Aprex Industries is a technology entity registered in India. We operate the website aprex.in and related sub-domains, and we are the data fiduciary for the personal data described in this policy.
We collect only the minimum data required to operate this website. The following table lists every category of data we collect:
| Data | Why we collect it | Legal basis (DPDPA) | Retention |
|---|---|---|---|
| Email address | To create and manage your invited access account | Consent (you provided it to receive an invitation) | Until account deletion or 2 years of inactivity |
| Password hash | Authentication — we store a hash, never the password itself | Consent / legitimate interest (security) | Until account deletion |
| Session token | To keep you logged in without re-entering credentials | Consent (via cookie) | 7 days, auto-expiry |
| Login timestamp & IP address | Security audit log — detect unauthorised access | Legitimate interest (security) | 90 days, then deleted |
| Cloudflare access logs | Standard server logs — IP, page visited, timestamp | Legitimate interest (security, uptime) | As per Cloudflare's policy (typically 30 days) |
We do not collect: name, phone number, location data, device identifiers, browsing history, or any behavioural analytics. We do not use Google Analytics, Meta Pixel, or any third-party tracking scripts.
We use one session cookie only:
We do not use advertising cookies, tracking cookies, or analytics cookies of any kind. No third-party cookies are set by us. Cloudflare may set its own technical cookies as our infrastructure provider — see Cloudflare's Privacy Policy.
| Provider | What they handle | Data shared | Location |
|---|---|---|---|
| Cloudflare, Inc. | Website hosting, CDN, DDoS protection, database (D1), session storage (KV) | IP address, page visits, your encrypted data stored in D1/KV | USA / Global (Cloudflare complies with GDPR, SCCs in place) |
| Google Fonts | Serving web fonts (Cormorant Garamond, Instrument Sans, DM Mono) | Your IP address is sent to Google to load fonts | USA. Mitigatable by self-hosting fonts — contact us if this concerns you |
We do not use any other third-party services. No analytics providers, no advertising networks, no social media trackers.
Under the Digital Personal Data Protection Act 2023 (India), you have the following rights as a Data Principal:
To exercise any of these rights, email us at privacy@aprex.in with the subject line "DPDPA Rights Request". We will respond within 30 days. We may need to verify your identity before processing your request.
If you are unsatisfied with our response, you may escalate to the Data Protection Board of India once it is operational under the DPDPA 2023.
This website is not directed at children under the age of 18. We do not knowingly collect personal data from minors. Access to the confidential areas of this website is invite-only and restricted to adults. If you believe a minor has provided us with personal data, please contact privacy@aprex.in immediately and we will delete it.
We retain your data only as long as necessary for the purposes described in Section 2. Specifically:
Your data is stored on Cloudflare's infrastructure, which operates globally. Cloudflare is a US-based company that complies with GDPR through Standard Contractual Clauses and participates in applicable data transfer frameworks. Under India's DPDPA 2023, the Government of India may restrict transfers to certain countries — we will comply with any such restrictions when notified.
We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. For material changes, we will notify users with active accounts by email. Continued use of the website after changes are posted constitutes acceptance of the updated policy.
For any privacy-related questions, requests, or complaints: