Privacy Policy

General Information

This Privacy Policy explains how Lejit AI Software Private Limited, doing business as Lejit.ai (hereinafter, “Lejit”, “we”, “us”, or “our”), processes personal data when you access or use the website https://lejit.ai (the “Site”) and the services offered through it (the “Services”).

This Privacy Policy is drafted in accordance with:

• The Digital Personal Data Protection Act, 2023 (India) (“DPDP Act”); and
• Globally recognised data protection standards, including the GDPR, where applicable.

“Personal Data” means any data about an individual who is identifiable by or in relation to such data.

Please read this Privacy Policy carefully before using the Site or Services.

Data Fiduciary / Data Controller

For the purposes of the DPDP Act, Lejit AI Software Private Limited acts as the Data Fiduciary.

For other jurisdictions, Lejit acts as the Data Controller.

Personal Data We Collect

We may collect personal data directly from you, automatically through your use of the Site, or from third parties.

1. Personal data collected directly from you

This may include:

• Identity and contact data: name, email address, telephone number
• Account data: username, password
• Professional data: employer name, designation, role
• Preference and usage data: selected features, settings, or preferences
• Communications: information shared when contacting us or using support features
• Any other information you voluntarily provide

2. Personal data collected from third parties

We may receive professional or contact details from your employer or organisation that has enabled your access to the Services.

3. Personal data collected automatically

When you use the Site, we may automatically collect:

• IP address
• Browser and device information
• Usage and interaction data
• Log files and security data

Further details are available in our Cookie Policy.

Purpose and Legal Basis for Processing

We process personal data only for lawful purposes and in accordance with applicable laws.

1. Processing under the DPDP Act (India)

Under the DPDP Act, we process personal data on the following bases:

2. Processing under global data protection laws

Where applicable (e.g., GDPR), we process personal data based on:

• Performance of a contract
• Legitimate interests
• Legal obligations
• Consent (where required)

How We Use Personal Data

We use personal data to:

• Provide, operate, and maintain the Site and Services
• Manage user accounts and access
• Communicate with users and respond to enquiries
• Improve performance, functionality, and user experience
• Conduct analytics and generate aggregated insights
• Send service-related or promotional communications (with opt-out options)
• Ensure security, compliance, and legal obligations

Children’s Data

Lejit does not knowingly collect or process personal data of children.

For the purposes of the DPDP Act, a child means any individual below 18 years of age.

Our Site and Services are not intended for children.

If we become aware that personal data of a child has been collected without verifiable parental or guardian consent, we will take reasonable steps to delete such data as soon as possible.

We do not engage in tracking, profiling, or targeted advertising directed at children.

If you believe that a child’s personal data has been provided to us, please contact us at hello@lejit.ai.

Sharing of Personal Data

We may share personal data with:

• Service providers / Data Processors (e.g., IT infrastructure, analytics, customer support)
• Professional advisors (legal, compliance, auditors)
• Regulatory or government authorities, where required by law

All service providers are bound by contractual obligations to protect personal data and process it only on our instructions.

Cross-Border Data Transfers

Personal data may be processed or stored outside India or your country of residence, including in jurisdictions with different data protection laws.

Where such transfers occur, Lejit ensures that:

• Transfers comply with the DPDP Act and applicable global laws
• Appropriate contractual and technical safeguards are in place

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including:

• Duration of your relationship with Lejit
• Compliance with legal and regulatory obligations
• Resolution of disputes and enforcement of agreements

Security logs may be retained for up to one (1) year. Once retention periods expire, data is securely deleted or anonymised.

Your Rights

1. Rights under the DPDP Act (India)

• Access information about how your personal data is processed
• Request correction or completion of inaccurate data
• Request erasure of personal data no longer necessary
• Withdraw consent at any time
• Nominate another individual to exercise your rights in case of death or incapacity
• File a grievance or complaint

2. Global data subject rights

Where applicable, you may also have rights to:

• Data portability
• Restriction or objection to processing
• Lodge a complaint with a supervisory authority

Changes to this Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated “Last updated” date.

Your continued use of the Site after such updates constitutes acceptance of the revised Privacy Policy.