ProcureDataLab
Case StudiesServices Book a call
Case StudiesServices Book a call
← Back to home

Privacy Policy

Last updated: 8th July, 2026

ProcureDataLab ("we," "us," "our") is a small, early-stage business based in Kolkata, West Bengal, India, currently operated by its two founders pending formal company registration. This policy explains what personal data we collect and how we handle it. We'll update it as our practices and our legal structure develop.

1. What we collect

  • Contact details you give us — name, email, phone, company, job title — when you fill out a form, email us, or book a call.
  • Scheduling data via Calendly, which we use to book meetings. Calendly's own privacy policy governs what it collects: calendly.com/privacy
  • Basic technical data (IP address, browser type, pages visited) via standard web server logs.
  • Procurement data we collect for clients, sourced from publicly available government tender and contract portals. This can include personal data of individuals named in those records (e.g., government procurement officials, bidder representatives), not just business information. We collect and structure this data for delivery to our clients as part of our service.

We don't intentionally collect sensitive categories of data (health, biometric, government ID numbers, etc.), and we ask you not to include such details in anything you send us.

2. Why we use it

To respond to inquiries, schedule calls, deliver our services, invoice clients, and operate our business. For procurement data specifically, we collect and structure it to deliver as a data service to our clients.

3. Who we share it with

  • Calendly, for scheduling.
  • Standard business tools (email, invoicing) we use to run the company.
  • Clients, in the case of structured procurement data delivered as part of our service.
  • Anyone else only where required by law.

We do not sell personal data for advertising purposes, and we don't share your contact details with third parties for their own marketing.

4. Where your data is processed

We're based in India, so data may be processed there, as well as by tools like Calendly that operate internationally.

5. Your rights

Depending on where you're located, you may have rights to access, correct, or delete your personal data, or to object to how we use it, including if your information appears in procurement records we've collected. Contact us and we'll do our best to address it promptly, consistent with applicable law.

6. How long we keep it

We keep contact and inquiry data as long as reasonably needed to respond and follow up, and client records as long as required for business and tax purposes. We're still formalizing exact retention schedules for procurement pipeline data.

7. Security

We take reasonable steps to protect the data we hold, though no system is completely secure.

8. Changes

We'll update this policy as our practices, team, and legal structure evolve, and will update the date above when we do.

GDPR / EU & UK Data Protection

We don't have a dedicated legal or compliance team yet. Here's where we currently stand on GDPR in plain terms, rather than formal compliance claims we can't yet back up.

Some of the data we work with — publicly available government procurement records — can include personal data of individuals (like government contracting officials or bidder representatives), not just business information. We're working through what full GDPR alignment looks like for a business like ours, including documenting our legal basis for collecting this data and how we notify individuals about it.

What we currently do:

  • We collect data from public government sources for a specific business purpose (structuring and delivering it to clients), not for unrelated use.
  • We don't sell contact details for advertising purposes.
  • We use a limited set of business tools (like Calendly) and choose providers with reasonable data practices.
  • If someone asks us to remove their information or objects to how we're using it, we take that seriously and will act on it consistent with applicable law.

As a two-person early-stage company, we haven't yet completed a full formal GDPR compliance program — a documented legal basis assessment for every data source, a signed data processing agreement with every tool we use, and a written incident response plan are in progress rather than finished. We'd rather tell you that clearly than claim otherwise.

If you're in the EU or UK and want to know what data we might hold about you, ask us to correct or delete it, or object to how it's used, email us and we'll respond as quickly as we reasonably can. If GDPR compliance is a requirement for your organization to work with us — for example, as part of vendor due diligence — please contact us directly; we're glad to work through what documentation or commitments you need.

California Privacy (CCPA/CPRA)

We're an early-stage company and honestly haven't yet confirmed whether California's privacy law (CCPA/CPRA) formally applies to a business our size — that depends on specific thresholds we're still working through with a lawyer. In the meantime, we're choosing to extend the core privacy practices in this policy to California residents as a matter of good practice, whether or not they're legally required for us yet.

We don't sell contact details of website visitors for advertising or marketing purposes. For the procurement datasets we deliver to paying clients, we're still working through, with legal advice, exactly how that's characterized under California's broad definition of "sale" — we'd rather confirm that properly than make a claim either way before we're sure.

If you're a California resident, you can ask us what personal information we hold about you, ask us to delete it, or ask us to correct it. Email us and we'll respond as promptly as we reasonably can, and we won't treat you differently for asking. If California privacy compliance is something your organization needs confirmed as part of working with us, please reach out directly.

9. Contact us

hello@procuredatalab.com
Kolkata, West Bengal, India

ProcureDataLab is an early-stage business and does not currently have a dedicated legal team. This policy reflects our current practices in good faith. If you have specific compliance requirements (e.g., as part of vendor due diligence), please contact us directly and we're happy to discuss.

ProcureDataLab

Government procurement data pipelines. Built to run.

Privacy Policy Terms of Service hello@procuredatalab.com