Privacy Policy
Last Updated: June 2026
This Privacy Policy ("Policy") applies to Dimensionless Technologies Private Limited ("Dimensionless Technologies", "Dimensionless", "we", "us", or "our") and was last updated June 2026. We may change or update this Policy at any time, and any such changes will be updated here.
If you are a Dimensionless Technologies customer or user of any of our products or services, we shall notify you of any changes or updates either by sending you an e-mail or by posting a notification within the relevant product/application (as applicable). Please ensure you read such notices carefully.
We sincerely believe that you should always know what data we collect from you, the purposes for which such data is used, and that you should have the ability to make informed decisions about what you want to share with us.
Therefore, we want to be transparent about:
(i) how and why we collect, store, and use your personal data in the various capacities in which you interact with us; and
(ii) the rights that you have to determine the contours of this interaction.
While we would strongly advise you to read this Policy in full, the following summary will give you a snapshot of the salient points covered herein:
- This Policy details the critical aspects governing your personal data relationship with Dimensionless Technologies Private Limited, having its registered office at CIBA, Agnel Technical Complex, 6th Floor, Sector 9A, Vashi, Navi Mumbai, Maharashtra – 400703, India ("Dimensionless Technologies", "we", "us", "our").
- For any clarifications or support, please feel free to reach out to us at privacy@dimensionless.ai.
- Your personal data relationship with Dimensionless Technologies varies based on the capacity in which you interact with us / avail of our products and solutions ("Services"). You could be: (i) a visitor to https://dimensionless.ai or any of our other websites or pages thereof ("Visitor"); (ii) a person/entity availing of one of our AI consulting, IT services, or software products and platforms, including PropelPro, AushadhAI, CounterfeitAI, and SolarAI ("Customer"); or (iii) an employee/agent/representative/appointee of a Customer who uses such a Service ("User").
- Based on whether you are a Visitor, Customer, or User, the type of data we collect and the purpose for which we use it will differ, and this Policy details such variations.
- This Policy should be read in conjunction with any applicable Terms of Use, Master Service Agreement, Statement of Work, or product-specific terms (including, where relevant, the PropelPro Privacy Policy) governing your use of our Services.
- This Policy clarifies the rights available to you with respect to the personal data you share with us.
If you have any queries or concerns with this Policy, please contact our Grievance Officer (refer to the "Grievance Officer" section below). If you do not agree with this Policy, we would advise you not to visit or use our websites, products, or platforms.
What Data We May Collect, and How & Why We Use It
| TYPE OF USER | WHAT DATA WE MAY COLLECT | HOW AND WHY WE USE IT |
|---|---|---|
| VISITOR | 1. Your location; 2. How you behave on our websites (what pages you land on, how much time you spend, etc.); 3. The device you use to access our websites and its details (model, operating system, browser, etc.); 4. Cookies and similar tracking/analytics data (we use Google Analytics for this purpose); 5. Your name and e-mail, if voluntarily provided through a contact form, demo request, or our website chat assistant ("TIA"). | We use this information to analyse and identify your behaviour and enhance the interactions you have with our websites. Where you contact us voluntarily (e.g., via a contact form, "Book a Demo" request, or chat assistant), we use the details provided solely to respond to your enquiry and follow up regarding our Services. Our chat assistant does not retain conversation transcripts; it only records the contact details you choose to share for follow-up purposes. If you give us your consent, we may also send you newsletters or e-mails about our Services. |
| CUSTOMER | 1. The name and e-mail of your representative(s) who sign up for, or engage us in relation to, a Service on your behalf; 2. Billing, invoicing and (where applicable) payment information to facilitate provision of, and payment for, our Services. | We collect this data to help you onboard for, and to facilitate provision of, our Services, including contracting and invoicing. We also use this data to enable you to make payments for our Services. Where we use a third-party service provider to manage payment processing, that provider is not permitted to store, retain, or use your information except for the sole purpose of processing payments on our behalf. If you give us your consent, we may also send you newsletters or e-mails about our Services. |
| USER | 1. Your name and e-mail; 2. How you behave in the relevant product/platform environment and the features you use; 3. The device you use to access the relevant website/application and its details (model, operating system, etc.); 4. Cookies and similar tracking/analytics data. | We collect this data in order to facilitate provision of our Services to you. We will occasionally send you e-mails regarding changes or updates to the Service you use. If you report an issue with a Service, we may, with appropriate safeguards, access relevant logs or session information for a limited period to help us address the issue. If you give us your consent, we may also send you newsletters or e-mails about our Services. |
FOR THE AVOIDANCE OF ANY DOUBT, WE SHOULD CLARIFY THAT IN THE EVENT WE ANONYMISE AND AGGREGATE INFORMATION COLLECTED FROM YOU, WE WILL BE ENTITLED TO USE SUCH ANONYMISED DATA FREELY, WITHOUT ANY RESTRICTIONS OTHER THAN THOSE SET OUT UNDER APPLICABLE LAW.
Where such data is not being used by us to render Services to you, we shall explicitly seek your consent for using the same. You can choose to withdraw this consent at any time by writing to us at privacy@dimensionless.ai.
Use of Artificial Intelligence
Dimensionless Technologies is an AI consulting and IT services company that uses artificial intelligence (AI), including machine learning and large language models, to design, build, and operate our Services and to enhance the services we provide to Customers. All AI-driven data processing is performed with a strong commitment to safeguarding privacy. We implement strict access controls, encryption, and regular audits to prevent unauthorised access to, or misuse of, your information. Our AI systems are used only on data necessary to deliver the relevant Service, and we adhere to industry best practices to anonymise and aggregate data wherever possible to protect identities.
We do not use Customer Data to train any underlying AI or foundation models, whether operated by us or by our technology and infrastructure providers, beyond the agreed-upon scope of the relevant Service. Any personal data processed by our AI systems is handled in compliance with applicable data protection laws, including the GDPR and India's Digital Personal Data Protection Act, 2023 ("DPDP Act"), where applicable.
Your Rights & Preferences as a Data Subject
Subject to the GDPR and applicable law's limitations, the rights afforded to you as a data subject are:
- RIGHT TO BE INFORMED: You have a right to be informed about the manner in which your personal data is collected or used, which we have endeavoured to do by way of this Policy.
- RIGHT OF ACCESS: You have a right to access the personal data you have provided by requesting that we provide it to you.
- RIGHT TO RECTIFICATION: You have a right to request that we amend or update your personal data if it is inaccurate or incomplete.
- RIGHT TO ERASURE: You have a right to request that we delete your personal data.
- RIGHT TO RESTRICT: You have a right to request that we temporarily or permanently stop processing all or some of your personal data.
- RIGHT TO OBJECT: You have a right, at any time, to object to our processing of your personal data under certain circumstances. You have an absolute right to object to our processing of your personal data for direct marketing purposes.
- RIGHT TO DATA PORTABILITY: You have a right to request that we provide you with a copy of your personal data in electronic format, which you can transmit to another third party's product or service.
- RIGHT NOT TO BE SUBJECT TO AUTOMATED DECISION-MAKING: You have a right not to be subject to a decision based solely on automated decision-making, including profiling.
In case you want to exercise any of the rights set out above, you can contact our Grievance Officer, whose details are set out in the "Grievance Officer" section below.
Grounds for Processing
The data provided by you as a Visitor, or when you sign up as a Customer/User or register for our Services, will be processed by us for the purpose of rendering Services to you, or in order to take steps prior to rendering such Services, at your request. Where such data is not being used by us to render Services to you, we shall explicitly seek your consent for using the same. You can choose to withdraw this consent at any time by writing to us at privacy@dimensionless.ai.
Additionally, we may process your data to serve our legitimate interests. Accordingly, the grounds on which we engage in processing are as follows:
| NATURE OF DATA | GROUNDS |
|---|---|
| Visitor Data | Consent; Legitimate Interest |
| Account/Customer Registration Data | Compliance with applicable laws; Performance of a Contract; Legitimate Interest |
| Service Usage Data | Performance of a Contract; Legitimate Interest |
| Data for Marketing our Services | Consent; Legitimate Interest |
If you believe we have used your personal data in violation of the rights set out above, or that we have not responded to your objections, you may lodge a complaint with your local supervisory authority.
Additionally, please note:
- If you are a Customer/User using one of our Services to collect data about an EU data subject from third parties, it shall be your sole obligation to inform such data subject about the source of such data.
- We do not collect any Special Categories of Personal Data for our own purposes. If you are a Customer/User, you agree and acknowledge that you shall not, directly or indirectly, use our Services to collect, process, or transfer to us any Special Categories of Personal Data, except where strictly necessary for the purposes of the Service availed (for example, where Special Categories of Personal Data may be incidentally contained within documents processed through a software product such as PropelPro, as further described in that product's own privacy policy), and provided you have obtained all necessary consents and have a valid legal basis for doing so.
- The term "Special Categories of Personal Data" shall have the meaning ascribed to it under the GDPR and shall include, without limitation, data pertaining to a data subject's race, ethnic origin, genetics, political affiliations, biometrics, health, or sexual orientation.
Your Rights Under the California Consumer Privacy Act (CCPA)
To the extent the CCPA applies to our processing of your personal information, Dimensionless Technologies recognises the following privacy rights for California consumers:
- The right to know about the personal information a business collects about them and how it is used and shared.
- The right to be informed about the manner in which any of your personal data is collected or used, which we have endeavoured to do by way of this Policy.
- The right to request deletion of personal information collected from you.
- Dimensionless Technologies gives you the right to request that we delete your personal data.
- The right to opt out of the sale of your personal information.
- The right to non-discrimination for exercising your CCPA rights.
Dimensionless Technologies does not sell the personal data of any of its users, customers, or leads, and assures no discrimination against consumers exercising their privacy rights under the CCPA. Dimensionless Technologies will not ask you to waive any of your privacy rights as a California consumer.
In case you want to exercise the rights set out above, you can contact our Grievance Officer, whose details are set out in the "Grievance Officer" section below.
Your Rights Under Indian Data Protection Laws
Dimensionless Technologies adheres to the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 ("SPDI Rules"), and, where applicable, India's Digital Personal Data Protection Act, 2023 ("DPDP Act"), to ensure your data is secure. Here is how we comply:
| Right | Description |
|---|---|
| The right to be informed and give consent | Before Dimensionless Technologies collects any of your personal data, we will clearly explain what information we need, why we need it, and how we will use it. We will only collect your personal data with your consent, where required. |
| The right to access your data | You have the right to request access to the personal information Dimensionless Technologies holds about you, including the ability to review and verify its accuracy and completeness. |
| The right to correct mistakes | If you find any errors or missing information in the data Dimensionless Technologies holds about you, you have the right to request corrections. We will take reasonable steps to update your information promptly upon verification of your request. |
| The right to withdraw consent | You can withdraw your consent for Dimensionless Technologies to process your personal data at any time. Once you withdraw consent, we will stop using your data for the purpose originally agreed upon, unless there is a legal reason for continued processing (such as a court order or a contractual obligation). |
Please contact our Grievance Officer, whose details are presented below, if you would like to exercise the rights listed above.
Retention of Personal Information
We will store any personal data we collect from you for as long as it is necessary to facilitate your use of the Services and for ancillary legitimate and essential business purposes – these include, without limitation, improving our Services, attending to technical issues, and dealing with disputes.
We may need to retain your personal data even if you seek deletion of it, if it is needed to comply with our legal obligations, resolve disputes, and enforce our agreements.
If you are a Customer, please be advised that: (i) you will need to inform any individuals whose data you collect using one of our Services about how you store and deal with such data, in compliance with applicable laws including the GDPR and the DPDP Act; and (ii) after you terminate your usage of a Service, we may, unless legally prohibited, delete all data provided or collected by you from our servers.
Tools Used by Our Customers
If you are a Customer, you are empowered to use proprietary or other third-party technologies and integrate with our Services. If you do, you agree and acknowledge that it is your sole obligation to inform your stakeholders about any data you collect by using such technologies and the policies by which such collection is bound.
Transfer of Information
In order for us to facilitate our operations, we may transfer and store the data we collect and process in accordance with this Policy to servers located within India and, where required for disaster recovery, business continuity, or as specified in your service agreement, to other regions.
Further, in the ordinary course of business, we may employ other companies and people to assist us in providing certain components of our Services in compliance with the provisions of this Policy. To do so, we may need to share your data with them.
Where applicable – if the entities to which these transfers are made are not situated in countries deemed "adequate" by the European Commission, we shall enter into appropriate Data Protection Addendums with the transferee parties that comprehensively protect your data. We shall also put in place industry-standard technical and organizational measures (including robust data handling policies) to ensure that such transfers are completed in accordance with applicable laws. Your rights and protections will, under no circumstances, be diluted by any such transfer.
Our Data Protection Addendum, which forms part of the applicable service agreement between Dimensionless Technologies and its Customers and sets out the terms on which we Process Customer Personal Data as a processor/service provider, is available at https://dimensionless.ai/dpa.
Some examples of where we may sub-contract processing activities to third parties include data analytics (such as Google Analytics), cloud infrastructure and hosting, processing payments, and providing customer support.
Data Residency and Tenant Isolation
Where Dimensionless Technologies provides software products or platforms to Customers (such as PropelPro), Customer data is logically segregated on a per-tenant basis within our cloud infrastructure, hosted on Microsoft Azure, such that no Customer has access to another Customer's data. Data is encrypted both at rest and in transit.
Depending on the relevant product and the Customer's contractual arrangements, data may be hosted in Azure data centres located in India (Central India / South India) or other regions (such as UAE North) to meet applicable data residency requirements. Further details regarding data residency and tenant isolation for a specific product are set out in that product's privacy policy and/or the applicable service agreement.
Compelled Disclosure
In addition to the purposes set out in this Policy, we may disclose any data we collected or processed from you if it is required:
- under applicable law or to respond to a legal process, such as a search warrant, court order, or subpoena;
- to protect our safety, your safety, or the safety of others, or in the legitimate interest of any party in the context of national security, law enforcement, litigation, criminal investigation, or to prevent death or imminent bodily harm;
- if required in connection with legal proceedings brought against Dimensionless Technologies, its officers, employees, affiliates, customers, or vendors; or
- to establish, exercise, protect, defend, and enforce our legal rights.
Security of Your Personal Information
We implement industry-standard technical and organizational measures by using a variety of security technologies and procedures to help protect your data from unauthorized access, use, loss, destruction, or disclosure. When we collect particularly sensitive data, it is encrypted using industry-standard cryptographic techniques, including but not limited to SSL, TLS, and AES.
We adhere to the SOC 2 Type II framework (covering Security, Availability, and Confidentiality) and the ISO/IEC 27001 standard, an internationally recognized framework for Information Security Management Systems (ISMS). Our commitment to SOC 2 and ISO 27001 ensures that we follow rigorous security practices and maintain high standards for information security.
In compliance with the SPDI Rules, we adhere to the following reasonable security practices and procedures to protect your personal data:
| Measure | Description |
|---|---|
| Access Control | We ensure that access to personal data is granted only to authorized personnel on a need-to-know basis and that such access is logged and monitored. |
| Data Encryption | Sensitive personal data is encrypted both in transit and at rest using strong encryption methods. |
| Network Security | We employ secure network architecture, including firewalls and intrusion detection systems, to prevent unauthorized access. |
| Regular Audits | We conduct regular security audits and assessments to identify potential vulnerabilities and ensure compliance with our security policies. |
| Incident Management | We have established protocols for managing and responding to security incidents, including data breaches, to mitigate any potential impact on your personal data. |
| Employee Training | We conduct regular training programs for our employees to ensure they are aware of and comply with our security policies and procedures. |
| Third-Party Compliance | We ensure that any third-party service providers who handle personal data on our behalf adhere to equivalent security standards and practices. |
| Physical and Environmental Security | We have implemented robust physical security controls to protect our facilities from unauthorized access, damage, and interference. |
| Business Continuity Management | We have developed and tested business continuity plans to ensure the availability of critical information and systems in the event of a disruption. |
| Risk Assessment and Treatment | We conduct regular risk assessments to identify potential security threats and vulnerabilities, and implement appropriate risk treatment plans to mitigate identified risks. |
| Audit and Compliance | We conduct regular internal and external audits, including our SOC 2 Type II examination and ISO 27001 surveillance audits, to ensure compliance with these standards and to continuously improve our ISMS. |
Children's Privacy
Our Services are not directed to, and we do not knowingly collect personal data from, individuals under the age of 18. If you are under the age of 18, please do not use our Services or provide any personal data to us. If we become aware that we have inadvertently collected personal data from a person under the age of 18 without appropriate consent, we will take steps to delete such information as soon as reasonably possible.
Governing Law and Jurisdiction
This Policy, and any disputes or claims arising out of or in connection with it (including its subject matter, formation, or interpretation), shall be governed by and construed in accordance with the laws of India. The courts at Mumbai, Maharashtra shall have exclusive jurisdiction over any such disputes or claims.
Grievance Officer
The name and contact details of our Grievance Officer, who you may contact if you have any concerns, complaints, or feedback pertaining to this Policy, are as follows:
| NAME & DESIGNATION: | Kushagra Singhania, Chief Operating Officer |
| ADDRESS: | Dimensionless Technologies Private Limited, CIBA, Agnel Technical Complex, 6th Floor, Sector 9A, Vashi, Navi Mumbai, Maharashtra – 400703, India |
| EMAIL: | privacy@dimensionless.ai |