Privacy Policy
Effective 5 July 2026 · Last updated 5 July 2026 · Applies to www.thynkwise.ai
This Privacy Policy explains how ThynkWISE.ai handles personal data on this website, including interactions with our AI features. For any privacy request, contact us at azra@thynkwise.co.in.
This Privacy Policy is issued by ThynkWISE.ai (ThynkWISE Advisors Private Limited) (“ThynkWISE.ai”, “we”, “us” or “our”), which operates the website at https://www.thynkwise.ai (the “Site”) and provides the Business Acceleration Platform and related Cloud, AI, Automation and Digital Transformation services (the “Services”). It describes the personal data we collect, why and how we process it, who we share it with, how long we keep it, how we protect it, and the rights available to you under applicable law — including India’s Digital Personal Data Protection Act, 2023 (“DPDP Act”) and, where applicable, the EU/UK General Data Protection Regulation (“GDPR”).
This policy governs personal data we handle as a data fiduciary/controller through the Site. Where we process personal data on behalf of a client under a services agreement, we act as a data processor and that agreement (not this policy) governs.
1. Information we collect
Information you provide
When you contact us, book a consultation, request a demo, take an assessment, use a calculator, apply for a role, or download a resource, we collect the details you submit — typically your name, work email, phone number, company, role/designation and the content of your message or enquiry.
Business information
You may share business context — company size, industry, systems, budgets, objectives or other operational details — so we can respond meaningfully. Please do not include special-category or highly sensitive personal data in these fields.
Information collected automatically
As you use the Site, we and our analytics providers collect standard technical data such as IP address, approximate location, device and browser type, operating system, pages viewed, referring URLs, and on-site interactions, using cookies and similar technologies (see our Cookie Policy).
AI interaction data
If you use an interactive avatar or chat demo, we and our AI providers process the messages, prompts and any content you submit during that session (see section 5).
2. How we use your information
- To respond to enquiries and provide the information, materials, demos or Services you request.
- To operate, maintain, secure, personalise and improve the Site and Services.
- To send administrative messages and, where you have opted in, relevant marketing (you can opt out at any time).
- To understand usage through analytics and improve performance and content.
- To detect, prevent and address fraud, abuse, security and technical issues.
- To comply with legal obligations and establish, exercise or defend legal claims.
3. Consent & lawful basis
Where the law requires it, we rely on one or more of the following bases to process personal data:
| Purpose | Lawful basis (GDPR) / basis under the DPDP Act |
|---|---|
| Responding to your enquiry / providing a demo | Consent; steps at your request prior to a contract |
| Providing and administering the Services | Performance of a contract |
| Analytics, security and product improvement | Legitimate interests; consent for non-essential cookies |
| Marketing communications | Consent (withdrawable at any time) |
| Legal, tax and regulatory compliance | Legal obligation |
Under the DPDP Act we process your personal data with your consent or for a legitimate use permitted by the Act. You may withdraw consent at any time (see section 9); doing so does not affect processing already carried out.
4. Cookies & analytics
We use cookies and similar technologies (including tag-management and analytics tools such as Google Tag Manager and Google Analytics) to run the Site, remember preferences, and understand usage. Non-essential cookies are used in line with your choices. Full details, categories and controls are in our Cookie Policy.
5. AI services & interactions
Some features — including our interactive avatars and chat demos — are powered by artificial intelligence and by third-party AI and avatar technology providers. When you use them:
- Inputs are processed to generate responses. The messages, prompts and any content you submit are sent to our AI/avatar providers to produce a response.
- Conversation handling & storage. Interactions may be logged and temporarily stored by us and our providers to operate, secure, troubleshoot and improve the feature.
- Limited human review. Authorised personnel may review interactions for quality, safety, abuse-prevention and support purposes.
- Model and service providers. AI/avatar processing is carried out by third-party providers (including our interactive avatar provider, currently HeyGen, Inc.) under their own terms and safeguards.
- Your responsibility. Do not submit sensitive, confidential, regulated or third-party personal information into any AI demo, prompt or uploaded document. You are responsible for having the right to share anything you input.
- AI limitations. AI outputs are generated automatically, may be inaccurate or incomplete, and are not professional, legal, financial or medical advice. Verify outputs before relying on them.
6. Marketing communications
Where you have opted in, we may send you insights, event invitations and updates. Every marketing message includes an unsubscribe option, and you can opt out at any time by contacting us. Service and transactional messages are not marketing and may still be sent where necessary.
7. How we share information & sub-processors
We do not sell your personal data. We share it only:
- With service providers (sub-processors) who process data on our behalf under appropriate contractual and security safeguards, including categories such as: cloud hosting and content delivery (e.g., Vercel, Cloudflare); analytics and tag management (e.g., Google); interactive AI avatar streaming (e.g., HeyGen); content management, media storage and email/communications delivery.
- Where required by law, regulation, legal process or an enforceable governmental request.
- To establish, exercise or defend legal rights, or to protect the rights, safety and property of any person.
- In connection with a merger, acquisition, financing or reorganisation, subject to this policy.
Our current list of sub-processors is available on request.
8. International data transfers
We are based in Pune, India, and work with global clients and providers, so your personal data may be processed in countries other than your own. Where such transfers occur, we apply appropriate safeguards — such as standard contractual clauses or equivalent measures — and transfer data consistent with the DPDP Act and, where applicable, the GDPR.
9. Data retention
We keep personal data only for as long as necessary for the purposes described in this policy — typically for the duration of our relationship and a reasonable period afterwards — or as required to comply with legal, tax and regulatory obligations, resolve disputes and enforce agreements. When no longer required, data is deleted or anonymised.
10. Security
We maintain administrative, technical and organisational safeguards aligned to ISO/IEC 27001:2022 (Information Security) and ISO/IEC 42001:2023 (AI Management) to protect personal data against unauthorised access, alteration, disclosure or destruction. No method of transmission or storage is completely secure, so we cannot guarantee absolute security. If a personal-data breach affecting you occurs, we will notify you and the relevant authority where required by law.
11. Your rights
Subject to applicable law, you may:
- Access the personal data we hold about you and request a summary of processing.
- Request correction, completion or updating of inaccurate or incomplete data.
- Request erasure/deletion of your personal data.
- Withdraw consent at any time, where processing is based on consent.
- Object to or request restriction of certain processing, and request data portability (GDPR).
- Nominate another person to exercise your rights in the event of death or incapacity (DPDP Act).
- Not be subject to unlawful solely-automated decisions producing legal or similarly significant effects (GDPR).
To exercise any right, contact us at azra@thynkwise.co.in. We may need to verify your identity and will respond within the timeframes required by law.
12. Grievance redressal & complaints
If you have a concern about how we handle your personal data, please contact our Grievance Officer:
Grievance Officer: Azra Ashraf
Email: azra@thynkwise.co.in
Address: S.No. 17/10/1/57, F.No. A-406, Star Gaze, Lohgaon, Dhanori, Pune, Maharashtra 411015, India
If your concern is not resolved, you may have the right to complain to the Data Protection Board of India under the DPDP Act or, in the EEA/UK, to your local data protection supervisory authority.
13. Children’s data
The Site and Services are intended for businesses and professionals and are not directed to children. We do not knowingly collect personal data from children, and consistent with the DPDP Act we do not knowingly undertake tracking, behavioural monitoring or targeted advertising directed at children.
14. Third-party links
The Site links to independent ThynkWISE group properties and third-party sites. We are not responsible for their content or privacy practices; please review their policies separately.
15. Changes to this policy
We may update this Privacy Policy from time to time. Material changes will be reflected by updating the “Last updated” date above and, where appropriate, by a notice on the Site.
16. Contact us
For any privacy question or request, contact us at azra@thynkwise.co.in, on WhatsApp at +91 97630 08800, or via our contact page. Postal: ThynkWISE Advisors Private Limited, S.No. 17/10/1/57, F.No. A-406, Star Gaze, Lohgaon, Dhanori, Pune, Maharashtra 411015, India.