Privacy Policy

Last updated: April 22, 2026

Welcome to Social Spark Agency ("we", "our", "us", or "the Company"). We are a digital marketing and web development agency based in Bhopal, Madhya Pradesh, India. We operate the website https://socialsparkagency.in (hereinafter referred to as the "Service" or "Website").

This Privacy Policy describes how we collect, use, process, disclose, and safeguard your personal and non-personal information when you visit our Website, use our services, or interact with us. By accessing or using our Website, you signify your acceptance of this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access the Website.

This Privacy Policy is published in compliance with:

• The Information Technology Act, 2000 and the Rules thereunder (India)
• The Digital Personal Data Protection Act, 2023 (DPDP Act) (India)
• The General Data Protection Regulation (GDPR) (European Union / United Kingdom)
• The California Consumer Privacy Act (CCPA) and CPRA (USA)
• Google AdSense and Google Analytics disclosure requirements

1. Information We Collect

1.1 Personal Information You Provide Voluntarily

We collect personal information that you voluntarily provide to us when you:

• Fill out our contact form or "Get a Free Quote" form
• Subscribe to our newsletter or blog updates
• Reach out to us via WhatsApp, email, or phone
• Post comments on our blog (if the feature is enabled)
• Engage us for any of our services

The personal information we may collect includes:

• Identity Data: First name, last name, company name, job title
• Contact Data: Email address, phone number, mailing address
• Communication Data: Content of your messages, project requirements, preferences
• Financial Data: Billing address, GST number (for Indian clients), and payment details (processed securely via third-party payment gateways — we do not store card information on our servers)
• Marketing Data: Your preferences in receiving marketing communications

1.2 Information Collected Automatically

When you visit our Website, we automatically collect certain information about your device and browsing activity:

• Device Information: Device type, operating system, browser type and version, screen resolution
• Log Data: IP address, access times, referring URLs, pages viewed, duration of visit, clickstream data
• Location Data: Approximate geographic location derived from IP address (city/country level, not precise GPS)
• Usage Data: Pages visited, links clicked, scroll depth, interactions with forms

1.3 Log Files

Like many websites, we use log files that record IP addresses, browser type, Internet Service Provider (ISP), date/time stamps, referring/exit pages, and click data. This information is used for analyzing trends, administering the Website, tracking user movement, and gathering demographic information. This data is not linked to any personally identifiable information.

2. How We Use Your Information

We use the collected information for the following purposes:

• To respond to your inquiries and provide requested services
• To prepare quotations, proposals, and service agreements
• To deliver, operate, and maintain our services
• To send transactional emails (order confirmations, invoices, project updates)
• To send marketing communications, newsletters, and promotional content (only with your explicit consent, and you can unsubscribe anytime)
• To personalize your experience and improve the Website
• To detect, prevent, and address technical issues, fraud, or security breaches
• To analyze usage patterns and improve our content and services
• To comply with legal obligations and enforce our Terms & Conditions
• To serve relevant advertisements via Google AdSense and other ad networks (see Section 5)

3. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA) or the United Kingdom, we process your personal data on one or more of the following legal bases:

• Consent: You have given us explicit consent (e.g., cookie consent, newsletter signup)
• Contract: Processing is necessary for the performance of a contract (e.g., service delivery)
• Legal Obligation: Processing is required to comply with applicable law
• Legitimate Interest: Processing is necessary for our legitimate business interests (e.g., fraud prevention, direct marketing of similar services) and does not override your rights

4. Cookies and Tracking Technologies

4.1 What Are Cookies?

Cookies are small data files placed on your device that help websites recognize you on return visits, remember preferences, and provide analytical data. They do not typically contain information that personally identifies you, but they may be linked to personal information we store.

4.2 Types of Cookies We Use

Cookie Type	Purpose	Duration
Strictly Necessary	Essential for Website functionality (e.g., security, form submissions)	Session
Preferences	Remember your choices (language, region, consent)	Up to 1 year
Analytics	Track Website usage via Google Analytics	Up to 2 years
Advertising	Deliver personalized ads via Google AdSense and partners	Up to 13 months

4.3 Managing Cookies

You can control cookies through your browser settings — most browsers allow you to view, manage, delete, and block cookies. Please note that disabling cookies may affect the functionality of our Website. You can also manage your cookie consent preferences through our cookie banner on your next visit.

Useful resources:

• All About Cookies
• Your Online Choices (EU)
• Network Advertising Initiative Opt-Out

5. Google AdSense & Advertising Partners

Our Website may display advertisements served by Google AdSense, a third-party advertising service provided by Google LLC. Google AdSense uses cookies and similar technologies to serve ads based on your prior visits to our Website and other websites across the Internet.

5.1 DART Cookie and Personalized Ads

Google, as a third-party vendor, uses cookies to serve ads on our Website. Google's use of the DART cookie enables it and its partners to serve ads based on your visits to our Website and/or other sites on the Internet. Users may opt out of personalized advertising by visiting the Google Ads Settings page.

5.2 Third-Party Ad Vendors

Third-party vendors, including Google, use cookies to serve ads based on a user's previous visits to our Website. Google's use of advertising cookies enables it and its partners to serve ads to our users based on their visit to our Website and/or other sites on the Internet.

Users may opt out of personalized advertising by visiting:

• Google Ads Settings
• Digital Advertising Alliance (DAA)
• European Interactive Digital Advertising Alliance (EDAA)

5.3 EEA/UK Users — Consent Management

For users located in the European Economic Area (EEA) and the United Kingdom, we use a Google-certified Consent Management Platform (CMP) to obtain your consent before serving personalized ads, in compliance with the ePrivacy Directive and GDPR.

5.4 Third-Party Advertising Partners' Privacy Policies

We have no control over, and assume no responsibility for, the content, privacy policies, or practices of any third-party advertising partners. You may review the privacy policies of these partners:

• Google Advertising Privacy & Terms
• Google Privacy Policy

6. Google Analytics

We use Google Analytics, a web analytics service provided by Google LLC, to understand how visitors interact with our Website. Google Analytics uses cookies to collect information such as the number of visitors, the pages they visit, and the time spent on each page.

Google Analytics data is used in aggregated and anonymized form. We have enabled IP anonymization to ensure that IP addresses are truncated before being stored.

You can opt out of Google Analytics tracking by installing the Google Analytics Opt-out Browser Add-on.

For more information: Google Privacy Policy

7. Third-Party Services

We may use the following third-party services, each of which has its own privacy policy:

• Cloudflare — Content Delivery Network and security (privacy policy)
• Google reCAPTCHA — Spam protection on forms (privacy policy)
• Email Service Providers — For transactional and marketing emails
• WhatsApp Business — For customer communication (privacy policy)
• Payment Gateways (e.g., Razorpay, PayPal) — For processing payments securely

8. Data Sharing and Disclosure

We do not sell, rent, or trade your personal information to third parties for their marketing purposes. We may share your information in the following limited circumstances:

• Service Providers: With trusted vendors who perform services on our behalf (hosting, analytics, email delivery, payment processing), bound by confidentiality obligations
• Legal Requirements: When required by law, court order, or governmental request, or to protect our rights, property, or safety
• Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction (with notice to you)
• With Your Consent: When you have given explicit permission

9. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including to meet legal, accounting, or reporting obligations:

• Inquiry/Contact form submissions: Up to 24 months
• Client project data: For the duration of the engagement + 7 years (for tax and legal compliance)
• Newsletter subscribers: Until you unsubscribe
• Analytics data: Up to 26 months (Google Analytics default)
• Cookies: As specified in Section 4.2

After these periods, data is either deleted or fully anonymized.

10. Data Security

We implement commercially reasonable technical and organizational security measures to protect your personal information, including:

• SSL/TLS encryption (HTTPS) for all data in transit
• Secure, hashed password storage
• Access control and role-based permissions for staff
• Regular security audits and software updates
• Firewalls, intrusion detection, and DDoS protection via Cloudflare
• Secure backup procedures

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee absolute security.

11. International Data Transfers

Your information may be transferred to — and maintained on — servers located outside your state, province, country, or jurisdiction, where data protection laws may differ from those in your location. Google Analytics, AdSense, and certain service providers operate globally. By using our Website, you consent to such transfers, and we ensure that appropriate safeguards (such as Standard Contractual Clauses) are in place where required.

12. Children's Privacy

Our Service is not directed to children under the age of 13 (or the age of digital consent in your jurisdiction, whichever is higher). We do not knowingly collect personally identifiable information from children. If you are a parent or guardian and you become aware that your child has provided us with personal information, please contact us immediately at contact@socialsparkagency.in and we will take steps to remove such information.

13. Your Rights Under GDPR (EU/UK Users)

If you are located in the EEA or UK, you have the following rights:

• Right to Access: Request a copy of the personal data we hold about you
• Right to Rectification: Request correction of inaccurate or incomplete data
• Right to Erasure ("Right to be Forgotten"): Request deletion of your personal data
• Right to Restriction: Request limitation of processing
• Right to Data Portability: Receive your data in a structured, machine-readable format
• Right to Object: Object to processing based on legitimate interests or direct marketing
• Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent
• Right to Lodge a Complaint: With a supervisory authority (e.g., ICO in the UK)

To exercise these rights, contact us at contact@socialsparkagency.in. We will respond within 30 days.

14. Your Rights Under CCPA (California Users)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information is collected and how it is used
• Right to request deletion of personal information
• Right to opt out of the sale of personal information (Note: we do not sell personal information)
• Right to non-discrimination for exercising your CCPA rights

To exercise your CCPA rights, email us at contact@socialsparkagency.in with the subject line "CCPA Request".

15. Your Rights Under India's DPDP Act 2023

If you are a resident of India, you have the following rights under the Digital Personal Data Protection Act, 2023:

• Right to Access Information: About your personal data being processed
• Right to Correction and Erasure: Of your personal data
• Right to Grievance Redressal: Via our Grievance Officer (see Section 20)
• Right to Nominate: Another individual to exercise your rights in case of incapacity or death
• Right to Withdraw Consent: At any time, where processing is based on consent

16. Do Not Track Signals

Some browsers transmit "Do Not Track" (DNT) signals. Because there is no common industry standard for DNT signals, we currently do not respond to DNT browser requests. However, you can still control data collection via the opt-out methods described in this Privacy Policy.

17. Marketing Communications

We send marketing emails only to individuals who have explicitly opted in. Every marketing email includes an "Unsubscribe" link. You can also email us at contact@socialsparkagency.in to be removed from our marketing lists. Please note that you will continue to receive transactional emails related to services you have engaged us for.

18. Social Media Features

Our Website may include social media features (such as share buttons, WhatsApp chat widget, Facebook/Instagram icons). These features may collect your IP address and the page you are visiting, and may set a cookie to function properly. Your interactions with these features are governed by the privacy policies of the respective companies.

19. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal requirements. When we make material changes, we will:

• Update the "Last updated" date at the top of this page
• Post a prominent notice on our Website
• Notify registered users via email where appropriate

We encourage you to review this Privacy Policy periodically. Your continued use of the Website after any changes constitutes acceptance of the updated policy.

20. Contact Us & Grievance Officer

20.1 General Inquiries

For any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Social Spark Agency
Office Number 213, 3rd Floor, Gurukripa Tower, Kolar Road,
Bhopal, Madhya Pradesh 462042, India
Email: contact@socialsparkagency.in
Phone: +91 8224808653

20.2 Grievance Officer (India — DPDP Act 2023 & IT Rules 2011)

In accordance with the Information Technology Act, 2000, the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, and the Digital Personal Data Protection Act, 2023, the details of the Grievance Officer are provided below:

Grievance Officer: Lokesh Rathore
Designation: Founder & Data Protection Officer
Email: contact@socialsparkagency.in
Address: Office Number 213, 3rd Floor, Gurukripa Tower, Kolar Road, Bhopal, MP 462042
Response time: Within 15 working days of receipt of complaint

---

By using our Website, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy.