Legal
Data Policy
Last Updated: March 11, 2026
1. Overview
SVB Tech Labs ("we," "us," or "our") is committed to maintaining the highest standards of data security and transparency. This Data Policy provides a technical and operational overview of how we handle data across our ecosystem, supplementing our Privacy Policy.
2. Data Security Architecture
We utilize modern, industry-leading infrastructure to ensure your data is protected:
- Encryption in Transit: All data transmitted to and from our services is encrypted using Transport Layer Security (TLS/SSL).
- Encryption at Rest: Core database and file storage are encrypted at rest using AES-256 or equivalent standards provided by our cloud partners (GCP, Supabase, Firebase).
- Managed Infrastructure: We focus on "Serverless" and "Managed" services to minimize the attack surface and ensure timely security patches at the infrastructure level.
- Least Privilege Access: Access to production environments and data is strictly limited to authorized personnel using Multi-Factor Authentication (MFA).
3. Data Retention and Deletion
- Active Data: We retain data as long as your account is active or as needed to provide you with our services.
- Archival and Logs: System logs and backups are retained for a period of up to 1 year for troubleshooting and regulatory compliance.
- Deletion Upon Request: When a user or business requests deletion, we follow a protocol to purge associated data from active databases within 30 days. Backups are aged out naturally.
4. Third-Party Data Sub-processors
To deliver our services effectively, we partner with the following sub-processors:
| Entity | Purpose | Region |
|---|---|---|
| Google Cloud Platform | Compute, Hosting | India / Global |
| Supabase / Vercel | Database, Web Hosting | Global |
| Clerk / Firebase | Authentication | Global |
| Razorpay / Stripe | Payments | India / Global |
5. Cookies and Tracking
We use cookies to maintain your session and improve site performance. We do not use third-party tracking pixels for behavioral advertising. We use privacy-focused analytics tools (like self-hosted or managed Plausible/Vercel Analytics) where possible.
6. Compliance
We monitor and aim for compliance with the Indian Digital Personal Data Protection (DPDP) Act and other global standards like GDPR where applicable, based on our user base.
7. Data Breach Response
In the event of a suspected data breach, we have an internal protocol to investigate, contain, and remediate the issue. Significant breaches involving personal data will be communicated to affected users and relevant authorities as required by law.
8. Contact Us
For data-related inquiries or deletion requests:
SVB Tech Labs — Data Protection Officer
Email: privacy@svbtechlabs.com