Legal

Privacy Policy

Last updated: June 2026 · GrayOpus Technologies Pvt. Ltd.

We take privacy seriously. This policy explains what data we collect, why we collect it, and how we protect it. We never sell your data. We never train AI models on your conversations without your explicit consent.

1. Who We Are

TYVRA Pulse is a product of GrayOpus Technologies Pvt. Ltd., a company incorporated in India. Our registered office is in Delhi NCR, India.

For any privacy-related questions, contact us at: privacy@tyvra.io

2. What Data We Collect

We collect data in two categories:

Account and business data — information you provide when signing up or using the platform:

Organisation name, contact name, email address, phone number
Billing information (processed securely via payment partners — we do not store card details)
Configuration settings, bot knowledge base content, call flows
User accounts created within your organisation

Usage and interaction data — data generated when you use the platform:

Call recordings and transcripts (with customer consent as required)
WhatsApp, SMS, and Email message logs
Agent activity, call disposition, and performance metrics
Platform usage logs, session data, and error reports
IP addresses, browser type, and device information

3. How We Use Your Data

We use the data we collect to:

Provide, operate, and improve the TYVRA Pulse platform
Process your subscription and manage your account
Enable AI bot responses using knowledge base content you provide
Generate Coach scores and quality assessments on calls
Send service communications — onboarding, support, and billing notifications
Detect and prevent fraud, abuse, or security incidents
Comply with legal obligations under Indian law, including the DPDP Act 2023

We do not use your call recordings or conversation data to train our AI models unless you explicitly opt in to a data sharing programme.

4. Data Storage and Residency

All data is stored on Google Cloud Platform in the asia-south1 (Mumbai) region. Your data never leaves India unless you explicitly configure an international integration.

We maintain data backups in the same region. Retention periods are configurable per your compliance requirements.

5. PII and Sensitive Data Protection

We apply automatic redaction of Personally Identifiable Information (PII) before any data is processed by large language models. This includes:

Aadhaar numbers
PAN card numbers
Phone numbers in conversation bodies
Bank account and financial details

This redaction is applied at the infrastructure level and cannot be disabled. It is part of our DPDP Act 2023 compliance posture.

6. Data Sharing

We share data only in the following circumstances:

Service providers — We use third-party providers for specific functions (e.g. telephony, SMS delivery, email). These providers process data only on our instructions and are bound by data processing agreements.
Legal requirements — We may disclose data if required by law, court order, or government authority under applicable Indian law.
Business transfer — If GrayOpus Technologies is acquired or merges with another entity, data may be transferred as part of that transaction. We will notify you before this occurs.

We do not sell, rent, or trade your data to any third party for marketing or any other purpose.

7. Your Customer's Data — Processor vs Controller

When you use TYVRA Pulse to communicate with your customers, we act as a data processor on your behalf. You remain the data controller for your customers' data.

You are responsible for:

Obtaining necessary consent from your customers for recording and AI-processing of calls
Complying with applicable consumer communication regulations (TRAI, DPDP Act)
Responding to your customers' data rights requests

8. Security

We implement industry-standard security measures including:

TLS 1.2+ encryption for all data in transit
AES-256 encryption for data at rest
Role-based access control — users only access data they are authorised to see
Audit logs for all administrative actions
Regular security reviews and vulnerability assessments

In the event of a security breach affecting your data, we will notify you within 72 hours of becoming aware of the incident.

9. Your Rights

Under the DPDP Act 2023 and applicable law, you have the right to:

Access — request a copy of the data we hold about you
Correction — request correction of inaccurate data
Erasure — request deletion of your data (subject to legal retention requirements)
Portability — receive your data in a machine-readable format
Objection — object to specific processing activities

To exercise any of these rights, email us at privacy@tyvra.io. We will respond within 30 days.

10. Cookies and Tracking

Our website (tyvra.io) uses minimal cookies for session management and analytics. We do not use advertising cookies or third-party tracking pixels.

The platform itself (app.tyvra.io) uses session cookies required for authentication. These are strictly necessary and cannot be disabled.

11. Children's Privacy

TYVRA Pulse is a business software platform not directed at individuals under the age of 18. We do not knowingly collect data from minors.

12. Changes to This Policy

We may update this privacy policy from time to time. When we make material changes, we will notify you by email and update the "Last updated" date at the top of this page. Continued use of the platform after notification constitutes acceptance of the revised policy.

13. Contact Us

For any privacy questions or concerns:

Email: privacy@tyvra.io
General: hello@tyvra.io
Company: GrayOpus Technologies Pvt. Ltd., Delhi NCR, India