Privacy Policy — MISBuddy

MISBuddy ("we", "our", "us") is operated as a joint venture between DreamyHook Digital Media (dreamyhook.com) and DataStatic Solutions — DSS (datastatic.in). We are committed to protecting your privacy and ensuring you have a positive experience on our platform. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you visit our website and use our platform.

1. Information We Collect

1.1 Personal Information

When you register for an account, request a demo, or contact us, we may collect personal information including but not limited to: your name, email address, phone number, company name, job title, and billing information.

1.2 Usage Data

We automatically collect certain information when you visit, use, or navigate the platform. This includes device and browser information, IP address, operating system, referring URLs, pages viewed, and clickstream data. This data is used solely for platform improvement and analytics.

1.3 Business Data (Your MIS Data)

When you use MISBuddy to manage your business intelligence, you upload and create data within our platform. This data is entirely yours. We do not access, read, analyze, sell, or share your business data except as strictly necessary to provide the MISBuddy service to you.

2. How We Use Your Information

We use the information we collect for the following purposes:

To provide, operate, and maintain the MISBuddy platform
To improve, personalize, and expand our platform features
To communicate with you about your account, support requests, and updates
To process transactions and send billing-related communications
To detect, prevent, and address technical issues and security threats
To comply with legal obligations and enforce our terms of service

3. Data Security & Encryption

We implement industry-leading security measures to protect your data:

AES-256 Encryption: All data is encrypted at rest and in transit using AES-256 bit encryption.
Zero-Knowledge Architecture: Your business data is encrypted in a manner that prevents even MISBuddy personnel from accessing it without your explicit authorization.
BYOK (Bring Your Own Key): Enterprise customers can use their own encryption keys for maximum control.
Regular Security Audits: We conduct periodic penetration testing and vulnerability assessments.
Access Controls: Strict role-based access controls, multi-factor authentication, and audit logging are enforced at every level.

4. Data Sovereignty & Storage

MISBuddy is designed with data sovereignty as a core principle:

Your data is stored in the geographic region of your choosing.
For Indian businesses, data is stored on servers within India, compliant with India's Digital Personal Data Protection (DPDP) Act.
We do not transfer your data across borders without your explicit written consent.
Enterprise customers may opt for on-premise or private cloud deployments.

5. AI & Machine Learning

MISBuddy uses AI and machine learning features to provide analytics, predictions, and automation. Important details about our AI usage:

AI models process your data solely to deliver insights within your own workspace.
Your data is never used to train shared or third-party AI models.
All AI processing occurs within the same data sovereignty boundaries as your stored data.
You can opt out of AI features at any time without loss of core platform functionality.

6. Third-Party Services

We may use third-party services for specific operational needs (e.g., payment processing, email delivery). These third parties are carefully vetted and bound by strict data processing agreements. We do not sell, rent, or trade your personal information to any third party for their own marketing purposes.

7. Cookies & Tracking

Our website uses essential cookies required for platform functionality. We also use analytics cookies (which you can opt out of) to understand how visitors use our site. We do not use advertising cookies or cross-site tracking pixels.

8. Your Rights

Depending on your jurisdiction, you may have the following rights:

Right to Access: Request a copy of all personal data we hold about you.
Right to Rectification: Request correction of inaccurate personal data.
Right to Deletion: Request permanent deletion of your data. When you delete data on MISBuddy, it is removed from all active systems and backups within 30 days.
Right to Portability: Request your data in a machine-readable format for transfer to another service.
Right to Object: Object to processing of your personal data for specific purposes.

9. Compliance

MISBuddy is designed to be compliant with:

India's Digital Personal Data Protection (DPDP) Act, 2023
General Data Protection Regulation (GDPR) — EU
SOC 2 Type II standards
ISO/IEC 27001 Information Security Management

10. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this policy, or as required by law. When you close your account, all personal data is deleted within 30 days, and all business data is deleted within 7 days or returned to you in a portable format.

11. Children's Privacy

MISBuddy is a business platform and is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy on this page and sending you a notification via email. Your continued use of the platform after any changes constitutes acceptance of the updated policy.

13. Contact Us

If you have any questions about this Privacy Policy, your data, or your rights, please contact us: