentiality and data-processing terms.
  • Legal & safety — authorities or advisers where required by law, or to protect rights, safety and the integrity of our services.

7. International transfers

We operate from India and use service providers that may process data in other countries. Where personal data is transferred across borders, we use appropriate safeguards consistent with applicable law — for example, standard contractual clauses, adequacy mechanisms, or your consent where permitted. Region-specific transfer rules are set out in the annexes.

8. Data retention

We keep personal data only as long as necessary for the purposes described, including a reasonable period for record-keeping, dispute resolution and legal compliance, after which it is deleted or anonymised. Security logs are kept for a limited period.

9. Security

We apply technical and organisational measures appropriate to the risk, including HTTPS/TLS encryption in transit, security headers, rate limiting, access controls and the principle of least privilege. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.

10. Your rights (general)

Depending on where you live, you may have rights to access, correct, update, delete, or port your personal data; to object to or restrict certain processing; and to withdraw consent. To exercise any right, email privacy@sudarva.com. We respond within the timeframes required by applicable law. You may also have the right to complain to your local data protection authority.

11. Annex — European Union, EEA & United Kingdom (GDPR / UK GDPR)

EU · EEA · UK

If you are in the EU, EEA or UK, the General Data Protection Regulation (and UK GDPR) applies. The controller is Rigene Ventures Pvt. Ltd.

Your rights

You have the rights of access, rectification, erasure, restriction, data portability, and objection (including to direct marketing), and the right not to be subject to solely automated decisions with legal effects. You may withdraw consent at any time without affecting prior processing.

Legal bases

We rely on consent (Art. 6(1)(a)), contract/pre-contract steps (Art. 6(1)(b)), legitimate interests (Art. 6(1)(f)), and legal obligation (Art. 6(1)(c)).

International transfers

Transfers outside the EEA/UK are protected by appropriate safeguards such as the European Commission's Standard Contractual Clauses (and the UK IDTA/Addendum), or an applicable adequacy decision.

Complaints

You may lodge a complaint with your local supervisory authority (in the UK, the Information Commissioner's Office). Where required, our EU/UK representative details will be published here.

12. Annex — India (DPDP Act 2023)

India

For individuals ("Data Principals") in India, we process personal data in line with the Digital Personal Data Protection Act, 2023, as a "Data Fiduciary".

Notice & consent

We process personal data for the specified, lawful purpose for which you provide it, on the basis of your consent or for legitimate uses permitted by the Act. You may withdraw consent as easily as you gave it.

Your rights

You have the right to access a summary of your personal data and processing, to correction and completion, to erasure, to grievance redressal, and to nominate another person to exercise your rights in the event of death or incapacity.

Grievance redressal

You may raise grievances with our Grievance Officer (see "Contact & grievances" below). If unresolved, you may approach the Data Protection Board of India.

Children

We do not knowingly process the personal data of children (under 18) without verifiable consent of a parent or lawful guardian, and we do not undertake tracking or targeted advertising directed at children.

13. Annex — Vietnam (PDPD, Decree 13/2023/ND-CP)

Vietnam

For data subjects in Vietnam, we process personal data in line with the Personal Data Protection Decree (Decree No. 13/2023/ND-CP).

Consent

We obtain consent that is informed, voluntary and specific before processing your personal data, except where the law permits processing without consent. You will be informed of the processing purpose and the parties involved.

Your rights

You have rights to be informed, to consent and withdraw consent, to access, correction and deletion, to restrict and object to processing, to request a copy of your data, and to complain, in accordance with the Decree.

Cross-border transfer

Where we transfer personal data of data subjects in Vietnam abroad, we maintain the records and assessments required under the Decree and apply appropriate safeguards.

Sensitive data & children

Sensitive personal data and the data of children are processed only with the heightened protections and consents required by the Decree.

14. Annex — Singapore (PDPA)

Singapore

For individuals in Singapore, we comply with the Personal Data Protection Act 2012 (PDPA).

Consent, purpose & notification

We collect, use and disclose personal data for purposes that a reasonable person would consider appropriate, having notified you and obtained consent (or relying on deemed consent or an applicable exception).

Your rights

You may request access to, and correction of, your personal data, and may withdraw consent on reasonable notice. We will respond in accordance with the PDPA.

Transfer limitation

When transferring personal data outside Singapore, we take steps to ensure a comparable standard of protection as required by the PDPA.

Data Protection Officer

Our Data Protection Officer can be reached at privacy@sudarva.com. You may also contact the Personal Data Protection Commission (PDPC).

15. Annex — Other Asia-Pacific jurisdictions

APAC — general

Across other Asian and Asia-Pacific jurisdictions — including but not limited to Malaysia (PDPA 2010), Indonesia (PDP Law), Thailand (PDPA), the Philippines (Data Privacy Act), Japan (APPI), South Korea (PIPA), Hong Kong (PDPO), and others — we apply a consistent baseline of internationally recognised data-protection principles:

  • Lawfulness, fairness & transparency — we tell you what we collect and why.
  • Purpose limitation & data minimisation — we collect only what we need, for stated purposes.
  • Consent — obtained where required by local law, and withdrawable.
  • Access & correction — you can request access to and correction of your data.
  • Security & accountability — we protect data and remain accountable for it.
  • Cross-border safeguards — applied where local law regulates international transfers.

Where a local law grants you stronger rights than this policy, those local rights apply. Contact us to exercise any right available to you under your local law.

16. Contact & grievances

For any privacy question, request or complaint, contact:

  • Privacy / Data Protection / Grievance Officerprivacy@sudarva.com
  • Postal — Rigene Ventures Pvt. Ltd., Ernakulam, Kerala, India (full registered address to be inserted).

We acknowledge requests promptly and respond within the period required by the applicable law in your jurisdiction. If you are not satisfied with our response, you may contact your local data protection authority.

17. Changes to this policy

We may update this policy from time to time. The "last updated" date and version above reflect the current version. Material changes will be highlighted on this page.