Privacy Policy
Last Updated: May 9, 2026
Operancia (“we,” “us,” or “our”) is committed to protecting the privacy and security of personal information. This Privacy Policy describes how we collect, use, disclose, and safeguard information when you visit our website operancia.com, engage our services, or interact with our customer support operations on behalf of our clients.
By accessing our website or utilizing our services, you agree to the practices described in this policy.
1. Information We Collect
We collect information in three capacities: as a service provider to our clients, as a controller of our own business operations, and through website interactions.
A. Information We Process on Behalf of Clients
As a business process outsourcing provider, we process customer data strictly according to client instructions. This may include:
- Contact details (name, email, phone number)
- Account information and support history
- Payment and transaction data (when authorized)
- Communication records (calls, chats, emails)
We do not own this data and process it solely as a data processor under executed Data Processing Agreements.
B. Information We Collect Directly
- Business contact information (name, title, company, email, phone)
- Proposal and contract details
- Billing and payment information
- Recruitment data (CVs, employment history)
- Website analytics and cookie data
C. Automatically Collected Information
- IP address, browser type, device information
- Pages visited, time spent, referral sources
- Cookies and similar tracking technologies
2. How We Use Information
We use collected information to:
- Deliver customer support and business process services as contracted
- Respond to inquiries and provide proposals
- Manage client relationships and service delivery
- Process payments and maintain business records
- Recruit and manage personnel
- Improve website functionality and security
- Comply with legal obligations
We do not sell personal information. We do not use client customer data for our own marketing purposes.
3. Legal Basis for Processing (GDPR)
For individuals in the European Economic Area, we process personal data based on:
- Performance of a contract
- Legitimate business interests
- Compliance with legal obligations
- Consent (where explicitly obtained)
4. Data Sharing and Disclosure
We share information only as necessary:
- With Clients: As required to deliver contracted services
- Service Providers: Vetted vendors for hosting, CRM, payment processing, and IT security (bound by confidentiality agreements)
- Legal Compliance: When required by law, court order, or government request
- Business Transfers: In connection with merger, acquisition, or asset sale
All subprocessors are subject to data protection agreements and security assessments.
5. Data Security
Operancia maintains administrative, technical, and physical safeguards aligned with SOC 2 principles:
- Encryption in transit and at rest
- Role-based access controls and multi-factor authentication
- Regular security assessments and penetration testing
- Employee confidentiality agreements and training
- Secure development and change management protocols
While we implement industry-standard measures, no system is completely secure. We maintain incident response procedures for data breaches.
6. International Data Transfers
As a Pakistan-based company serving global clients, data may be transferred and processed outside your jurisdiction. We implement appropriate safeguards including Standard Contractual Clauses and Data Processing Agreements to ensure adequate protection for international transfers.
7. Data Retention
We retain information only as long as necessary:
- Client data: Per contract terms and client instructions
- Business records: 7 years for legal and tax compliance
- Marketing contacts: Until opt-out or 3 years of inactivity
- Recruitment data: 2 years unless hired
Upon contract termination, client data is securely deleted or returned per agreement.
8. Your Rights
Depending on your jurisdiction, you may have rights to:
- Access, correct, or delete your personal information
- Restrict or object to processing
- Data portability
- Withdraw consent
- Lodge a complaint with a supervisory authority
For client customer data, please contact the relevant company directly. For Operancia-held data, submit requests to support@operancia.com. We respond within 30 days.
California Residents (CCPA): You have the right to know, delete, and opt-out of sale of personal information. We do not sell personal information.
9. Cookies and Tracking
Our website uses essential, analytics, and preference cookies. You may manage cookie preferences through your browser settings. Disabling cookies may affect website functionality.
We do not use cookies to track client customer data processed during service delivery.
10. Third-Party Links
Our website may contain links to third-party sites. We are not responsible for their privacy practices. Review their policies before providing information.
11. Children’s Privacy
Our services are not directed to individuals under 18. We do not knowingly collect children’s personal information.
12. Changes to This Policy
We may update this policy to reflect operational or legal changes. Material changes will be posted with an updated date. Continued use constitutes acceptance.
13. Contact Information
For privacy inquiries, data requests, or security concerns:
Operancia
Email: support@operancia.com
Website: www.operancia.com
For EU/UK representatives or Data Protection Officer contact details, please email privacy@operancia.com.