+1 (302) 404-2147
Arissa

Confidentiality & Privacy Guidelines

Arissa International Pvt.Ltd (“Arissa,” “we,” “us,” or “our”) values your privacy and is committed to safeguarding your personal information. This Privacy Policy (“Policy”) outlines the manner in which Arissa International collects, processes, uses, discloses, and protects personal information when you access or interact with all Arissa Services, including Arissa CRM, HubSpot Services, Onboarding, Design & Development, Free Portal Audit, Implementation, Managed Services, and CRM Migration & Integration (collectively, the “Platform” or “Services”).

This Policy applies in all circumstances except where we act solely as a data processor for our customers, in which case the collection, use, and handling of personal data are governed by the customer’s privacy policies and applicable contractual obligations.

When providing Arissa CRM services, our customers determine the purposes and means of processing personal data, such as:

  • Managing websites and digital services.
  • Sending communications or campaigns to their clients.
  • Storing, analyzing, or sharing data for operational purposes.

In such cases, we act as a data processor (Data Processor under the DPDP Act), and our customers’ privacy policies govern how your data is used.

By using the Platform, you consent to this Privacy Policy. If you do not agree, please do not use or access the Platform.

Customers are responsible for ensuring that they have obtained all necessary rights, permissions, notices, and consents required to submit personal data to Arissa for processing.

We collect information through three primary sources:

a) Information You Provide

  • Personal identifiers: name, email, phone number, organization details, and account credentials.
  • Payment or transactional details for subscriptions or purchases.
  • Information about others submitted through the Platform (with proper consent).

b) Information from Third Parties

  • Business contact directories, professional networks, and marketing affiliates.
  • Research partners, trade shows, and publicly available sources.

c) Information Collected Automatically

  • Device information: IP address, browser type, operating system, device type, and location.
  • Usage data: feature engagement, pages visited, analytics metrics.
  • Cookies, pixels, and other tracking technologies. See our Cookies & Tracking Policy for details.

Arissa uses cookies and similar tools across all Arissa Services, with a focus on Arissa CRM, to:

  • Ensure core functionality of the Platform and related services.
  • Analyze usage patterns to optimize workflows, Tetrus AI features, marketing automation, and reporting.
  • Deliver personalized or targeted communications across CRM and digital services.
  • Track engagement with emails, portals, and integrated third-party applications.

Users may manage or opt out of cookies via browser settings or Arissa’s Cookies Management Tool. For complete details, see our Cookies Policy.

Note: Cookies may be used differently for Arissa CRM features (analytics, AI-driven insights) compared to HubSpot Services, but all cookies remain within the secure environment of Arissa platforms.

Arissa uses your data for the following purposes:

  1. Platform Operation & Enhancement — Maintain, monitor, and improve services. Analyze platform usage and optimize features, including Tetrus AI, workflows, and reporting. For Portal Audit services, Arissa may review portal configuration, metadata, settings, workflows, reporting structures, and related operational information solely to generate audit findings and recommendations.
  2. AI & Automation Features — Support lead scoring, campaign optimization, and workflow recommendations. Arissa does not intentionally use customer data obtained through its services to train public or shared artificial intelligence models. Any use of AI technologies by Arissa is limited to providing, supporting, securing, or improving services and is subject to appropriate contractual and technical safeguards.
  3. Customer Support — Respond to inquiries, troubleshoot, and provide assistance.
  4. Business & Compliance Operations — Billing, audits, accounting, and legal obligations.
  5. Communications & Marketing — Provide updates, alerts, newsletters, and marketing content, respecting your preferences.
  6. Security & Fraud Prevention — Monitor and prevent unauthorized or illegal activity.
  7. Third-Party Integrations & Marketplace — Facilitate connections with email providers, payment processors, AI tools, and analytics services. Users may revoke access or permissions to integrations at any time.
  8. Legal & Regulatory Compliance — Meet obligations under applicable laws, including India’s Digital Personal Data Protection Act, 2023 (DPDP Act) and the Digital Personal Data Protection Rules, 2025, the Information Technology Act, 2000 and the SPDI Rules, 2011, the EU/UK General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable regulations.
  9. No Liability for Customer Misuse — Arissa shall not be responsible or liable for any misuse, disclosure, or unauthorized processing of data by customers or third parties integrating with the Platform.

Legal Basis for Processing

Based on your jurisdiction, processing may rely on your consent, the necessity to perform a contract, compliance with legal obligations, or legitimate interests that do not infringe upon your rights. Under India’s DPDP Act, personal data is processed on the basis of consent or certain legitimate uses permitted by the Act.

We implement comprehensive safeguards, including:

  • Encryption of data in transit and at rest.
  • Multi-factor authentication and secure access controls.
  • Regular audits, monitoring, and risk assessments.
  • Subprocessors are required to maintain equivalent security standards.

While we strive for robust protection, no system is entirely secure. Report suspected breaches immediately.

In the unlikely event of a data breach:

  • We will promptly investigate and mitigate risks.
  • Users affected will be notified according to applicable laws and within prescribed timelines, including notification to the Data Protection Board of India under the DPDP Act where applicable.

Users may post, upload, or share content on the Platform. By doing so:

  • You affirm you have the right to share the content.
  • You grant Arissa a license to operate, display, and use the content to provide Platform services.

We may share data with:

  • Affiliates & Subsidiaries: For internal operations.
  • Service Providers: Supporting infrastructure, analytics, marketing, and customer support. Service providers may include cloud infrastructure providers, analytics platforms, AI service providers, customer support systems, and professional advisors engaged in supporting Arissa services.
  • Partners & Integrations: For joint offerings or functionality.
  • Advertising & Marketing Vendors: Using aggregated or anonymized data.
  • Social Networks: If you connect accounts.
  • Corporate Transactions: Mergers, acquisitions, or asset sales.
  • Legal Requirements: When mandated by law or government authorities.

We do not sell personal information unless explicitly allowed by law.

  • Personal data is retained only as long as necessary for Platform operation, compliance, or contractual purposes.
  • Certain categories have specific retention timelines (e.g., payment data may be retained for 7 years for accounting purposes).
  • Data no longer needed will be securely deleted or anonymized.

The Platform may use AI for lead scoring, campaign recommendations, and workflow optimization. Where legally required, users may request information regarding significant automated processing activities affecting their personal data.

Arissa CRM is a global platform, and your personal information may be processed or stored in countries outside your country of residence, including India, where data protection laws may differ from those in your jurisdiction.

We implement appropriate safeguards to ensure that any international data transfer complies with applicable legal frameworks, such as:

  • Standard Contractual Clauses (SCCs)
  • Data Processing Agreements
  • Contractual confidentiality obligations
  • Other legally recognized cross-border transfer mechanisms

Under India’s DPDP Act, personal data may be transferred outside India except to any country or territory that the Government of India restricts by notification.

These measures help ensure that your personal information receives a consistent level of protection, regardless of location.

The Services are intended for business and professional use and are not directed toward children under the age of 18.

If you believe that a child under 18 has provided personal data through the Platform, please contact us immediately. Upon verification, we will take prompt action to delete the data in compliance with applicable laws and regulations. Under India’s Digital Personal Data Protection Act, 2023, individuals under 18 are treated as children, and their personal data may be processed only with verifiable parental consent.

Our Platform may contain links to third-party websites, applications, or services for your convenience.

Arissa is not responsible for the privacy practices, security measures, or content of these external sites. We encourage you to review the privacy policies and terms of service of any third-party websites you visit, as their practices may differ from those outlined in this Policy.

Arissa is committed to ensuring that the Platform is accessible to all users, including individuals with disabilities.

We strive to comply with recognized accessibility standards and continuously work to enhance the user experience. If you encounter accessibility issues or require assistance using the Platform, please contact our support team, and we will make reasonable efforts to accommodate your needs.

Depending on your jurisdiction, you may have the right to:

  • Access, correct, delete, or restrict your personal data.
  • Withdraw consent to processing.
  • Object to or opt out of the marketing or sale of personal information.
  • Request data portability.

Regional Examples:

  • EU/UK/Swiss: GDPR-compliant rights, including complaints to supervisory authorities.
  • U.S.: CCPA/CPRA rights to opt-out, non-discrimination, and deletion.
  • India: Under the Digital Personal Data Protection Act, 2023, you have the right (as a Data Principal) to access a summary of your personal data and how it is processed, to seek correction and erasure, to grievance redressal, and to nominate another person to exercise your rights. Unresolved grievances may be escalated to the Data Protection Board of India.
  • Australia: Access and correction under the Australian Privacy Act.
  • Canada: PIPEDA rights, with additional rights for Quebec residents.

Requests are verified for identity and handled within statutory timeframes.

All content, materials, software, methodologies, reports, branding, and intellectual property made available through the Platform or Services, including text, graphics, logos, and code, are the exclusive property of Arissa International.

Unauthorized copying, distribution, modification, or reproduction of any portion of the Platform is strictly prohibited. All rights not expressly granted herein are reserved.

Arissa may update this Privacy Policy periodically to reflect changes in legal requirements, Platform functionality, or operational practices.

All updates will be clearly posted with a revised “Last Updated” date. Your continued use of the Platform after such updates constitutes acceptance of the updated Policy. We encourage users to review this Policy regularly to stay informed of any changes.

Jurisdiction Alignment with Terms & Conditions

All disputes or claims arising from this Privacy Policy shall be subject to the exclusive jurisdiction of the courts of Bengaluru, Karnataka, India. For international users, disputes shall be resolved through online arbitration with the seat of arbitration in Bengaluru, India, in accordance with Indian law.

Privacy & Grievance Officer

Email: info@arissainternational.com

India Office:
No. 98/2, 2nd Floor,
SC Complex, Surabhi Nagar West,
8th Phase, J.P. Nagar,
Bengaluru, Karnataka 560076, India

USA Office White 1 720 McColley St, Milford, DE 19963, USA 

Email: info@arissainternational.com

India Office No. 98/2, 2nd Floor, SC Complex, Surabhi Nagar West, 8th Phase, J. P. Nagar, Bengaluru, Karnataka 560076, India Email: info@arissainternational.com Website: arissainternational.com

We collect the information You provide to us and this information is necessary for the adequate performance of the contractual arrangement which is in place between You and us and allow us to comply with our legal obligations.
  • Account Signup Information. When You create the account, we ask You to provide the signup information, such as Email, Name, Surname, Phone, Personal Number.
  • Communications, Chats, Messaging. When you communicate with us through email or any other way, we collect information about your communication and any information You choose to provide or disclose. In order to answer your request, we may access information provided by email, chats, purchase history, etc.
  • Payment Information. To order and use features of Site, we may require you to provide certain financial information in order to facilitate the processing of payments. We collect your Name and surname.
  • Other Personal Information Provided by You. We may collect other data provided by You from surveys, feedback, financial information (purchase history), Contact Form and other similar data.