Privacy Policy

Akku Cybersecurity Solutions Pvt. Ltd.

Effective Date: 20 November 2025

I. Introduction

This Privacy Policy describes how Akku Cybersecurity Solutions Pvt. Ltd. (“Akku”, “we”, “our”, or “us”) collects, uses, shares, and protects personal data when you visit our websites, interact with us, or use our products and services.

Akku is committed to safeguarding personal data and handling it responsibly. This Privacy Policy also outlines your rights and choices under applicable privacy laws.

This Privacy Policy applies to:

  • Visitors to our websites (e.g., www.akku.work)
  • Prospective and existing customers, partners, and users
  • Individuals who interact with our sales, support, or marketing teams
  • Administrators and users provisioned into the Akku platform
  • Job applicants and candidates

This Privacy Policy does not cover personal data that we process strictly on behalf of our customers within their own systems; in such cases, the customer’s privacy policy governs.

II. Akku's Role in Processing Personal Data

A. When Akku Acts as a Controller

Akku acts as a controller (or equivalent, such as a data fiduciary) when we determine the purposes and means of processing personal data, including when:

  • You visit our websites
  • You request information or communicate with us
  • We send service or marketing communications
  • You participate in demos, webinars, or events
  • You apply for jobs at Akku

B. When Akku Acts as a Processor / Service Provider

Akku acts as a processor when processing personal data on behalf of customers using the Akku platform, which includes capabilities such as:

  • Identity and Access Management
  • User Lifecycle Management
  • Identity Governance
  • Privileged Access Management
  • Access policy enforcement
  • Device and OS policy enforcement
  • Mobile device management
  • Logging, monitoring, and audit functions

In these cases, customers act as the controllers of end-user personal data and determine how it is processed. End users who wish to exercise rights should contact their organization directly. Akku will assist customers in responding to such requests as required.

III. Personal Data We Collect

A. Information Provide

This includes:

  • Name, business email, phone number
  • Company name, job title, and professional details
  • Login/account details (for administrative access)
  • Communications through email, chat, phone, or support tickets
  • Information provided via forms, demo requests, or event registrations
  • Billing and payment details (for paying customers)
  • Job application data (resume, education, employment history, etc.)

B. Information We Collected Automatically

When you visit our websites or interact with our services, we may automatically collect:

  • IP address and approximate location
  • Browser type, operating system, device identifiers
  • Page views, links clicked, and usage paths
  • Error logs, diagnostic data, and performance information
  • Cookies, web beacons, and similar technologies

C. Information Collected Through the Akku Platform

When customers use the Akku platform, we may generate and process operational and security data, such as:

  • Authentication and MFA events
  • Session and access metadata
  • Provisioning/deprovisioning events
  • Access review decisions
  • Privileged access metadata and session logs
  • Policy enforcement events related to access controls or device restrictions
  • MDM and OS-level policy compliance metadata
  • Security anomalies and audit logs

Where this data relates to customer end-users, Akku acts as processor; where it relates to customers’ administrative accounts or direct interactions with Akku, we may act as controller.

D. Information from Third-Party Sources

We may receive personal data from:

  • Resellers or implementation partners
  • Event organizers and marketing partners
  • Public databases and professional networking sites
  • Business contact data providers

We may combine this data with other information we hold where lawful and appropriate.

IV. How We Use Personal Data

Akku uses personal data for the following purposes:

1. To provide and operate our products and services

  • Create and manage customer accounts
  • Deliver product features and functionality
  • Provide support and troubleshoot issues
  • Enforce security controls and access policies

2. To secure the platform

  • Detect and prevent unauthorized access
  • Monitor for suspicious activity
  • Maintain logs and audit trails
  • Conduct incident response and investigations

3. To communicate with you

  • Respond to inquiries
  • Send service-related notices and alerts
  • Send optional marketing communications (with opt-out option)

4. To improve the platform and website

  • Analyze product usage
  • Enhance performance, usability, and reliability
  • Develop new features

5. To operate and manage our business

  • Billing and account administration
  • Sales, marketing, and customer success functions
  • Recruitment and hiring

6. To comply with laws and regulations

  • Respond to legal requests
  • Maintain compliance records
  • Enforce agreements and protect our rights

V. How We Share Personal Data

Akku does not sell personal data. We may share personal data with:

A. Service Providers and Sub-Processors

These include:

  • Cloud hosting and infrastructure providers
  • Email and communication platforms
  • CRM and support systems
  • Security monitoring and analytics providers
  • Payment processors
  • Professional advisers (legal, audit, finance)

They may process personal data only on our behalf and under contractual confidentiality obligations.

B. Partners and Resellers

We may share business contact data with authorized partners to:

  • Deliver joint solutions
  • Support customer deployments
  • Fulfill contractual obligations
  • Conduct co-marketing activities (where permitted)

C. Legal and Regulatory Disclosures

We may disclose personal data:

  • To comply with laws, regulations, or legal processes
  • To protect the safety, security, or rights of Akku or others
  • In connection with mergers, acquisitions, financing, or corporate transactions

VI. International Data Transfers

Akku may process and store personal data in India or other countries where we or our service providers operate. Where required, we implement safeguards such as:

  • Standard Contractual Clauses (SCCs)
  • Contractual protections aligned with applicable laws
  • Encryption and access controls
  • Regional hosting options where available

VII. Security

We maintain administrative, technical, and organizational safeguards to protect personal data, including:

  • Encryption in transit and at rest
  • Multi-factor authentication
  • Role-based access controls
  • Network security measures
  • Monitoring and alerting
  • Secure software development lifecycle
  • Incident detection and response
  • Regular assessments and reviews

While no system can be guaranteed 100% secure, we continually improve our security posture.

VIII. Data Retention

We retain personal data only for as long as needed to:

  • Provide the services
  • Fulfill purposes described in this policy
  • Meet legal, regulatory, and audit requirements
  • Resolve disputes and enforce agreements

When no longer required, data is deleted or anonymized in accordance with our retention policies.

IX. Your Rights and Choices

Depending on your jurisdiction, you may have rights to:

  • Access personal data we hold about you
  • Request correction or deletion
  • Restrict or object to certain processing
  • Withdraw consent (where processing is based on consent)
  • Request data portability
  • Opt out of marketing communications
  • Lodge a complaint with a supervisory authority

To exercise these rights, contact us at privacy@akku.work. We may need to verify your identity before fulfilling your request. If we process your data on behalf of a customer, we will direct you to contact the customer and assist them as required.

X. Children’s Privacy

Our websites, products, and services are not intended for children under the age of 16, and we do not knowingly collect personal data from children.

XI. Jurisdiction-Specific Notices

Certain privacy laws require additional disclosures.

A. EEA/UK GDPR

If you are located in the EEA or UK, you have additional rights under GDPR/UK-GDPR, including the right to lodge a complaint with your local supervisory authority. Where we transfer personal data outside the EEA/UK, we rely on approved transfer mechanisms such as SCCs.

B. India – Digital Personal Data Protection Act (DPDPA)

Indian residents have rights under DPDPA to access, correct, update, erase their personal data, and raise grievances. Akku acts as a Data Fiduciary for its own processing and as a Data Processor for customer data. You can write to privacy@akku.work for data or grievance requests.

C. California Residents – CCPA/CPRA

California residents have rights under CCPA/CPRA to:

  • Know what personal data is collected
  • Request correction or deletion
  • Know what personal data is disclosed
  • Opt out of “selling” or “sharing” personal data (Akku does not sell personal data)
  • Be free from discrimination for exercising privacy rights

Requests can be made to privacy@akku.work.

D. Other Regions

Akku complies with privacy laws in the jurisdictions where we operate. Where a law requires additional jurisdiction-specific disclosures, we will provide them through updated or supplemental notices.

XII. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, contact us at:

Akku Cybersecurity Solutions Pvt. Ltd.
Address: No.61, Chamiers House, Chamiers Road, Raja Annamalai Puram, Chennai, Tamil Nadu, India - 600 028.