Pestle | Privacy Policy
 Back to App

Privacy Policy

Last Updated: January 28, 2026

Pestle is committed to protecting your privacy. This policy explains how we collect, use, and safeguard your information.

Pestle ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our governance, risk, and compliance platform.

1 Information We Collect

1.1 Information You Provide

  • Account Information: Name, email address, company name, job title, and password when you create an account
  • Billing Information: Payment card details and billing address (processed by our payment providers)
  • Content: Data you upload or enter into the platform, including compliance assessments, risk registers, policies, and evidence documents
  • Communications: Information in emails, support tickets, and feedback you send us

1.2 Information Collected Automatically

  • Usage Data: Features used, pages visited, actions taken, and time spent in the application
  • Device Information: IP address, browser type, operating system, and device identifiers
  • Log Data: Server logs including access times, error logs, and referral URLs

1.3 Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Maintain your session and authentication state
  • Remember your preferences and settings
  • Analyze usage patterns to improve our services
  • Provide security features

See our Cookie Policy for more details.

2 How We Use Your Information

We use collected information to:

  • Provide, maintain, and improve our services
  • Process transactions and send related information
  • Send technical notices, updates, security alerts, and support messages
  • Respond to your comments, questions, and requests
  • Monitor and analyze trends, usage, and activities
  • Detect, investigate, and prevent fraudulent transactions and security incidents
  • Comply with legal obligations

3 Data Sharing and Disclosure

We do not sell your personal information. We may share information in the following circumstances:

  • With Your Consent: When you explicitly authorize sharing
  • Service Providers: With vendors who assist in providing our services (hosting, payment processing, analytics), bound by confidentiality obligations
  • Legal Requirements: When required by law, legal process, or government request
  • Protection of Rights: To protect our rights, privacy, safety, or property
  • Business Transfers: In connection with a merger, acquisition, or sale of assets

4 Data Retention

We retain your information for as long as your account is active or as needed to provide services. Specifically:

  • Account Data: Retained while account is active, deleted within 90 days of account closure
  • Content Data: Retained while account is active; exported upon request before deletion
  • Usage Logs: Retained for 12 months for security and analytics
  • Billing Records: Retained for 7 years for tax and legal compliance
  • Audit Logs: Retained for 7 years for compliance purposes

See our Data Retention Policy for complete details.

5 Data Security

We implement appropriate technical and organizational measures to protect your data:

Encryption in transit (TLS 1.3) and at rest (AES-256)
Access controls and authentication
Regular security assessments

6 Your Rights and Choices

Access & Portability

Access and export your data through the platform's export features or by contacting us.

Correction

Update your account information directly in the platform or contact us for assistance.

Deletion

Request deletion of your account and personal data. Some data may be retained for legal compliance.

Opt-Out

Opt out of marketing communications by clicking "unsubscribe" in emails.

7 International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses approved by the European Commission
  • Data Processing Agreements with all sub-processors
  • Compliance with applicable data transfer frameworks

8 Regional Privacy Rights

European Economic Area (GDPR)

If you are in the EEA, you have additional rights including access, rectification, erasure, data portability, restrict processing, object to processing, withdraw consent, and lodge complaints with supervisory authorities.

California (CCPA/CPRA)

California residents have the right to know, delete, opt-out, non-discrimination, correct, and limit use of sensitive personal information. We do not sell personal information.

9 Children's Privacy

Our services are not directed to children under 16. We do not knowingly collect information from children. If we learn we have collected information from a child, we will delete it promptly.

10 Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes by posting the new policy on this page and updating the "Last Updated" date. Continued use after changes constitutes acceptance.

11 Contact Us

For privacy-related questions or to exercise your rights:

Phone

+91 897 702 5287

Address

Trendz Pride 5th Floor, Plot No 20/127, Survey No.79, Road No 1, Patrika Nagar, Madhapur, Hyderabad, Shaikpet, Telangana, India, 500081

Terms of Service | Legal Information | Documentation
© 2026 Pestle. All rights reserved.
Privacy Policy Terms of Service Legal

Contact: sales@pestle.in | +91 897 702 5287

Trendz Pride 5th Floor, Plot No 20/127, Survey No.79, Road No 1, Patrika Nagar, Madhapur, Hyderabad, Shaikpet, Telangana, India, 500081