Policy Page

TECH GUARD LABS FOUNDATION

Effective Date: April 14, 2026 | Version 1.0
SREC SPARK, SNR Engineering College, Vattamalaipalayam, NGGO Colony P.O, Coimbatore – 641022, Tamil Nadu, India

TECH GUARD LABS FOUNDATION (“TechGuard,” “we,” “our”) is committed to protecting the privacy of every individual who visits our website or engages with our services. This Privacy Policy (“Privacy Policy”) describes how TechGuard collects, uses, discloses, and safeguards information when you access our website (the “Website”).

This Privacy Policy explains:

What information we collect and why we collect it
How we use that information
What information we collect and why we collect it
How we disclose information and transfer data internationally
Your rights as a data subject under applicable Indian and international law
Our regulatory compliance framework
Our use of cookies
Opt-in and opt-out choices
Links to third-party websites
Data security measures
Data retention practices
Children’s privacy protections
How to contact us with questions
How we update this Policy
Governing law and jurisdiction

By using our Website, you agree to the terms of this Privacy Policy.

1. General

TECH GUARD LABS FOUNDATION is a joint Israel–India cybersecurity consultancy (the “Organization”), incorporated as a Section 8 company under the Companies Act, 2013, and headquartered in Coimbatore, Tamil Nadu, India. The Organization was co-founded in partnership with Ariel University’s Cyber Innovation Center (Israel) and SNR Sons Charitable Trust (India), and operates in collaboration with additional Israeli and Indian institutional partners.
TechGuard provides organizations with full-lifecycle cybersecurity services — including Cybersecurity Health Checks, risk assessments, compliance audits, and strategic advisory — delivered through an Israeli-grade audit methodology anchored by local South India expertise (the “Services”).
This Website provides information about TechGuard, its Services, and its partners, and enables visitors to request a consultation, submit an inquiry, or apply for employment opportunities.

2. Regulatory Compliance Framework

TechGuard is committed to complying with all applicable Indian laws and regulations governing data protection, cybersecurity, and digital privacy. Our operations are structured in accordance with the following legislative and regulatory instruments:

A. Information Technology Act, 2000 (IT Act)

The IT Act is the primary legislation governing electronic records, digital transactions, and cyber offences in India. TechGuard complies with its provisions relating to the collection, storage, and processing of electronic data, including the provisions relating to data protection under Section 43A and the penalties for unauthorized access and data theft under Sections 43 and 66.

B. IT (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (SPDI Rules)

The SPDI Rules, issued under Section 43A of the IT Act, prescribe standards for the collection, disclosure, transfer, and security of sensitive personal data or information (SPDI). TechGuard implements and maintains reasonable security practices and procedures as prescribed under these Rules, including obtaining consent prior to collecting SPDI and ensuring that such data is used only for the purpose for which it was collected.

C. Digital Personal Data Protection Act, 2023 (DPDP Act)

The DPDP Act establishes a comprehensive framework for the processing of digital personal data in India. TechGuard operates as a “Data Fiduciary” under this Act and is committed to the following obligations: collecting personal data only for lawful, specified purposes; obtaining valid and informed consent where required; giving effect to data principal rights including access, correction, erasure, and grievance redressal; and implementing appropriate technical and organizational safeguards. The supervising authority under the DPDP Act is the Data Protection Board of India, to which data principals may address complaints.

D. Information Technology (Amendment) Act, 2008

TechGuard complies with the amendments introduced by the IT Amendment Act, 2008, which strengthened provisions on cyber crimes, data protection, and electronic surveillance, including the obligations of intermediaries under Section 79.

E. IT (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021

To the extent TechGuard operates as an intermediary under the IT Act, it complies with the due diligence obligations prescribed under the 2021 Rules, including the maintenance of a grievance redressal mechanism and timely response to user complaints.

F. CERT-In Directions, 2022

TechGuard complies with the directions issued by the Indian Computer Emergency Response Team (CERT-In) under Section 70B of the IT Act. These include the obligation to report cybersecurity incidents to CERT-In within six hours of detection, the maintenance of logs for a minimum period of 180 days within Indian jurisdiction, and the adoption of information security practices aligned with CERT-In guidelines. As TechGuard pursues CERT-In empanelment, all incident response and reporting obligations under these Directions are actively integrated into our operational procedures.

G. National Cyber Security Policy, 2013 (NCSP)

TechGuard aligns its cybersecurity practices with the principles set out in the National Cyber Security Policy, 2013, including the adoption of a risk-based approach to information security, the protection of critical information infrastructure, and the promotion of a culture of cybersecurity awareness.

3. Collecting Information

The scope of this Privacy Policy is limited to information collected by TechGuard through your use of its Website. Certain information is collected automatically; other information is collected only when you interact with the Website voluntarily.
Non-personal information collected automatically may include session durations, pages accessed, frequency and scope of Website use, browser type, operating system, and general geographic location derived from your IP address.
Personal information from which you can be individually identified (“Personal Information”) is collected only when voluntarily submitted to us, including through the following channels:

A. Request a Consultation

If you request a consultation or Cybersecurity Health Check via the Website, we will collect your full name, email address (which may include your organisation’s domain), company name, and role in order to prepare and deliver a relevant engagement.

B. Contacting Us

If you contact us for support, partnership inquiries, or general questions regarding our Services, Website, or this Privacy Policy, we will collect your full name, email address, organisation name, and the content of your inquiry in order to respond appropriately.

C. Applying for a Position

If you apply for a position with TechGuard through the Website, we will collect Personal Information relevant to your application, including your full name, email address, phone number, location, educational background, professional experience, CV/resume, cover letter, and any additional information you provide voluntarily.

4. Use of Information

We use the Personal Information we collect for the following purposes, one or more of which may apply simultaneously. Our legal bases for processing include performance of a contract, legitimate interests, and compliance with legal obligations under applicable Indian law.

A. Providing the Requested Services

We collect Personal Information to respond to your consultation requests, deliver cybersecurity services you have contracted for, and provide technical and professional assistance in connection with the Website and our Services. We process this Personal Information as necessary for the performance of our engagement with you.

B. Improvement and Development of Services

We use Personal Information to improve and develop our Website and Services, understand feedback, and enhance the quality of information we provide. We may conduct surveys, test features, and analyse usage patterns to develop new offerings and improve operational efficiency. We process this information in light of our legitimate interest in delivering the best possible experience to visitors and clients.

C. Maintaining a Safe and Secure Environment

We may use your information to detect and prevent fraud, unauthorised access, and security incidents, including to verify identities, enhance Website security, conduct risk assessments, and respond to activities that may violate our terms of service or applicable law. We process this information in light of our legitimate interest in maintaining a secure operational environment, consistent with our obligations under the IT Act and CERT-In Directions.

5. Disclosure of Information and International Data Transfers

TechGuard does not sell, rent, or trade Personal Information. We take reasonable measures to ensure that Personal Information is not intentionally disclosed to any third party without your permission, except as described herein or as permitted or required by applicable law.
In order to operate our Website and deliver our Services, we may engage third-party service providers who assist us with scheduling, recruitment processing, analytics, and related operational functions. We do not disclose the identities of specific service providers in this Policy; however, we will update this section as our service provider arrangements are formalised. In all cases, we require that third-party processors comply with obligations equivalent to those set out in this Privacy Policy, and that Personal Information is used solely for the purposes we specify.

Personal Information may also be disclosed in the following circumstances:

To comply with a valid legal obligation, court order, regulatory directive, search warrant, or request from a competent authority under Indian law, including CERT-In.
In connection with a corporate restructuring, merger, acquisition, or transfer of assets, subject to appropriate confidentiality arrangements.
Where necessary to protect the rights, property, or safety of TechGuard, its partners, employees, or others.

A. Cross-Border Transfers – India

Where Personal Information is transferred outside India, such transfers will be carried out in accordance with the Digital Personal Data Protection Act, 2023, and any rules or standard clauses prescribed thereunder. We will ensure that appropriate safeguards are in place to protect the rights of data principals whose data is transferred.

B. Cross-Border Transfers – State of Israel

TechGuard operates in strategic partnership with Israeli institutional partners, including Ariel University’s Cyber Innovation Center and affiliated Israeli entities. As a result, Personal Information may be transferred to and processed in the State of Israel in the ordinary course of our operations.
Such transfers are governed by Israel’s Protection of Privacy Law, 5741-1981 (PPL), and the Privacy Protection Regulations (Data Security), 5777-2017. Israel has been recognised by the European Commission as providing an adequate level of data protection for personal data originating from the European Union. Where Personal Information of Indian data principals is transferred to Israel, we rely on contractual safeguards to ensure that the receiving party is bound by data protection obligations equivalent to those applicable in India.
Complaints regarding the processing of personal data by Israeli recipients may also be directed to the Israeli Privacy Protection Authority (PPA).

C. Cross-Border Transfers – European Union / EEA

Where TechGuard processes Personal Information of individuals located in the European Union or European Economic Area, we comply with applicable obligations under the General Data Protection Regulation (GDPR). EU/EEA residents may also have recourse to the supervisory authority in their country of residence.

6. Your Rights

You may at any time request access to or rectification of your Personal Information. To exercise these rights, please contact us at:
info@techguardlabs.com
Under the Digital Personal Data Protection Act, 2023, and other applicable Indian law, you have the following rights as a data principal:

Right of access: Request information about the Personal Information we hold about you, the purposes for which it is processed, and the third parties with whom it has been shared.
Right to correction and erasure: Request that we correct inaccurate or incomplete Personal Information, or erase Personal Information that is no longer necessary for its original purpose.
Right to grievance redressal: Submit a complaint or grievance regarding the processing of your Personal Information and receive a timely response.
Right to nominate: Nominate another individual to exercise your rights on your behalf in the event of death or incapacity.
Right to object: Object to the processing of your Personal Information for direct marketing or where our legal basis is legitimate interests.
Right to data portability: Receive your Personal Information in a structured, machine-readable format, or request its transfer to another organisation, where processing is based on consent or contract performance.
Right of no retaliation: TechGuard will not charge different prices, provide a different quality of service, or otherwise discriminate against you for exercising any of the above rights.

We will make our best efforts to respond to a verifiable request within 30 days of receipt. Where additional time is required, we will inform you of the reason and the extension period in writing.
Complaints may also be directed to the Data Protection Board of India (established under the DPDP Act, 2023) or any other competent supervisory authority.

7. CAN-SPAM Act Compliance

To the extent we send commercial emails to recipients in the United States, TechGuard complies with the CAN-SPAM Act. We will not use false or misleading subject lines or sender information; we will identify commercial messages as required; and we will include our registered address in all commercial correspondence. We will honour opt-out and unsubscribe requests promptly and monitor any third-party email service providers for compliance.
To unsubscribe from future email communications at any time, please email us at info@techguardlabs.com and we will promptly remove you from all correspondence.

8. Cookies

TechGuard may use cookies and similar technologies (collectively, “cookies”) to understand how visitors use the Website, to enhance the Website experience, and to remember your preferences. Cookies may collect information such as pages visited, session duration, and general location of access.
You may configure your browser to reject or delete cookies. Please note that doing so may affect your ability to access certain features of the Website. For more information about cookies, visit www.allaboutcookies.org.

9. Opt-In / Opt-Out

You are always in control of your data. If at any time you wish to stop receiving communications from us or opt out of any feature, please notify us by writing to info@techguardlabs.com. Please be aware that it may not always be possible to completely remove or modify information in all of our databases and systems, though we will make all reasonable efforts to honour your request.

10. Links to Other Websites

Our Website may contain links to third-party websites. TechGuard is not responsible for the privacy practices of external websites, and this Privacy Policy does not apply to them. We recommend reviewing the privacy policy of any third-party website before submitting personal information.

11. Data Security

TechGuard implements industry-standard physical, technical, and administrative safeguards to protect the confidentiality, integrity, and availability of Personal Information we process, in accordance with the IT (SPDI) Rules, 2011, CERT-In Directions, 2022, and the DPDP Act, 2023. We maintain and periodically review these safeguards, restrict access to Personal Information on a need-to-know basis, and maintain system and event logs as required under applicable Indian law.
In the event of a cybersecurity incident affecting Personal Information, TechGuard will report the incident to CERT-In within six hours of detection as required under the CERT-In Directions, 2022, and will notify affected individuals as required by applicable law. We will also take all reasonable steps to contain and remediate the incident.
While we make every effort to protect Personal Information, no method of transmission over the internet is entirely secure. Data transmitted to us is at the user’s own risk.

12. Data Retention

TechGuard does not retain Personal Information longer than is necessary for the purposes for which it was collected, or as required to satisfy legal, regulatory, or contractual obligations under applicable Indian law. Logs and records required to be maintained under the CERT-In Directions, 2022, will be retained for a minimum period of 180 days within Indian jurisdiction.
If you withdraw your consent or request erasure, we will delete your Personal Information from our systems unless retention is necessary to establish, exercise, or defend against legal claims, or as required for the continued provision of contracted Services.

13. Children’s Privacy

The Website is not intended for individuals under the age of 18. TechGuard does not knowingly or intentionally collect Personal Information from children under 18 years of age.
IF YOU ARE UNDER THE AGE OF 18, YOU MAY NOT USE THE WEBSITE WITHOUT VERIFIABLE PARENTAL OR GUARDIAN CONSENT.

14. Grievance Officer

In accordance with the IT Act, 2000, the IT (Intermediary Guidelines) Rules, 2021, and the DPDP Act, 2023, TechGuard has designated a Grievance Officer to address complaints and queries regarding the processing of Personal Information. If you have any concerns regarding this Privacy Policy or the practices described herein, please contact:

Grievance Officer
TECH GUARD LABS FOUNDATION
SREC SPARK, SNR Engineering College, Vattamalaipalayam, NGGO Colony P.O, Coimbatore – 641022, Tamil Nadu, India
Email: info@techguardlabs.com
We will endeavour to respond to all grievances within 30 days of receipt.

15. Revisions and Modifications

TechGuard reserves the right to revise, amend, or modify this Privacy Policy at any time to reflect changes in applicable law, our operations, or our data practices. When we make material changes, we will update the effective date shown at the top of this document and post the revised Policy on the Website. We encourage you to review this Privacy Policy periodically to remain informed of our current practices.

16. Governing Law and Jurisdiction

This Privacy Policy is governed by and interpreted in accordance with the laws of the Republic of India, including the Information Technology Act, 2000 and its amendments, the Digital Personal Data Protection Act, 2023, and all rules, directions, and guidelines issued thereunder.
Any dispute or claim arising out of or in connection with this Privacy Policy shall be subject to the exclusive jurisdiction of the competent courts in Coimbatore, Tamil Nadu, India.
To the extent that TechGuard processes Personal Information of Israeli residents or transfers Personal Information to Israel in connection with its partnership with Israeli institutions, such processing is additionally governed by Israel’s Protection of Privacy Law, 5741-1981, and the Privacy Protection Regulations (Data Security), 5777-2017. The Israeli Privacy Protection Authority (PPA) serves as the competent supervisory authority for such matters in Israel.
To the extent that TechGuard processes Personal Information of individuals in the European Union or European Economic Area, applicable provisions of the General Data Protection Regulation (EU) 2016/679 (GDPR) apply, and the competent supervisory authority is that of the data principal’s country of residence.