FeaturesModulesSecurityPricingSignupAboutContact
Sign Up
Privacy

Cookie Policy

How GateFlux uses cookies and similar tracking technologies on its Platform and website.

Version 1.2Effective: 28 Feb, 2026Last Reviewed: 28 Feb, 2026

GateFlux Pvt. Ltd. ("GateFlux", "we", "us") uses cookies and similar tracking technologies on the GateFlux Platform and website. This Policy complies with the Digital Personal Data Protection Act, 2023 (India), the Information Technology Act, 2000, and the GDPR (EU) 2016/679 where applicable.

1.What Are Cookies?

Cookies are small text files placed on your device when you access a website or web-based platform. Some cookies may collect or store information that qualifies as personal data, including:

  • IP addresses and device identifiers
  • Browser type and version
  • Usage behaviour and session data

Under Indian law, such data may constitute "digital personal data."

2.Categories of Cookies Used

2.1 Strictly Necessary Cookies

Purpose: Authentication, session management, security enforcement, and load balancing.

Legal Basis: DPDP — Legitimate use necessary for service provision. GDPR — Article 6(1)(b) Contractual necessity / Article 6(1)(f) Legitimate interests.

These cookies do not require prior consent and cannot be disabled without impairing core platform functionality.

2.2 Functional Cookies

Purpose: Remember user preferences and improve usability.

Legal Basis: DPDP — Explicit consent. GDPR — Article 6(1)(a) Consent.

Disabled by default until you opt in via the cookie banner.

2.3 Analytics Cookies (If Enabled)

Purpose: Usage analytics, performance monitoring, and feature improvement.

Legal Basis: DPDP — Explicit, unambiguous consent prior to placement. GDPR — Article 6(1)(a) Consent.

Disabled by default until consent is explicitly given.

2.4 Third-Party Cookies

GateFlux may use third-party service providers that set cookies, including:

  • Google Analytics (if enabled by user consent)
  • Cloudflare (security and performance services)
  • Payment processors (e.g., Razorpay or similar providers)

Such third parties are bound by Data Processing Agreements (DPAs), contractual confidentiality obligations, and Standard Contractual Clauses where applicable for EU data transfers.

3.Consent Requirements — India (DPDP)

Under the Digital Personal Data Protection Act, 2023:

  • Non-essential cookies are not deployed until explicit consent is obtained
  • Consent must be free, specific, informed, and unambiguous
  • Pre-ticked boxes are not used
  • Silence or inactivity does not constitute consent

You must actively select one of the following:

  • "Accept All" — enables all cookie categories
  • "Reject Non-Essential" — only essential cookies are placed
  • Granular category preferences via the cookie settings panel

Consent records are securely logged with timestamp and policy version.

4.Cookie Banner Implementation

GateFlux implements the following consent controls:

  • First-visit consent banner with clear category descriptions
  • Equal visual prominence for Accept and Reject options
  • Granular consent controls per cookie category
  • Blocking of non-essential scripts prior to consent

Consent logs may include timestamp, preferences selected, policy version, and device/browser metadata where legally permissible.

5.Withdrawal of Consent

You may withdraw cookie consent at any time by:

  • Accessing cookie settings via the website footer
  • Adjusting your browser settings to block or delete cookies
  • Contacting us at privacy@gateflux.co

Withdrawal stops future placement of non-essential cookies. Withdrawal is as straightforward as granting consent.

6.Data Retention for Cookie Data

Cookie-derived data is retained only as long as necessary for:

  • Analytics processing and performance monitoring
  • Security monitoring and fraud prevention
  • Legal compliance obligations

Inactive cookie identifiers may be deleted after 3 years in line with DPDP Draft Rules (2025), unless renewed consent applies.

7.International Transfers

Where third-party providers are located outside India:

  • Transfers are governed by contractual safeguards and DPAs
  • EU transfers rely on Standard Contractual Clauses (SCCs)
  • Primary hosting occurs within India (e.g., AWS Mumbai region)

8.Legal Basis Summary

Cookie TypeIndia (DPDP)GDPR
EssentialLegitimate useContractual necessity / Legitimate interest
FunctionalExplicit consentConsent
AnalyticsExplicit consentConsent
Third-PartyExplicit consentConsent

9.Updates to This Policy

Material updates will be notified via:

  • A website banner displayed at your next visit
  • A notification within the Platform interface

Continued use of the Platform after updates constitutes acceptance.

10.Version History

VersionDateDescription
1.028 Feb, 2026Initial release
1.128 Feb, 2026Added DPDP compliance & consent logging
1.228 Feb, 2026Added third-party examples, formalised consent controls, version history

11.Contact Information

GateFlux Pvt. Ltd., Godavari Homes, Quthbullapur, Hyderabad 500067, Telangana, India
Email: privacy@gateflux.co
Response timeline: Within 30 days

Cookie consent questions:

privacy@gateflux.co
Book Demo