Privacy Policy
Effective Date: June 29, 2024
Jyaba ("we," "us," or "our") is committed to protecting your privacy and handling data responsibly. This Privacy Policy explains how we collect, use, process, store, share, and protect information across our website (jyaba.com), our web data extraction and scraping services, and our data engineering and pipeline solutions (collectively, the "Services").
By using our website or engaging our Services, you acknowledge that you have read and understood this Policy. If you do not agree with our practices, please do not use our website or Services.
Key Definitions
To clarify our data practices, the following terms are used throughout this Policy:
Personal Data: Any information relating to an identified or identifiable natural person.
Website Data: Data collected directly from visitors and users of the Jyaba website (e.g., contact form submissions, cookies, analytics).
Service Data (Scraped Data): Publicly available information we extract from the internet on behalf of our clients as part of our core business. We do not seek to collect Personal Data as Service Data.
Client Data: Information provided by our clients to initiate and manage a service contract (e.g., contact details, billing information, project specifications).
Pipeline Data: Data that our clients route through, store in, or process within data engineering pipelines, warehouses, or infrastructure that we build, configure, or operate on their behalf.
Controller: The party that determines the purposes and means of processing Personal Data.
Processor: The party that processes Personal Data on behalf of, and under the instructions of, a Controller.
Our Roles: Controller and Processor
Our responsibilities under data protection law depend on the context:
As a Controller: We act as a Controller for Website Data and Client Data — we decide why and how this information is processed.
As a Processor: When we deliver scraping projects, build or operate data pipelines, or process Pipeline Data on a client's instructions, we generally act as a Processor. In these cases, the client is the Controller and is responsible for establishing a lawful basis for the processing. Where required, we enter into a Data Processing Agreement (DPA) that governs these obligations.
Information We Collect
We collect information in several contexts: from website visitors, from clients, and in the course of delivering our Services.
A. Data from Website Visitors (Website Data)
We collect this data when you browse our site, contact us, or request resources:
Contact Information: Name, email address, phone number, and company name submitted through forms (e.g., Contact Us, Request a Quote).
Technical Data: IP address, browser type, device details, pages viewed, time spent on the site, and referral sources, collected via cookies and analytics tools (such as Google Analytics).
Communications: The content of messages, emails, and support requests you send to us.
B. Client Data
When you engage us, we collect details necessary for project delivery, billing, and communication, including company information, billing details, authorized contacts, and project requirements.
C. Service Data (Extracted Data)
We extract publicly accessible data from the internet according to client specifications. While our methods target non-personal data (e.g., product prices, business listings, market data), this data may occasionally include Personal Data that was already publicly available on the source website.
D. Pipeline Data
When we build or operate data engineering pipelines, ETL/ELT processes, data warehouses, or analytics infrastructure, data may flow through systems we configure. We process this data strictly under our client's instructions and for the purposes defined in the applicable service agreement.
How We Use the Data
We use the data we collect to operate our business and deliver our Services:
To Fulfill Services: To execute and deliver contracted web data extraction, data engineering, and pipeline Services.
To Communicate: To respond to your requests, provide customer support, and send service-related notifications.
Marketing: To send promotional information about our Services where you have opted in. You can unsubscribe at any time.
Security & Improvement: To maintain the security and functionality of our website and Services, and to analyze trends to improve our offerings.
Billing & Administration: To process payments, manage accounts, and maintain business records.
Compliance: To meet legal obligations, enforce our agreements, and resolve disputes.
Legal Bases for Processing
Where applicable law (such as the GDPR) requires a legal basis to process Personal Data, we rely on one or more of the following:
Contract: Processing necessary to provide Services you or your organization have requested.
Legitimate Interests: Processing necessary for our legitimate business interests (e.g., security, service improvement, B2B marketing), provided these do not override your rights.
Consent: Where you have given consent, such as for certain cookies or marketing communications.
Legal Obligation: Processing required to comply with the law.
How We Share Your Data
We do not sell Personal Data. We share data only in the following contexts:
Client Fulfillment: We deliver Service Data to the client who commissioned the project, as required by the contract.
Service Providers (Sub-processors): We engage trusted third parties (e.g., cloud hosting, payment processing, analytics, communication tools) to help us operate. These parties are contractually bound to protect data and process it only on our instructions.
Legal Obligation: We may disclose data when legally required, such as in response to a court order, subpoena, or lawful government request, or to protect our rights and the safety of others.
Business Transfer: If Jyaba is involved in a merger, acquisition, or sale of assets, data may be transferred as part of that transaction.
Sub-processors and Cloud Infrastructure
We rely on reputable cloud and infrastructure providers to host and run our Services and client pipelines. We select sub-processors that maintain appropriate security and data protection standards, and we maintain agreements requiring them to protect data accordingly. A current list of key sub-processors is available to clients on request.
International Data Transfers
We operate internationally, and your data may be processed in countries other than your own. Where we transfer Personal Data across borders, we implement appropriate safeguards, such as standard contractual clauses or transfers to jurisdictions recognized as providing adequate protection, in line with applicable law.
Cookies and Tracking Technologies
Our website uses cookies and similar technologies to operate the site, remember preferences, and understand usage:
Essential Cookies: Required for the website to function.
Analytics Cookies: Help us understand how visitors use the site so we can improve it.
Marketing Cookies: Used, where applicable, to measure and improve our marketing.
You can control or disable cookies through your browser settings. Disabling certain cookies may affect website functionality.
Data Security
We employ technical and organizational measures to protect data against unauthorized access, disclosure, alteration, and destruction. These include encryption in transit and at rest where appropriate, access controls and least-privilege permissions, secure infrastructure, monitoring, and regular review of our practices. However, no method of internet transmission or electronic storage is 100% secure, and we cannot guarantee absolute security.
Data Retention
We retain Personal Data only for as long as necessary to fulfill the purposes described in this Policy, to comply with legal, accounting, or reporting obligations, and to resolve disputes. For Service Data and Pipeline Data processed on behalf of clients, retention and deletion are governed by the applicable service agreement; we delete or return such data on request or contract termination, subject to legal requirements.
Ethical Data Collection
We are committed to responsible and lawful data collection. Our scraping practices are designed to focus on publicly available information, respect reasonable technical and contractual access controls, and avoid collecting sensitive Personal Data wherever possible. We work with clients to ensure projects have a legitimate purpose and comply with applicable laws.
Your Data Protection Rights
Depending on your jurisdiction (e.g., under the GDPR for European residents or the CCPA/CPRA for California residents), you may have the right to:
Where we process Personal Data as a Processor on behalf of a client, requests should generally be directed to the relevant client (the Controller); we will support our clients in responding to such requests. To exercise your rights directly with us, or to request the removal of Personal Data that may appear in Service Data, please contact us using the details below. We will respond within the time frame required by applicable law and may need to verify your identity first.
Children's Privacy
Our website and Services are intended for businesses and are not directed at children under the age of 16. We do not knowingly collect Personal Data from children. If you believe a child has provided us with Personal Data, please contact us so we can delete it.
Third-Party Links
Our website may contain links to third-party websites or services that we do not control. This Policy does not apply to those sites, and we encourage you to review their privacy policies.
Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, or legal requirements. We will post the updated version on this page and revise the "Effective Date" above. Material changes may be communicated through additional notice where appropriate. Your continued use of our website or Services after changes take effect constitutes acceptance of the updated Policy.
Contact Information
If you have questions or concerns about this Privacy Policy or our data practices, or wish to exercise your rights, please contact us:
Email: contact@jyaba.com
Address: Fulbari, Pokhara, Nepal