Privacy Policy

Welcome to Entraiot Solution Company ("Entraiot," "we," "us," or "our"). We are committed to protecting the privacy and security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website www.entraiot.com and use our IoT solutions, products, and related services (collectively, the "Services").

By accessing or using our Services, you agree to the terms of this Privacy Policy. If you do not agree with the practices described herein, please do not use our Services.

Entraiot Solution Company is an Internet of Things (IoT) technology company that provides smart connectivity, automation, and data-driven solutions to businesses and individuals. Our registered office and primary data controller contact details are:

We collect several types of information to provide and improve our Services:

We use the collected information for the following purposes:

For users in jurisdictions with data protection laws (such as GDPR in the European Economic Area), our legal bases for processing your personal data include:

• Contractual Necessity: Processing required to perform our contract with you and deliver the Services you have requested
• Legitimate Interests: Processing in our legitimate business interests, such as improving our services, security monitoring, and fraud prevention, balanced against your rights
• Consent: Processing based on your explicit consent, such as for marketing communications. You may withdraw consent at any time
• Legal Obligation: Processing required to comply with applicable laws and regulations

We do not sell your personal information. We may share your information in the following limited circumstances:

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements. Specific retention periods include:

• Account and profile data: Retained for the duration of your account and up to 3 years after account closure
• IoT device telemetry data: Retained according to your selected subscription plan (typically 90 days to 5 years), with options to archive or export
• Transaction and billing records: Retained for a minimum of 7 years as required by financial regulations
• Communication and support logs: Retained for 2 years after resolution
• Website analytics data: Retained in anonymized form for up to 26 months

Upon expiry of the applicable retention period, your personal data will be securely deleted or anonymized in accordance with our data disposal procedures.

Our website uses cookies and similar tracking technologies to enhance your experience, analyze site traffic, and support our marketing activities. The types of cookies we use include:

• Essential Cookies: Necessary for the website to function properly, including authentication and session management. These cannot be disabled.
• Performance & Analytics Cookies: Help us understand how visitors interact with our website (e.g., Google Analytics). Data collected is aggregated and anonymized.
• Functional Cookies: Enable enhanced features such as remembering your preferences, language settings, and dashboard configurations.
• Marketing & Targeting Cookies: Used to deliver relevant advertisements and track campaign effectiveness across third-party platforms.

You can manage or withdraw your cookie consent at any time through our Cookie Preference Center accessible on our website, or by adjusting your browser settings. Note that disabling certain cookies may affect the functionality of our website.

Depending on your location and applicable data protection laws, you may have the following rights regarding your personal information:

• Right of Access: Request a copy of the personal data we hold about you
• Right to Rectification: Request correction of inaccurate or incomplete personal data
• Right to Erasure: Request deletion of your personal data under certain circumstances ("right to be forgotten")
• Right to Restrict Processing: Request that we limit how we use your data in specific situations
• Right to Data Portability: Receive your personal data in a structured, machine-readable format
• Right to Object: Object to processing of your data based on legitimate interests or for direct marketing purposes
• Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent, without affecting prior lawful processing
• Right to Lodge a Complaint: File a complaint with your local data protection authority

To exercise any of these rights, please contact us at privacy@entraiot.com. We will respond to your request within 30 days. We may need to verify your identity before processing your request.

If you no longer wish to receive marketing communications from Entraiot, you may opt out by:

• Clicking the "Unsubscribe" link in any marketing email we send
• Logging into your account and updating your communication preferences
• Contacting us at privacy@entraiot.com with your opt-out request

Please note that even after opting out of marketing communications, you may still receive transactional and service-related messages essential to your use of our Services.

Entraiot implements industry-standard technical, administrative, and physical security measures to protect your personal information against unauthorized access, disclosure, alteration, and destruction. Our security practices include:

• End-to-end encryption for data transmission using TLS/SSL protocols
• AES-256 encryption for data at rest in our cloud infrastructure
• Multi-factor authentication (MFA) for administrative and user account access
• Role-based access controls (RBAC) limiting data access to authorized personnel
• Regular security audits, vulnerability assessments, and penetration testing
• ISO 27001-aligned information security management practices
• 24/7 security monitoring and incident response procedures

While we take all reasonable precautions to protect your data, no security system is impenetrable. In the event of a data breach that poses a risk to your rights and freedoms, we will notify you and relevant authorities as required by applicable law.

Entraiot operates globally, and your personal information may be processed and stored in countries other than your country of residence, including countries that may have different data protection laws. When transferring data internationally, we ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses (SCCs) approved by relevant data protection authorities
• Adequacy decisions recognized by applicable regulatory frameworks
• Binding Corporate Rules (BCR) or other approved transfer mechanisms

By using our Services, you acknowledge and consent to the transfer of your personal information to countries outside your jurisdiction, subject to the safeguards described above.

Our Services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If we become aware that we have inadvertently collected personal data from a person under 16, we will take immediate steps to delete such information from our systems. If you believe a child has provided us with personal information, please contact us at privacy@entraiot.com.

Our website and platform may contain links to third-party websites, applications, or services. This Privacy Policy does not apply to those third parties, and we are not responsible for their privacy practices. We encourage you to review the privacy policies of any third-party services you access through our platform.

As an IoT solutions provider, we are particularly mindful of privacy considerations related to connected devices and data-intensive environments:

• Device Data Minimization: We collect only the data necessary for the operation and improvement of your IoT deployments
• Edge Processing: Where technically feasible, we support edge computing capabilities that process sensitive data locally on devices rather than transmitting to the cloud
• Data Segregation: IoT data from enterprise clients is logically segregated to prevent cross-contamination between customers
• Lifecycle Management: We provide tools to manage, export, or delete device data at the end of a device's lifecycle or upon contract termination
• Third-Party Device Integration: When integrating with third-party IoT hardware or platforms, data handling is governed by the respective third party's policies alongside our own

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

• Update the "Last Updated" date at the top of this Policy
• Notify registered users via email or in-platform notification
• Post a prominent notice on our website for a period following the change

Your continued use of our Services after the effective date of any changes constitutes your acceptance of the updated Privacy Policy. We encourage you to review this Policy periodically.

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please reach out to us:

We are committed to addressing your concerns promptly and transparently. You also have the right to lodge a complaint with your local data protection supervisory authority if you are not satisfied with our response.

This Privacy Policy was prepared for Entraiot Solution Company. All rights reserved. © 2026 Entraiot Solution Company.