ServerSage CloudTech Pvt. Ltd.

Privacy Policy

Version 1.0 · Effective 02 July 2026

1. INTRODUCTION

ServerSage CloudTech Pvt. Ltd. ("ServerSage", "Company", "we", "our", or "us") is committed to protecting the privacy and security of the personal and business information entrusted to us by our customers, resellers, partners, vendors, visitors, and users of our services.

This Privacy Policy explains how we collect, use, process, store, disclose, transfer, retain, and protect information when you use our website, customer portal, reseller portal, cloud infrastructure, hosting services, managed IT services, business applications, or communicate with us.

This Policy has been prepared in accordance with applicable laws of India including, where applicable:

  • Information Technology Act, 2000
  • Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011
  • Digital Personal Data Protection Act, 2023 (DPDP Act)
  • CERT-In Directions
  • Applicable RBI and Payment Aggregator requirements
  • Other applicable laws and regulations.

2. OUR COMPANY DETAILS

Company Name

ServerSage CloudTech Pvt. Ltd.

Registered Office

  • HD-102, 13th Floor
  • WeWerk 247 Park
  • Lal Bahadur Shastri Road
  • Gandhi Nagar
  • Vikhroli West
  • Mumbai – 400079
  • Maharashtra
  • India

CIN

U62011MH2023PTC414675

GSTIN

  • 27ABMCS2111C1ZQ
  • Support Email
  • support@serversage.com
  • Privacy Officer
  • privacy@serversage.com
  • Legal
  • legal@serversage.com
  • Website
  • https://www.serversage.com

3. SCOPE OF THIS POLICY

This Privacy Policy applies to:

  • Visitors to our website
  • Customers
  • Resellers
  • Partners
  • Vendors
  • Job applicants
  • Authorized Users
  • Employees using customer portals
  • Individuals contacting our support team
  • Individuals participating in sales discussions
  • Individuals completing KYC or eKYC verification

This Policy applies whether information is collected through:

  • Website
  • Customer Portal
  • Support Portal
  • Mobile devices
  • Email
  • Telephone
  • WhatsApp
  • Live Chat
  • Sales Meetings
  • Support Tickets
  • API Integrations
  • Payment Gateways

4. SERVICES COVERED

This Privacy Policy applies to all ServerSage services including but not limited to:

  • Cloud Hosting
  • VPS Hosting
  • Windows VPS
  • Linux VPS
  • Dedicated Servers
  • Bare Metal Servers
  • GPU Servers
  • Tally on Cloud
  • Cloud Backup
  • Disaster Recovery
  • Business Email Hosting
  • Microsoft 365
  • Google Workspace
  • SSL Certificates
  • Domain Registration
  • Managed Services
  • Infrastructure Monitoring
  • Professional Services
  • Migration Services
  • Remote Desktop Hosting
  • File Sharing Services
  • Colocation Services
  • Network Services

5. INFORMATION WE COLLECT

Depending upon the services you use, we may collect the following categories of information.

Personal Information

  • Full Name
  • Company Name
  • Designation
  • Email Address
  • Mobile Number
  • Office Telephone
  • Billing Address
  • Shipping Address
  • Country
  • State
  • City
  • Postal Code

Business Information

  • GST Number
  • Company Registration Number
  • CIN
  • PAN
  • Authorized Signatory
  • Purchase Orders
  • Billing Contacts
  • Technical Contacts

Technical Information

  • IP Address
  • Browser Type
  • Device Type
  • Operating System
  • Login History
  • User Activity
  • Server Logs
  • Firewall Logs
  • Authentication Logs
  • API Requests
  • Error Logs

Payment Information

When making payments we may collect

  • Invoice Number
  • Transaction ID
  • Payment Status
  • Bank Reference
  • Payment Gateway Reference
  • UPI Transaction Reference

We do not intentionally store:

  • Credit Card Numbers
  • Debit Card Numbers
  • CVV
  • UPI PIN
  • Internet Banking Passwords

Such information is processed directly by RBI-compliant payment service providers.

6. CUSTOMER KYC & eKYC

To protect our infrastructure and comply with legal, contractual, anti-fraud, cybersecurity and regulatory requirements, ServerSage may require Know Your Customer (KYC) or electronic Know Your Customer (eKYC) verification before activating, renewing or continuing certain services.

Depending on the type of customer and services requested, we may collect and verify one or more of the following:

  • Permanent Account Number (PAN)
  • Aadhaar verification through legally permitted and authorized verification mechanisms
  • GSTIN
  • Certificate of Incorporation
  • Partnership Deed
  • LLP Registration Certificate
  • Trust Registration
  • Government-issued identity documents
  • Address proof
  • Authorized signatory details
  • Board Resolution or Authorization Letter (where applicable)

Identity verification information is collected solely for legitimate business purposes such as fraud prevention, account security, contractual compliance, customer identification, service eligibility and compliance with applicable laws.

Where Aadhaar-based verification is used, it will be performed only through legally authorized methods and with the customer's consent where required by law. ServerSage does not require customers to send full Aadhaar details over unsecured communication channels such as ordinary email or chat.

ServerSage reserves the right to request additional verification information where necessary and may delay, suspend or refuse activation of services if identity cannot be satisfactorily verified or if submitted information appears inaccurate, incomplete or fraudulent.

7. HOW WE COLLECT INFORMATION

ServerSage may collect information directly from you, automatically through your use of our services, or from trusted third-party sources where permitted by law.

7.1 Information You Provide

Information may be collected when you:

  • Register an account
  • Request a quotation
  • Purchase a service
  • Submit KYC documentation
  • Open a support ticket
  • Contact our sales team
  • Participate in surveys
  • Subscribe to newsletters
  • Apply for reseller programs
  • Attend webinars or events
  • Request technical assistance

7.2 Automatically Collected Information

When you access our website or services, we may automatically collect:

  • Browser information
  • Device identifiers
  • Operating system
  • Language preferences
  • Session identifiers
  • IP addresses
  • Login timestamps
  • Authentication events
  • User activity logs
  • Diagnostic information
  • Performance metrics
  • Security logs

7.3 Third-Party Sources

We may receive information from:

  • Payment gateway providers
  • Credit verification agencies (where applicable)
  • Government databases where legally permitted
  • Fraud prevention partners
  • Domain registrars
  • Identity verification service providers
  • Business verification services
  • Publicly available company records

8. PURPOSE OF COLLECTING INFORMATION

ServerSage collects personal and business information only for legitimate business purposes.

These include:

Account Creation

  • Creating customer accounts
  • Managing subscriptions
  • Maintaining reseller accounts
  • Managing administrative users

Service Delivery

  • Provisioning cloud infrastructure
  • Deploying VPS
  • Configuring Dedicated Servers
  • Providing Managed Services
  • Activating Backup Services
  • Email hosting setup
  • Microsoft 365 provisioning
  • Google Workspace provisioning

Billing

  • Invoice generation
  • GST compliance
  • Payment reconciliation
  • Subscription renewals
  • Credit notes
  • Refund processing

Technical Support

  • Resolving support requests
  • Monitoring service health
  • Investigating incidents
  • Remote troubleshooting
  • Security investigations

Security

  • Preventing fraud
  • Preventing identity theft
  • Detecting suspicious activities
  • Detecting unauthorized access
  • Detecting malware
  • Detecting abuse
  • Protecting customer infrastructure

Legal Compliance

  • Tax compliance
  • Regulatory compliance
  • Court orders
  • Law enforcement requests
  • CERT-In obligations (where applicable)
  • Contractual obligations

9. LEGAL BASIS FOR PROCESSING

Where required by applicable law, ServerSage processes personal information on one or more of the following legal bases:

  • Customer consent
  • Performance of a contract
  • Compliance with legal obligations
  • Protection of legitimate business interests
  • Fraud prevention
  • Security monitoring
  • Establishment, exercise, or defence of legal claims

10. PAYMENT PROCESSING

Payments made to ServerSage may be processed through authorized payment service providers including payment gateways, banks, and financial institutions.

Payment processing may involve:

  • Credit Cards
  • Debit Cards
  • UPI
  • Net Banking
  • NEFT
  • RTGS
  • IMPS
  • International Cards
  • SWIFT Transfers (where applicable)

Payment information is processed securely by the respective payment service provider. ServerSage does not knowingly store sensitive authentication data such as CVV, card PINs, UPI PINs, or Internet Banking passwords.

Payment providers may independently collect and process information in accordance with their own privacy policies.

11. COOKIES

ServerSage uses cookies and similar technologies to improve website functionality and user experience.

Cookies help us:

  • Remember login sessions
  • Maintain user preferences
  • Improve website performance
  • Analyse website traffic
  • Enhance security
  • Prevent fraudulent access
  • Measure marketing effectiveness

Cookies do not generally identify individuals directly but may be associated with user accounts when necessary to provide services.

Users may control cookie settings through their browser preferences. Disabling cookies may affect certain website features.

12. WEBSITE ANALYTICS

We may use analytics tools to understand how visitors interact with our website.

Analytics information may include:

  • Pages visited
  • Time spent on pages
  • Device information
  • Browser type
  • Country
  • Referral source
  • Navigation patterns
  • Website performance

Analytics data is primarily used to improve our website, products, documentation, and customer experience.

13. EMAIL COMMUNICATIONS

ServerSage may send emails relating to:

  • Service activation
  • Invoice generation
  • Payment reminders
  • Renewal notices
  • Security alerts
  • Incident notifications
  • Maintenance notifications
  • Support updates
  • Product announcements
  • Policy updates

Customers may unsubscribe from promotional communications where legally permitted. However, operational, billing, legal, and security communications may continue as they are necessary for providing the Services.

14. CUSTOMER SUPPORT RECORDS

When you contact our support team, we may record and retain information including:

  • Support tickets
  • Email correspondence
  • Live chat transcripts
  • Telephone call details (where applicable)
  • Remote support session logs
  • Diagnostic information
  • Screenshots provided by the customer
  • Files voluntarily uploaded for troubleshooting

This information helps us resolve issues, improve support quality, maintain audit trails, and ensure service continuity.

15. SERVER LOGS

To maintain the security, availability, and integrity of our infrastructure, ServerSage may collect and retain operational logs generated by our systems.

These logs may include:

  • Authentication logs
  • System logs
  • Firewall logs
  • VPN logs
  • Web server logs
  • Mail server logs
  • API access logs
  • Database access logs
  • Security event logs
  • Infrastructure monitoring logs

Operational logs are used for system administration, performance monitoring, troubleshooting, incident response, fraud prevention, and compliance with applicable legal obligations.

16. INFORMATION SHARING AND DISCLOSURE

ServerSage values customer trust and does not sell or rent personal information to third parties for their independent marketing purposes.

We may disclose or share information only in the circumstances described below.

16.1 Service Providers

We may share information with carefully selected service providers who assist us in delivering our services, including:

  • Payment Gateway Providers
  • Banking Partners
  • Identity Verification Providers
  • Cloud Infrastructure Providers
  • Domain Registrars
  • SSL Certificate Authorities
  • Email Delivery Providers
  • SMS Service Providers
  • Customer Support Platforms
  • Monitoring Platforms
  • Security Service Providers
  • Accounting and Auditing Firms

Such service providers are contractually required to protect the confidentiality and security of customer information and may use it only for the purposes for which it has been shared.

16.2 Legal Requirements

We may disclose customer information where required by:

  • Applicable laws
  • Court Orders
  • Government Authorities
  • Law Enforcement Agencies
  • Regulatory Authorities
  • CERT-In Directions
  • Tax Authorities
  • Financial Regulators

ServerSage will only disclose information that is reasonably necessary to comply with such legal obligations.

16.3 Business Transfers

If ServerSage undergoes:

  • Merger
  • Acquisition
  • Corporate Restructuring
  • Business Transfer
  • Asset Sale
  • Insolvency Proceedings

customer information may be transferred to the successor organization subject to appropriate confidentiality and security obligations.

16.4 Protection of Rights

We may disclose information where necessary to:

  • Protect customer accounts
  • Prevent fraud
  • Investigate abuse
  • Enforce agreements
  • Protect intellectual property
  • Respond to cyber incidents
  • Defend legal claims
  • Protect public safety

17. DATA RETENTION

ServerSage retains information only for as long as necessary to fulfil the purposes described in this Policy or to comply with applicable legal, contractual, accounting, taxation, security, and regulatory requirements.

Typical retention periods may include:

Information Type

Typical Retention

  • Customer Account Information
  • Duration of relationship + legal retention period
  • Billing Records
  • As required under applicable tax laws
  • GST Records
  • As required under GST regulations
  • Support Tickets
  • Up to 7 years
  • Server Logs
  • Based on operational and security requirements
  • Security Logs
  • As required for security monitoring
  • KYC Documents
  • As required by law or business necessity
  • Contracts
  • During contract term and applicable limitation periods

Retention periods may be extended where required by legal proceedings, investigations, audits, or regulatory directions.

18. DATA SECURITY

Protecting customer information is a core responsibility of ServerSage.

We implement commercially reasonable administrative, technical, and physical safeguards designed to protect information from unauthorized access, disclosure, alteration, destruction, or misuse.

Our security measures may include:

  • Role-Based Access Control (RBAC)
  • Multi-Factor Authentication (MFA)
  • Strong Password Policies
  • Encryption of sensitive data where appropriate
  • Secure Data Centres
  • Firewalls
  • Intrusion Detection and Prevention Systems
  • Endpoint Protection
  • Anti-Malware Solutions
  • Continuous Infrastructure Monitoring
  • Security Event Logging
  • Backup and Disaster Recovery
  • Vulnerability Management
  • Patch Management
  • Secure Development Practices
  • Employee Confidentiality Obligations

Although we strive to maintain industry-standard security practices, no system connected to the Internet can be guaranteed to be completely secure.

Customers are encouraged to implement appropriate security controls within their own environments.

19. CUSTOMER RESPONSIBILITIES

Customers are responsible for:

  • Protecting account credentials
  • Maintaining strong passwords
  • Enabling Multi-Factor Authentication where available
  • Keeping contact information up to date
  • Maintaining their own backups unless managed backup services have been purchased
  • Promptly reporting suspected unauthorized access
  • Ensuring authorized users comply with applicable policies
  • Protecting confidential information stored within their own systems

Failure to implement appropriate security practices may increase the risk of unauthorized access for which ServerSage may not be responsible.

20. CROSS-BORDER DATA TRANSFERS

Certain services offered by ServerSage may involve processing or storage of information outside India where customers choose infrastructure located in other jurisdictions or where trusted service providers operate internationally.

Where cross-border processing occurs, ServerSage will take reasonable measures to ensure that appropriate contractual, organizational, and technical safeguards are implemented consistent with applicable legal requirements.

21. CUSTOMER RIGHTS

Subject to applicable law, customers may request:

  • Access to their personal information
  • Correction of inaccurate information
  • Updating account details
  • Withdrawal of consent where processing is based on consent
  • Deletion of information where legally permissible
  • Restriction of processing in appropriate circumstances
  • Information regarding categories of personal data processed

Certain requests may be declined where ServerSage is legally required to retain information or where doing so would adversely affect the rights of other individuals or the security of our services.

Requests may be submitted to:

privacy@serversage.com

22. THIRD-PARTY WEBSITES

Our website may contain links to websites operated by third parties.

ServerSage is not responsible for the privacy practices, security measures, or content of such external websites.

Customers are encouraged to review the privacy policies of third-party websites before providing personal information.

23. CHILDREN'S PRIVACY

ServerSage services are intended primarily for businesses and individuals who are legally capable of entering into binding contracts.

We do not knowingly collect personal information directly from children without appropriate legal authorization.

If we become aware that personal information has been collected from a child in violation of applicable law, reasonable steps will be taken to delete such information.

24. CHANGES TO THIS PRIVACY POLICY

ServerSage may revise this Privacy Policy periodically to reflect:

  • Changes in applicable law
  • New products and services
  • Security improvements
  • Business operations
  • Regulatory requirements
  • Customer feedback

Updated versions will be published on our website with a revised "Effective Date."

Continued use of the Services after publication of the revised Policy constitutes acceptance of the updated Privacy Policy.

25. CONTACT INFORMATION

For questions, requests, or concerns regarding this Privacy Policy or the processing of personal information, please contact:

Privacy OfficerServerSage CloudTech Pvt. Ltd.HD-102, 13th Floor, WeWerk 247 Park,Lal Bahadur Shastri Road, Gandhi Nagar,Vikhroli West, Mumbai – 400079, Maharashtra, India

Email: privacy@serversage.comLegal: legal@serversage.comSupport: support@serversage.com

Website: https://www.serversage.com

26. GOVERNING LAW

This Privacy Policy shall be governed by and construed in accordance with the laws of India.

Any disputes arising out of or relating to this Privacy Policy shall be subject to the exclusive jurisdiction of the competent courts located in Mumbai, Maharashtra, India, unless otherwise required by applicable law.