Effective Date: 10 January 2025

 

This Privacy Policy governs the collection, use, storage, disclosure, and protection of information across CONVIO Meetings, CONVIO Cloud, and the convio.in website (collectively referred to as “CONVIO”, “we”, “our”, or “us”). CONVIO is built with a privacy‑first, security‑by‑design approach. We collect the minimum data required to deliver our services and do not monetize user data.

 


1. Scope & Legal Basis

 

This Privacy Policy is issued in accordance with:

  • The Information Technology Act, 2000 and Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (India)

  • Applicable provisions of the Digital Personal Data Protection Act, 2023 (DPDP Act)

  • The General Data Protection Regulation (EU) 2016/679 (GDPR) where applicable

 

This policy applies to:

  • CONVIO Meetings (Video conferencing, Chat, Recordings)

  • CONVIO Cloud (File Storage, Collaboration, Productivity Tools)

  • The convio.in and all Subdomains, Portals, and applications operated by CONVIO

 

By accessing or using CONVIO services, you provide free, specific, informed, and unambiguous consent to the processing of your personal data as described herein.

 


2. Core Privacy Principles


  • Data Minimization: We collect only what is strictly necessary.

  • User Ownership: Your data belongs to you.

  • No Data Selling: We do not sell, rent, or trade personal data.

  • No Ads, No Tracking: No advertising trackers or third‑party profiling.

  • Transparency & Control: Clear policies and user‑controlled data actions.

 


3. Information We Collect


3.1 Account Information

  • Name (optional where applicable)

  • E-Mail Address

  • Organization Name (if using business services)

  • GSTIN (INDIA Only) and Billing Address

  • Authentication Credentials (Securely Hashed)

 

3.2 Usage & Technical Data (Limited)

  • IP address (for security, fraud prevention, and regional compliance)

  • Device and browser type (non‑identifying)

  • Login timestamps and activity logs (for audit and security only)

 

3.3 CONVIO Meetings Data

  • Meeting Metadata (Meeting ID, Time, Participants)

  • Chat messages and shared files only within your meetings and Cloud

  • Meeting Recordings and its Link only if explicitly enabled by the user

 

3.4 CONVIO Cloud Data

  • Files, Documents, Folders Uploaded by users

  • Collaboration data (comments, version history)


Important: CONVIO does not access, review, or analyze your content unless legally required.

 


4. What We Do NOT Collect


  • No biometric data

  • No behavioral profiling

  • No advertising identifiers

  • No contact scraping

  • No microphone or camera access outside active meetings

 


5. Lawful Purpose & Use of Information

 

We process personal data strictly on one or more of the following lawful bases:

  • Performance of a contract (to deliver CONVIO services)

  • Compliance with legal obligations

  • Legitimate interests (security, fraud prevention, service reliability)

  • User consent, where explicitly obtained

 

Personal data is used only for:

  • Providing, operating, and maintaining CONVIO services

  • Identity verification, authentication, and access control

  • Security monitoring, audit logging, and abuse prevention

  • Service continuity, backups, and disaster recovery

  • Compliance with applicable laws and lawful government requests

 

CONVIO does not engage in automated decision-making or profiling that produces legal or significant effects on users.

 


6. Data Storage & Security


  • Data is stored on secure, access‑controlled servers

  • Encryption in transit (TLS) and at rest (where applicable)

  • Role‑based access controls (RBAC)

  • Regular security audits and system monitoring

 

Despite best practices, no system is 100% secure. Users are responsible for safeguarding their login credentials.

 


7. Data Location, Cross-Border Transfer & Jurisdiction


Personal data may be stored or processed in India or other jurisdictions where CONVIO or its infrastructure partners operate.


Where cross-border transfer occurs:

  • Appropriate contractual and technical safeguards are implemented

  • Transfers comply with the IT Act, DPDP Act, and GDPR requirements (including standard contractual clauses where applicable)

 

By using CONVIO services, users expressly consent to such cross-border data transfers.

 


8. Data Sharing & Disclosure

 

We do not share your data except in the following limited cases:

  • With trusted infrastructure providers strictly for service operation

  • When required by law, court order, or government authority

  • To protect CONVIO, users, or the public from harm or illegal activity

 

All third‑party providers are bound by strict confidentiality and data protection obligations.

 


9. Cookies & Website Data (convio.in)


  • Essential cookies only (session, security, preferences)

  • No third‑party advertising cookies

  • No cross‑site tracking

 

Users may disable cookies, but some features may not function correctly.

 


10. Data Retention


  • Account data is retained while your account is active

  • Meeting recordings and cloud files remain until deleted by the user in CONVIO Cloud or In Case of direct Recording Link, it will be automatically deleted after 48 Hours from the time of Creation.

  • Logs are retained for a limited period for security and compliance

 

Upon account termination, data is permanently deleted within a reasonable timeframe unless legally required to retain it.

 


11. Data Principal / Data Subject Rights

 

Subject to applicable law, users (“Data Principals” / “Data Subjects”) have the right to:

  • Confirm whether personal data is being processed

  • Access and obtain a copy of their personal data

  • Correct, update, or rectify inaccurate or incomplete data

  • Withdraw consent at any time (without affecting prior lawful processing)

  • Request erasure of personal data, subject to legal retention obligations

  • Data portability, where technically feasible

 

Requests must be submitted through official CONVIO support channels. Identity verification may be required before fulfilling requests.

 


12. Children’s Privacy

 

CONVIO services are not intended for children under 13 years of age. We do not knowingly collect data from minors.

 


13. Policy Violations & Misuse

 

Any attempt to misuse CONVIO services, breach security, or violate privacy may result in:

  • Immediate account suspension or termination

  • Data access restriction

  • Legal action where applicable

 


14. Policy Updates & Enforcement

 

CONVIO reserves the right to amend this Privacy Policy at any time to reflect legal, regulatory, or operational changes.


Material changes will be published on convio.in. Continued access or use of CONVIO services after such updates constitutes explicit acceptance of the revised policy.


This Privacy Policy is legally binding and enforceable.

 


15. Grievance Officer & Contact Information

 

In accordance with the Information Technology Act, 2000, SPDI Rules, 2011, and the Digital Personal Data Protection Act, 2023, CONVIO has appointed a Grievance Officer to address data protection, privacy, and security-related concerns.

 

Grievance Officer:

  • Designation: Grievance Officer – Data Protection & Privacy

  • Organization: CONVIO

  • Contact Method: Via the official contact and support channels listed on convio.in

 

Users may submit complaints or grievances relating to:

  • Processing of personal data

  • Data security or confidentiality concerns

  • Unauthorized access or misuse of data

  • Exercise of data principal / data subject rights

 

All grievances will be acknowledged and addressed within the timelines prescribed under applicable Indian law. Identity verification may be required prior to resolution.

 

 

CONVIO is committed to lawful, transparent, and accountable handling of personal data.