How TickingMinds collects, uses, and protects personal data — and the rights available to you under the Digital Personal Data Protection Act, 2023. We collect only what we need to respond to your enquiry.
Last updated: 29 June 2026
What we collect
Name, business email, company, role, industry, and your message โ only when you choose to contact us.
Why we collect it
Solely to respond to your enquiry and route it to the right team. We do not sell your data.
Your consent
You consent via the checkbox on our contact form before any data is submitted. You may withdraw at any time.
Applicable laws
This policy covers GDPR (EU/UK), DPDP Act 2023 (India), PDPA (Singapore), and CCPA/CPRA (California, US).
Your rights
Access, correct, delete, or port your data. Opt out of any marketing at any time. Details in Sections 9โ9b below.
Contact
All privacy requests: privacy@tickingminds.com. We acknowledge within 3 business days.
This Privacy Policy explains how Ticking Minds Technology Solutions Pvt. Ltd. ("TickingMinds", "we", "us"), CIN U72900TN2022PTC151234, registered in Tamil Nadu, India, handles personal data collected through tickingminds.com. We are the Data Fiduciary for the personal data described here.
For visitors in India, we process personal data only on the basis of your free, specific, informed, unconditional, and unambiguous consent, given via the consent checkbox on the contact form before you submit your data (Section 6, DPDP Act 2023). Processing does not commence until that consent is given. The only lawful bases under the DPDP Act are consent (Section 6) and deemed consent (Section 7); we rely exclusively on Section 6 consent for contact form data.
For visitors in the EU, EEA, or UK, we process personal data under the following lawful bases (GDPR Article 6):
We do not rely on legitimate interests as a basis for marketing communications or for processing contact form data โ those are consent-based only.
For visitors in Singapore, we collect and use personal data with your consent, consistent with the PDPA. Our designated Data Protection Contact for PDPA purposes is reachable at privacy@tickingminds.com.
For residents of California and other US states with enacted privacy laws, we process personal information as described below. TickingMinds does not sell or share personal information for cross-context behavioural advertising as defined under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA). The personal information we collect is limited to what you voluntarily provide via the contact form, plus standard server logs.
Other US states with comprehensive privacy laws (Virginia CDPA, Colorado CPA, Connecticut CTDPA, Texas TDPSA, and others) confer similar rights โ see Section 9b for how to exercise them.
You may withdraw your consent at any time, without affecting the lawfulness of processing done before withdrawal, by emailing privacy@tickingminds.com with the subject line "Withdraw Consent". We will acknowledge your request within 3 business days and cease processing within 7 business days of acknowledgement. Withdrawal is as simple as sending that email โ no forms, no waiting.
This website uses only essential session functionality by default. No non-essential analytics or advertising cookies are set without your prior consent.
We share personal data with the following processors, who act only on our instructions:
We do not sell personal data to any third party.
Contact enquiry data is retained for a maximum of 24 months from the date of submission, after which it is securely deleted or anonymised, unless retention is required to comply with a legal obligation or to establish, exercise, or defend a legal claim (Section 8(7), DPDP Act 2023). Server logs are retained for 90 days. Scheduling data retention is governed by Calendly's data retention policy.
We apply appropriate technical and organisational measures including TLS encryption in transit, access controls, and least-privilege practices to protect personal data against unauthorised access, loss, or misuse (Section 8(4), DPDP Act 2023).
In the event of a personal data breach that is likely to result in a risk to the rights and freedoms of Data Principals, we will:
If you believe your personal data held by us has been compromised, please contact privacy@tickingminds.com immediately.
If you are located in the EU, EEA, or UK, you have the following rights under the General Data Protection Regulation (GDPR) or UK GDPR:
To exercise any of these rights, email privacy@tickingminds.com. We will respond within 30 days as required by GDPR Article 12.
As a Data Principal under the Digital Personal Data Protection Act, 2023 (India), you have the following rights:
To exercise any right, email privacy@tickingminds.com. We will acknowledge within 3 business days.
If you are a California resident, you have the following rights under the CCPA/CPRA. Residents of Virginia, Colorado, Connecticut, Texas, and other states with enacted privacy laws have equivalent rights under their respective laws.
To exercise any right, email privacy@tickingminds.com with the subject line "US Privacy Rights Request". We will respond within 45 days as required by the CCPA, with a possible 45-day extension where reasonably necessary.
Authorised agents: California residents may designate an authorised agent to submit requests on their behalf. We may require written proof of authorisation before processing the request.
If you have a complaint or grievance about our handling of your personal data, contact our designated privacy contact:
If your grievance is not resolved to your satisfaction within 30 days, you have the right to escalate to the Data Protection Board of India under Section 13(2) of the DPDP Act, 2023. The Board's contact and complaint filing process is available at www.meity.gov.in (Ministry of Electronics and Information Technology). Once the Board is operationalised and its portal is live, we will update this section with a direct link.
For any privacy question, rights request, consent withdrawal, or data grievance:
Where personal data is transferred to processors outside India (e.g. Calendly), we ensure appropriate safeguards are in place consistent with Section 16 of the DPDP Act, 2023. This section will be updated when cross-border transfer Rules are notified by the Central Government.
This website is intended for business audiences only and is not directed at children. We do not knowingly collect personal data from individuals below the age of 18.
We may update this policy from time to time. The "Last updated" date above reflects the latest revision. Material changes will be communicated to data principals whose data we hold.
Reach our Data Privacy Lead directly for any consent, access, correction, or erasure request.
Email privacy@tickingminds.com