let's talk

Data Deletion Policy

Data Deletion Policy

Virrat Global Pvt. Ltd.
Last Updated: 10 October 2025

1. Purpose

This Data Deletion Policy explains how Virrat Global Pvt. Ltd. (“Virrat Global,” “we,” “us,” or “our”) manages the deletion of personal data collected through our website and related services. Our objective is to ensure that all personal data is deleted securely, lawfully, and in a manner that respects user privacy.

2. Scope

This policy applies to all personal data collected, processed, and stored by Virrat Global, including data gathered from clients, employees, vendors, partners, and visitors to our website (https://virratglobal.com). It covers both digital and physical records maintained by our organization and by third parties acting on our behalf.

3. Legal Basis

Virrat Global complies with applicable data protection and privacy laws in India, including the Information Technology Act, 2000, and the Digital Personal Data Protection Act, 2023 (if applicable). Where required, we also follow international data protection principles, such as those in the EU General Data Protection Regulation (GDPR).

4. Retention and Deletion Principles

Personal data is retained only for as long as necessary to fulfill the purpose for which it was collected, to meet legal or contractual obligations, or to support legitimate business needs. Once the retention period expires or the purpose is fulfilled, the data will be securely deleted or anonymized.

We retain data for the following general periods:

  • Contact and inquiry data is retained for up to one year from the date of last contact, unless a longer retention is required for business or legal reasons.
  • Client project data is retained for the duration of the project and a limited period thereafter (typically up to three years) to support after-service inquiries, audits, or legal compliance.
  • Employee and contractor data is retained for the period required by employment and tax laws.
  • Vendor and supplier records are retained as long as the relationship exists and for a short duration thereafter to meet contractual and audit requirements.
  • Marketing and newsletter data is retained until the individual unsubscribes or remains inactive for an extended period.
  • Job applicant data is retained for up to one year unless the applicant is hired, in which case their data becomes part of the employment record.
5. Data Deletion Procedure
  1. Request Submission: Individuals may request deletion of their personal data by emailing us at [insert official contact email, e.g., privacy@virratglobal.com].
  2. Verification: We will verify the requester’s identity to prevent unauthorized deletion.
  3. Assessment: We will evaluate whether deletion can proceed immediately or if retention is legally required.
  4. Execution: If eligible for deletion, data will be permanently removed from our systems and backups in a secure manner, ensuring that it cannot be recovered.
  5. Confirmation: We will confirm to the requester, within a reasonable time (typically within 30 days), that their data has been deleted or explain if it cannot yet be deleted due to legal obligations.
6. Exceptions to Deletion

Certain data may not be immediately deleted if:

  • It is required to be retained under applicable law, regulation, or contractual obligation.
  • It is needed for the establishment, exercise, or defense of legal claims.
  • It is part of ongoing investigations, audits, or dispute resolutions.
    In such cases, data may be securely archived until the retention requirement expires, after which it will be permanently deleted.
7. Secure Deletion Standards

Virrat Global uses industry-standard methods for secure data deletion. This includes:

  • Permanent removal from databases and file systems.
  • Overwriting or destruction of physical storage media where applicable.
  • Secure purging of archived and backup systems according to our retention schedules.
  • Limiting access to authorized personnel only.
  • Maintaining deletion logs for accountability purposes (without retaining deleted data).
8. Roles and Responsibilities
  • The Data Protection Officer (DPO) or designated privacy lead oversees compliance with this policy.
  • The IT and Security Teams are responsible for the technical execution of deletions.
  • All employees, contractors, and third-party processors must comply with this policy when handling personal data.
9. User Rights

Individuals have the right to:

  • Request deletion of their personal data, where legally permissible.
  • Request confirmation or evidence of deletion.
  • Receive an explanation if data cannot be deleted for legal or regulatory reasons.

To exercise these rights, please contact us at [insert email/contact link].

10. Policy Review and Updates

This policy will be reviewed annually or whenever there is a change in data protection law or internal practices that affects how we retain or delete data. Updated versions will be published on our website.

Home Home
About us About us
Services Services
Portfolio Portfolio
Careers Careers
Blogs Blogs
Contact us Contact us