.

Introduction

Our Company and Products

Yashosys IT Solutions is an Indian-origin technology company established in 2015 as Yashaswiniam with a mission to empower marketing professionals, enterprises, and digital agencies through automation, intelligence, and innovation. Built by professionals for professionals, our platform enables seamless scalability, efficient communication, and next-level customer relationship management.

Our flagship offering — an AI-powered, all-in-one Sales, Marketing, and CRM Automation Platform — helps businesses achieve measurable success. We believe that when our customers grow, we grow. Hence, every feature, update, and integration is designed to align with evolving business needs while complying with Indian information security and data protection regulations.

We also provide complete white-label solutions, enabling agencies and digital entrepreneurs to rebrand and resell our tools under their own identity. Our approach ensures that businesses can scale securely, ethically, and compliantly.

Yashosys IT Solutions: Data Protection & Security Commitment

At Yashosys IT Solutions, data protection and cyber safety form the foundation of our business. We comply with the Information Technology Act, 2000, the IT (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and align our data handling with principles laid down under the Digital Personal Data Protection (DPDP) Act, 2023.

Our dedicated Security & Compliance Team ensures continuous alignment with these standards through proactive audits, encrypted infrastructure, and transparent privacy practices.

Our Security and Compliance Objectives

We have developed our security framework in accordance with national and international best practices for SaaS platforms, with the following key objectives:

Customer Trust and Protection – Deliver secure, privacy-first solutions that respect the confidentiality and integrity of user data.

Availability and Continuity – Maintain high uptime and service reliability through redundancy and disaster recovery measures.

Integrity of Information – Prevent unauthorized modification, deletion, or corruption of customer information.

Legal and Standards Compliance – Ensure adherence to the IT Act, DPDP Act, and other relevant Indian and international standards such as ISO 27001 and SOC 2.

Security Controls and Infrastructure

Hosting Infrastructure

Yashosys IT Solutions hosts its cloud infrastructure on Google Cloud Platform (GCP) and Amazon Web Services (AWS) — both of which are ISO 27001 and SOC 2 Type 2 certified. Data centers are located in compliance with cross-border transfer regulations under the DPDP Act. We rely on their independently audited physical and network security controls to ensure data resilience and service continuity.

Network and Access Control

All systems are protected by multi-layered firewalls, access control lists, and network-level intrusion detection systems.

Unauthorized access attempts are automatically blocked and logged.

All configuration changes undergo a formal change management and approval process.

Configuration & Patch Management

Automated configuration management ensures consistent security baselines across our infrastructure. Any drift or deviation is detected and corrected within defined intervals. Security patches are applied promptly, and unpatched instances are replaced automatically.

Logging and Monitoring

Every system event and user action is securely logged and monitored. Security logs are retained as per regulatory requirements, stored in encrypted form, and accessible only to authorized personnel. Automated alerts notify administrators in real time about anomalies, threats, or attempted breaches.

Application Security

Our web applications are protected against common vulnerabilities identified in the OWASP Top 10, including SQL injection, XSS, and CSRF attacks. Continuous penetration testing and vulnerability assessments are performed annually by certified third-party auditors.

To protect against DDoS attacks, Yashosys IT Solutions uses layered protection mechanisms and rate-limiting strategies to ensure continuous availability.

Data Protection Framework

Data Classification and Usage

We collect and process customer data strictly for legitimate business purposes, as defined under the Digital Personal Data Protection Act, 2023. Customers are advised not to use our platform to collect or store sensitive personal data such as financial information, biometric identifiers, or medical records unless expressly permitted and lawfully justified.

Encryption

Data in transit: Encrypted using TLS 1.3 or higher with 2048-bit keys.

Data at rest: Protected using AES-256 encryption.

Passwords: Hashed and salted following industry standards.

Key Management: Handled via a secured Key Management System (KMS) with controlled rotation schedules.

Data Backup and Disaster Recovery

Daily encrypted backups with point-in-time recovery capabilities.

Multi-region redundancy ensures resilience and continuity.

Regular disaster recovery drills are conducted to test system reliability.

Identity and Access Management

Role-Based Access Control (RBAC) ensures users and employees have the least privilege access.

Two-Factor Authentication (2FA) is mandatory for all administrative access.

All access to production infrastructure is logged, monitored, and reviewed periodically.

Internal employees access customer environments only through a Just-In-Time Access (JITA) model for limited durations and specific support purposes.

Corporate Security & Governance

Employee Vetting and Training

All employees undergo background verification prior to onboarding, as per Indian employment and IT security norms. Continuous Cyber Awareness and Phishing Resistance Training ensures employees remain vigilant and compliant.

Policy and Governance

A Written Information Security Policy (WISP) defines company-wide data handling, incident management, and disciplinary measures. Policies are reviewed annually in line with evolving legal standards.

Vendor Management

Third-party service providers are thoroughly vetted for security and privacy compliance. We maintain legally binding Data Processing Agreements (DPAs) with all sub-processors in accordance with the DPDP Act.

Privacy & Data Rights

Yashosys IT Solutions does not sell, rent, or trade personal data with any third parties. We process personal information transparently, with full consent and lawful purpose.

Customers can request access, correction, or deletion of their data in accordance with Section 11 of the Digital Personal Data Protection Act, 2023. Requests can be submitted via our Data Protection Officer (DPO) contact channel listed in our Privacy Policy.

Breach Response

In the unlikely event of a data breach, Yashosys IT Solutions shall notify affected users and relevant authorities (such as CERT-In and the Data Protection Board of India) within the legally stipulated time frame, in compliance with the IT (CERT-In) Directions, 2022.

Disclaimer

This Security and Compliance Statement is intended to provide an overview of Yashosys IT Solutions’ information security and privacy practices. It does not constitute a contractual commitment or modify existing agreements. Our policies may evolve periodically to reflect improvements in technology and regulatory changes.

✅ Compliant References Integrated:

Information Technology Act, 2000 (Amended 2008)

IT (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011

Digital Personal Data Protection Act, 2023

CERT-In Directions 2022

ISO/IEC 27001:2022 alignment

🛡️ Privacy Policy

Effective Date: 1st October 2025
Last Updated: 23rd October 2025

Yashosys IT Solutions (“Company”, “we”, “our”, or “us”) respects your privacy and is committed to protecting your personal data in accordance with the Information Technology Act, 2000, the IT (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and the Digital Personal Data Protection Act, 2023 (“DPDP Act”).

By accessing or using our website, products, or services, you agree to this Privacy Policy.

1. Information We Collect

We collect only the information necessary to deliver our products and services:

Personal Data: Name, contact number, email address, organization, and login credentials.

Technical Data: IP address, browser type, operating system, device identifiers, and usage data via cookies or analytics tools.

Transactional Data: Payment-related identifiers (processed securely through PCI-compliant gateways; we never store card details).

Business Data: Information you provide for CRM, marketing, or automation services you use within our platform.

We do not knowingly collect sensitive personal data such as financial account details, health information, biometric data, or passwords to third-party systems.

2. Purpose of Processing

Your personal data is collected and processed for legitimate purposes including:

Providing, operating, and improving our IT and automation services.

Customer support, billing, and account management.

Sending service updates, security alerts, and product information.

Fulfilling legal obligations and protecting our lawful interests.

We process data only with your consent or as permitted under the DPDP Act.

3. Data Sharing and Disclosure

We do not sell or rent your personal data.
However, we may share limited information with:

Authorized Service Providers (e.g., cloud hosting, payment gateways, email delivery systems).

Regulatory Authorities or Law Enforcement, if required under Indian law.

Business Partners acting under confidentiality and data-processing agreements.

All processors are bound by written contracts that ensure compliance with the DPDP Act and IT Rules 2011.

4. Data Storage and Transfer

Data is stored on secure cloud servers (Google Cloud Platform / Amazon Web Services).
Cross-border data transfers, if any, are handled in accordance with Section 16 of the DPDP Act and relevant Government notifications.

5. Data Security

We implement reasonable security practices including:

AES-256 encryption at rest and TLS 1.3 encryption in transit.

Multi-Factor Authentication (MFA) for administrative access.

Periodic audits, vulnerability assessments, and data-protection training.

In case of a data breach, we will notify affected users and the Indian Computer Emergency Response Team (CERT-In) / Data Protection Board of India as required by law.

6. Data Retention and Deletion

We retain your data for as long as necessary to provide our services or comply with legal requirements.
You may request deletion or correction of your data by emailing [email protected].
Upon verification, we will act within the timeframe prescribed by law.

7. Your Rights

Under the Digital Personal Data Protection Act, 2023, you have the right to:

Access and obtain copies of your personal data.

Request correction, updating, or deletion.

Withdraw consent for processing.

Lodge a grievance with our Data Protection Officer (DPO).

Contact DPO:
Name: Data Protection Officer, Yashosys IT Solutions
Email: [email protected]

8. Cookies

We use cookies and similar technologies to enhance user experience and analyze site traffic. You can disable cookies through your browser settings, though certain features may not function optimally.

9. Changes to This Policy

We may revise this Privacy Policy periodically. Updated versions will be posted on this page with the “Last Updated” date revised accordingly.

10. Contact

For any privacy-related questions or concerns:

📧 [email protected]
🏢 Yashosys IT Solutions, Mumbai, Maharashtra, India

⚖️ Terms of Service

Effective Date: 1st October 2025

These Terms of Service (“Terms”) govern your access to and use of the website, software, and services offered by Yashosys IT Solutions (“Company”, “we”, “our”, or “us”).
By accessing or using our services, you agree to be bound by these Terms.

1. Use of Services

You must be at least 18 years of age to use our services.

You agree to use our services in compliance with applicable Indian laws, including the Information Technology Act (2000) and its rules.

You shall not engage in activities that are unlawful, infringe intellectual-property rights, or disrupt our systems.

2. Account Registration

You are responsible for maintaining the confidentiality of your login credentials and for all activities under your account. Notify us immediately of any unauthorized use.

3. Intellectual Property

All content, code, software, trademarks, and logos are the exclusive property of Yashosys IT Solutions and protected under the Copyright Act 1957, Trademarks Act 1999, and relevant laws.
You may not copy, modify, distribute, or resell our materials without prior written permission.

4. Payment and Subscription

All fees are quoted in Indian Rupees (INR) unless stated otherwise.
Payments are processed securely via PCI-DSS compliant gateways.
Subscription plans are governed by their respective terms. Refunds, if any, are handled as per our Refund Policy.

5. Data Protection and Privacy

By using our services, you consent to the collection and processing of your data in accordance with our Privacy Policy.
We commit to handling your data responsibly, as mandated under the DPDP Act 2023 and IT Rules 2011.

6. Limitation of Liability

To the maximum extent permitted by law, Yashosys IT Solutions shall not be liable for indirect, incidental, or consequential damages arising from the use of our services.
Our total liability shall not exceed the amount paid by you in the preceding 12 months.

7. Suspension or Termination

We may suspend or terminate your account if you violate these Terms or applicable laws.
Upon termination, your right to use our services will cease immediately.

8. Third-Party Links

Our platform may contain links to external websites. We are not responsible for their content, security, or privacy practices.

9. Governing Law and Jurisdiction

These Terms are governed by the laws of India.
Any disputes shall be subject to the exclusive jurisdiction of the courts in Pune, Maharashtra.

10. Contact

For any queries regarding these Terms:

📧 [email protected]
🏢 Yashosys IT Solutions, Pune, Maharashtra, India

✅ Compliance References Embedded:

Information Technology Act 2000 (amended 2008)

IT Rules 2011 (Sensitive Personal Data)

Digital Personal Data Protection Act 2023

CERT-In Guidelines 2022

Consumer Protection (E-commerce) Rules 2020

Indian Contract Act 1872

Copyright Act 1957 & Trademarks Act 1999

🧾 Refund & Cancellation Policy – Yashosys IT Solutions

At Yashosys IT Solutions, we aim to provide the highest quality software and automation solutions to help businesses grow efficiently.
Please read this Refund & Cancellation Policy carefully before making a purchase or subscribing to any of our services.

1. Software & Automation Services

Once a service or project has been initiated and work has commenced, no refund will be issued.

If you decide to cancel before project initiation, you may be eligible for a partial refund (up to 50%) depending on the work scope and resource allocation.

2. Subscription-Based Plans

Monthly or annual subscription fees for automation tools, CRM systems, or SaaS solutions are non-refundable once activated.

Cancellations can be made anytime before the next billing cycle to stop future renewals.

3. Custom Development Projects

Payments made for custom software development, integrations, or workflow automation setups are non-refundable, as these are tailored services.

In rare cases of non-delivery due to technical or operational issues from our end, we may offer a proportionate credit or rescheduling of services.

4. Training & Consultation Services

Once a session is booked and confirmed, it is non-refundable.

You may reschedule once, provided you notify us at least 24 hours before the session time.

5. Refund Timeline

Any approved refund will be processed within 7–10 working days to the original payment source.

6. Contact for Support

For questions about refunds, cancellations, or project delivery, contact us at:
📧 [email protected]

⚖️ Website Disclaimer – Yashosys IT Solutions

The information provided on www.yashosys.com (and all associated platforms) is for general business and informational purposes only.
While we strive to ensure accuracy, Yashosys IT Solutions makes no warranties regarding completeness, reliability, or accuracy of the information.

By accessing our website, tools, or services, you acknowledge and agree that:

Implementation outcomes vary based on client data, systems, and usage.

We do not guarantee specific financial, business, or lead-generation results.

Yashosys IT Solutions will not be liable for any loss, damage, or data issues arising from the use of our services or website.

All product names, trademarks, and brand logos mentioned are property of their respective owners.

If you require further clarification, please contact us at [email protected]