Skip to main content

Privacy Policy — OLake™ by Datazip

Last Updated: 5 February 2026

1. INTRODUCTION

This Privacy Policy ("Policy") describes how Datazip Solutions India Private Limited ("we", "our", or "us") collects, uses, processes, shares, and protects your personal data in accordance with applicable data protection laws in India, including the Digital Personal Data Protection Act, 2023 ("DPDPA"), and other applicable regulations.

OLake™ by Datazip ("OLake") is a data ingestion and replication product that helps users connect data sources, ingest/replicate data, and manage ingestion operations through https://olake.io (the "Website") and related services (the "Services").

We respect your privacy and are committed to protecting your personal data. This Policy is designed to provide a clear understanding of how we process your personal data, your rights as a Data Principal, and how you can exercise those rights.

Role clarity (important):

  • For personal data of website visitors, prospects, and OLake account users (e.g., signup details, billing contacts, usage logs), we generally act as a Data Fiduciary.
  • For personal data contained within customer datasets that you ingest/replicate using OLake (e.g., data from your systems), we may act as a Data Processor on behalf of the customer/Subscriber, depending on your contract and configuration.

2. DEFINITIONS

For the purposes of this Privacy Policy:

  • Personal Data means any data about an individual who is identifiable by or in relation to such data.
  • Data Principal means the individual to whom the personal data relates.
  • Data Fiduciary means any person who alone or in conjunction with other persons determines the purpose and means of processing of personal data (we are the Data Fiduciary in this context for personal data we control).
  • Data Processor refers to entities that process personal data on our behalf or where we process personal data on behalf of our customers.
  • Processing means any operation or set of operations performed on personal data, including collection, storage, alteration, use, disclosure, or erasure.

3. TYPES OF PERSONAL DATA WE COLLECT

Depending on the Services you use and your relationship with us, we may collect the following categories of personal data:

3.1 Identification and Contact Information

  • Name, email address, phone number, postal address
  • Business contact information if you represent an organization
  • User credentials for our platforms and services (e.g., username, authentication tokens, and related identifiers)

3.2 Technical and Usage Data

  • IP address, device information, browser type and version
  • Operating system and platform information
  • Approximate location data (as derived from IP, where applicable)
  • Information about how you use our Website and Services
  • Cookie data and similar tracking technologies

3.3 Business and Transaction Data

  • Details about Services you have purchased or subscribed to
  • Billing and payment information
  • Customer service interactions and communication preferences

3.4 Analytics and Derived Data

  • Data derived through analysis of usage patterns and interactions with our Website/Services
  • Statistical information derived from aggregated data
  • Behavioral patterns and preferences derived from usage data

Customer Data Note:

OLake is an ingestion product. Depending on your use, you may ingest/replicate datasets that could include personal data. That content is generally treated as customer-controlled data and processed based on the customer's instructions and applicable agreements.

4. HOW WE COLLECT PERSONAL DATA

We collect personal data through the following methods:

  • Direct interactions: When you provide your information by filling forms, creating accounts, contacting us, or subscribing to our Services
  • Automated technologies: Through cookies, server logs, and similar technologies when you visit https://olake.io or use the Services
  • Third parties: We may receive personal data about you from business partners, service providers, and publicly available sources
  • Service operations: Through logs and operational telemetry required to provide, secure, and maintain the Services

5. PURPOSES OF PROCESSING PERSONAL DATA

We process your personal data for the following specified purposes:

5.1 Service Provision and Management

  • To provide and maintain OLake and the Services
  • To manage your account and provide customer support
  • To process transactions and send related information
  • To personalize your experience with the Services

5.2 Communication and Engagement

  • To communicate with you about Services, updates, and policy changes
  • To respond to inquiries, requests, and feedback
  • To send service-related notifications and alerts

5.3 Business Operations and Improvement

  • To improve our products, Services, and Website
  • To conduct research and analysis to enhance reliability, performance, and security
  • To develop new features, products, and Services
  • To measure the effectiveness of our operations and communications

5.4 Legal and Compliance Purposes

  • To comply with legal obligations and regulatory requirements
  • To enforce our terms, conditions, and policies
  • To prevent, detect, and investigate fraud, security breaches, and prohibited/illegal activities
  • To protect our rights, property, and safety, and those of our users and the public

6. LAWFUL BASIS FOR PROCESSING

We process your personal data based on the following lawful grounds:

6.1 Consent

We process your personal data based on your free, specific, informed, unconditional, and unambiguous consent where required. You can withdraw your consent at any time through the mechanisms described in Section 12 of this Policy.

6.2 Legitimate Uses / Permitted Processing

In certain circumstances, we may process personal data without explicit consent where permitted by the DPDPA and applicable law, including:

  • Processing necessary for compliance with legal obligations
  • Processing for employment-related purposes
  • Other purposes specifically permitted under applicable law

7. DATA SHARING AND DISCLOSURE

We may share your personal data with the following categories of recipients:

7.1 Service Providers and Processors

We may share personal data with third-party service providers who perform services on our behalf, such as:

  • Cloud hosting and infrastructure providers
  • Payment processors
  • Customer relationship management systems
  • IT and system maintenance providers
  • Professional advisers including lawyers, auditors, and insurers

All third-party service providers are required to maintain confidentiality and security and to use the data only for the purposes for which it is provided.

7.2 Business Partners

We may share personal data with business partners when necessary to provide Services or as part of joint offerings.

7.3 Legal Requirements

We may disclose personal data when required by law, regulation, or legal process, such as in response to a court order or lawful request by a public authority.

7.4 Corporate Transactions

In the event of a merger, acquisition, reorganization, bankruptcy, or similar event, personal data may be transferred as part of the transaction, in compliance with applicable laws.

8. CROSS-BORDER DATA TRANSFERS

We may transfer your personal data to countries outside India in connection with the purposes outlined in this Policy. Such transfers will comply with the requirements of the DPDPA, including:

  • We will only transfer personal data to countries not restricted by the Central Government of India
  • We will ensure appropriate safeguards are in place during international transfers
  • If additional restrictions are notified under the DPDPA or implementing rules, we will comply accordingly

9. DATA RETENTION

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including legal, regulatory, accounting, or reporting requirements.

We will erase your personal data when:

  • You withdraw your consent and there is no other legal ground for processing
  • The purpose for which the data was collected has been fulfilled and retention is no longer necessary
  • Retention is no longer necessary for compliance with legal obligations

We implement retention practices designed to ensure personal data is not kept longer than necessary.

10. DATA SECURITY

We implement appropriate technical and organizational measures to protect personal data against unauthorized or unlawful processing and against accidental loss, destruction, or damage.

Security measures may include:

  • Encryption where appropriate
  • Access controls and authentication procedures
  • Regular testing and evaluation of security measures
  • Security assessments and audits
  • Staff training on data protection and security

11. YOUR RIGHTS AS A DATA PRINCIPAL

Under the DPDPA, you have the following rights regarding your personal data:

11.1 Right to Access Information

You have the right to obtain:

  • Confirmation of whether we process your personal data
  • A summary of the personal data being processed
  • Information about processing activities
  • Information about data sharing with other entities (as applicable)

11.2 Right to Correction and Erasure

You have the right to:

  • Request correction of inaccurate or incomplete personal data
  • Request completion of incomplete personal data
  • Request erasure of personal data that is no longer necessary for the purpose for which it was collected

11.3 Right to Withdraw Consent

You have the right to withdraw your consent at any time. Withdrawal will not affect the lawfulness of processing based on consent before withdrawal.

11.4 Right to Nomination

You have the right to nominate another individual to exercise your rights in the event of death or incapacity.

11.5 Right to Grievance Redressal

You have the right to file a complaint regarding any violation of your rights under the DPDPA.

12. HOW TO EXERCISE YOUR RIGHTS

You can exercise your rights by:

  • Contacting our Data Protection Officer at shubham@datazip.io
  • Using any dedicated rights-management options available within your OLake account settings (where applicable)
  • Submitting a request through our Website at https://olake.io (e.g., via contact/privacy request channels)

We will respond to your request within 3 working days of receiving it. In certain cases, we may require additional information to verify your identity before processing your request.

If you are not satisfied with our response, you have the right to file a complaint with Data Protection Board of India.

13. DATA BREACH NOTIFICATION

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will:

  • Notify the Data Protection Board of India without undue delay
  • Notify you in clear and plain language about the nature of the breach and measures taken
  • Implement measures to mitigate potential adverse effects

14. COOKIES AND SIMILAR TECHNOLOGIES

Our Website and Services use cookies and similar tracking technologies to collect and store certain information. These technologies help us analyze trends, administer the Website, track user movements around the Website, and gather demographic information about our user base as a whole.

You can control cookies through your browser settings and other tools. Blocking certain cookies may impact your experience and limit access to certain features.

15. CHILDREN'S PRIVACY

We do not knowingly collect personal data from children under 18 without verifiable consent from parents or legal guardians as required by applicable law.

If we learn that we have collected personal data from a child without appropriate consent, we will take steps to delete that information as quickly as possible.

Parents/guardians who believe we may have collected personal data from a child can contact us at privacy@datazip.io.

16. CHANGES TO THIS PRIVACY POLICY

We may update this Policy from time to time to reflect changes in our practices, Services, or applicable laws. The updated Policy will be posted on https://olake.io with the "Last Updated" date at the top.

We encourage you to review this Policy periodically. Significant changes will be notified through email or prominent notice on the Website before they become effective.

17. CONTACT US

If you have any questions, concerns, or requests regarding this Policy or our data processing practices, please contact:

Data Protection Officer: Shubham Baldava
Address: #677, 1st Floor, Suite No. 1223, 27th Main, 13th Cross, HSR Layout, Sector 1, Bangalore 560102
Email: shubham@datazip.io
Phone: +91 9403613633

18. GRIEVANCE REDRESSAL

If you have any grievances or complaints regarding the processing of your personal data, you can contact our Grievance Officer:

Email: sandeep@datazip.io
Phone: +91 9748485583

We will acknowledge receipt of your complaint within 2 working days and resolve it within 5 working days.

If you are not satisfied with our response, you have the right to file a complaint with the Data Protection Board of India.

19. GOVERNING LAW

This Privacy Policy is governed by the laws of India, particularly the DPDPA and its implementing rules and regulations.