Our “No data selling and No Ads” Commitment
How we collect, use, and protect your data
1. Our “No data selling/No Ads” Commitment
We do not sell, rent, or trade your personal data, contact information, or professional history to advertisers or third-party data brokers. Your participation in the network is for the purpose of professional growth and community connection, not commercial exploitation. We will never show you any Ads. This is a lifelong commitment from us
2. Information We Collect
To provide a “Zero-Touch” provisioning experience, we collect the following:
Identity Data: Full Name, Surname (for community verification), and desired professional handle.
Contact Data: Personal email address and mobile number (used for user onboarding and account recovery via Our CRM Engine).
Transaction Data: Billing address and GST information (processed securely through Secure Order and Billing System). We do not store full credit card numbers on our servers.
Technical Data: IP address and browser type (collected during the search and checkout process for security and bot-prevention).
Please read below for how Svanet and its Third-Party processors collect and process your data
3. How We Use Your Data
We use your information strictly to build and maintain your digital identity:
Provisioning: Triggering the automation to create your website on our Website hosting platform and your email on our Email Hosting platform.
Communication: Sending “Welcome Kits,” technical updates, and renewal reminders via our CRM Engine.
Compliance: Generating GST-compliant invoices for your records.
Server Monitoring and Error Handling: Svante and its Third-Party Preprocessors can store server logs, access logs, and error log, sender IP, timestamps, delivery status) that may contain IP addresses, user-agent strings, and request paths
4. Data Storage & Third-Party Processors
To provide elite-grade service, we partner with industry leaders who adhere to strict security standards. Your data may be processed by:
Hosting: Website hosting provider – Cloudways sitting on top of AWS/GCP/DigitalOcean/Vultr/Linode.
Email hosting: Shared Email Hosting provider – Mxroute
CRM: GoHighLevel
Payments: Secure Order and Billing System – RazorPay
Security: Cloudflare (WAF and DDoS protection).
Website Builder and plugins: WordPress along with plugins like Site Kit by Google, Kadence Blocks, Surecart, Cloudflare Turnstile, Fluent Forms, CookieYes, Breeze, etc.
Note: SvaNet does not monitor or “read” the contents of your private @surname.in emails. That data is private and resides on dedicated secure mail infrastructure.
5. Community Data & Public Discovery
As part of the “Legacy Project,” certain data points (such as your professional title and SvaNet website URL) may be visible to public
6. Data Retention & Your Rights
Retention: We retain your data as long as your subscription is active. If a subscription is cancelled and not renewed after the grace period, your site data is archived.
Access: You have the right to request a copy of all data SvaNet holds about you.
Deletion: You may request the permanent deletion of your account and all associated files at any time (“Right to be Forgotten”), subject to legal tax-record requirements.
7. Security Measures
We implement “Shadow-Piercing” security layers and SSL encryption across all domains to prevent unauthorized website access. Our multi-server architecture ensures that even if one community node is targeted, the rest of the network remains isolated and secure. Root Domain access is restricted and secured only with the Owners of the company and are not shared with any user or technical support person or agency.
8. Cross-Border Data Transfer
To deliver Svanet’s services, your data may be transferred to and processed in countries outside India. This occurs because our third-party service providers operate infrastructure globally. Your acknowledgement By using Svanet’s services, you acknowledge and consent to your data being transferred to the countries listed above for the purposes described in this policy.
SvaNet ensures that all cross-border transfers are governed by contractual obligations or recognised data protection frameworks that provide a level of protection substantially equivalent to that afforded under Indian law.
9. Data Isolation & Breach Notification Policy
SvaNet maintains active monitoring of its infrastructure. In the event of a personal data breach — whether involving unauthorised access, accidental disclosure, or data destruction — the following protocol applies.
What constitutes a breach– A data breach includes any incident where personal data processed by SvaNet is accessed, disclosed, altered, or destroyed without authorisation, whether caused by external attack, insider error, or third-party processor failure.
Our Response Timeline– (Timeframe – Action)
0–24 hours – Breach detected, contained, and internally escalated
48–72 hours – Affected users notified via their registered email address
72 hours – Notification filed with the appropriate authority under the DPDP Act, where required
Within 14 days – Full incident report shared with affected users, including nature of breach, data involved, and remediation steps taken
What we will tell you – Our breach notification to you will include: The nature of the data that was compromised, The approximate date and time of the incident, The likely consequences of the breach, The steps SvaNet has taken or is taking to address it, Actions you can take to protect yourself (e.g., password reset, monitoring for phishing), etc.
Limitations – If a breach originates entirely within a third-party processor’s infrastructure (e.g., MXRoute, Cloudways), SvaNet will notify you as soon as we are informed by that processor and will co-operate fully with any investigation.
10. Data Collected by Svanet Vs Data Collected by Provisioned Websites / Website users
When Svanet provisions a website for you on our platform, that website — once live — may independently collect data from its own visitors. This section clarifies the distinct roles and responsibilities involved.
Role — Party — What it means
1. Data Fiduciary (for your account) — Svanet — Svanet controls how your registration, billing, and provisioning data is used
2. Data Fiduciary (for your website’s visitors) — You, the subscriber — Once your website is live, you become the Data Fiduciary for any visitor data your site collects
3. Data Processor (for your website) — Svanet / Svanet’s Third-Party Processors — We host the infrastructure but do not access, read, or use your visitors’ data
11. Minors and Age Restriction
Svanet’s services — including digital identity provisioning, custom domain email, and personal/professional websites — are intended exclusively for individuals who are 18 years of age or older. We do not knowingly collect, process, or store personal data of individuals below the age of 18. During registration, by proceeding with account creation and payment, you confirm that you are at least 18 years of age. If Svanet becomes aware that personal data of a minor has been collected without verifiable parental or guardian consent, we will delete that data immediately upon discovery or notification.
Parents or guardians who believe their child’s data has been submitted to Svanet may contact our Grievance Officer at support@svanet.in to request immediate deletion. Under the DPDP Act, processing of personal data of children requires verifiable parental consent. Svanet’s service design avoids this by restricting access to adults only..
12. India Digital Personal Data Protection Act, 2023 (DPDP Act)
Svanet operates in full alignment with India’s Digital Personal Data Protection Act, 2023 (DPDP Act). The following disclosures apply to all users whose personal data is processed by us.
Data Fiduciary – Svanet acts as the Data Fiduciary for all personal data collected during account registration, provisioning, billing, and service delivery. As Data Fiduciary, we determine the purpose and means of processing your personal data and are responsible for its protection.
Lawful Basis for Processing -( Data Type –> Lawful Basis)
1. Identity & Contact Data –> Consent given at registration
2. Billing & GST Data –> Contractual necessity + Legal obligation
3. Technical Data (IP, browser) –> Legitimate interest (security, fraud prevention)
4. Community/Public Profile Data –> Consent given at registration
Your Rights as a Data Principal – Under the DPDP Act, you have the right to:
1. Access a summary of your personal data processed by Svanet
2. Correction & Erasure — request correction of inaccurate data or deletion of data no longer necessary for its stated purpose
3. Grievance Redressal — raise a complaint and receive a response within a reasonable timeframe
4.Nominate a representative to exercise your rights in the event of your death or incapacity
Grievance Officer– In accordance with the DPDP Act and the IT (Intermediary Guidelines) Rules, Svanet has designated a Grievance Officer to address data-related concerns: Email: support@svanet.in. Response Commitment: We will acknowledge your grievance within 48 hours and resolve it within 30 days of receipt.
13. Cookie Policy
C1. What Are Cookies? Cookies are small text files placed on your device (computer, tablet, or mobile) when you visit a website. They are widely used to make websites function correctly, work more efficiently, and to provide information to website owners.
Cookies can be first-party cookies, which are set directly by the website you are visiting, or third-party cookies, which are set by a domain other than the one you are visiting — typically by embedded services such as analytics tools, payment processors, or social media widgets.
They can also be session cookies, which are temporary and expire when you close your browser, or persistent cookies, which remain on your device for a defined period or until you manually delete them.
C2. How We Use Cookies
C2.1 Strictly Necessary Cookies
These cookies are essential for the website to function and cannot be switched off in our cookie management system. They are set only in response to actions you take, such as logging in, filling out forms, or setting your privacy preferences. Without these cookies, parts of the website will not work.
wordpress_logged_in_[hash] — Set by WordPress. Keeps you logged in to your WordPress account. Duration: Session.
wordpress_sec_[hash] — Set by WordPress. Security cookie for the WordPress admin area. Duration: Session.
wp-settings-[user_id] — Set by WordPress. Stores your WordPress dashboard preferences. Duration: 1 year.
cookieyes-consent — Set by CookieYes. Stores your cookie consent preferences. Duration: 1 year.
PHPSESSID — Set by the server. Maintains your active session. Duration: Session.
C2.2 Functional Cookies
These cookies enable enhanced functionality and personalisation. If you do not allow these cookies, some or all of these features may not function correctly.
comment_author_[hash] — Set by WordPress. Remembers your name and email for future comment submissions. Duration: 1 year.
comment_author_email_[hash] — Set by WordPress. Remembers your email specifically for future comment submissions. Duration: 1 year.
C2.3 Analytics Cookies
These cookies help us understand how visitors interact with the website — which pages are visited, how long users stay, and where they came from. All information collected is aggregated and anonymous. These cookies are only activated with your explicit consent.
_ga — Set by Google Analytics. Distinguishes unique users. Duration: 2 years.
ga[ID] — Set by Google Analytics. Persists session state. Duration: 2 years.
_gid — Set by Google Analytics. Distinguishes users on a short-term basis. Duration: 24 hours.
_gat — Set by Google Analytics. Throttles the request rate to Google servers. Duration: 1 minute.
Note: If Google Analytics or similar plugins are not installed on a particular SvaNet-provisioned website, the analytics cookies listed above will not be set on that site.
C2.4 Performance & Security Cookies
These cookies are set by Cloudflare, our CDN and security provider, to deliver the website efficiently and to protect it against malicious traffic. Some of these are strictly necessary for security purposes.
__cf_bm — Set by Cloudflare. Used for bot management and fraud prevention. Duration: 30 minutes.
_cfuvid — Set by Cloudflare. Used for rate limiting and abuse prevention. Duration: Session.
cf_clearance — Set by Cloudflare. Records that the user has successfully passed a security challenge. Duration: 1 year.
C2.5 Marketing & Tracking Cookies
SvaNet does not use marketing, advertising, or retargeting cookies on the SvaNet platform. We do not run ad networks, we do not track you across other websites, and we do not sell your browsing behaviour to any third party.
If you are a SvaNet subscriber and you choose to install marketing or retargeting plugins on your own provisioned WordPress website — such as Meta Pixel or Google Tag Manager — those cookies fall under your own data collection responsibility as the website owner. Please refer to Section 8 of our Privacy Policy for your obligations in this regard.
C3. Cookie Consent — Powered by CookieYes
We use CookieYes, a consent management plugin for WordPress, to give you full control over the cookies set on this website.
When you visit a SvaNet-provisioned website for the first time, a cookie consent banner will appear. You have three options:
Accept All — allows all cookie categories to be activated immediately.
Reject All — blocks all non-essential cookies immediately, while keeping strictly necessary cookies active.
Customise — opens a preference panel where you can choose which categories of cookies you consent to, on a category-by-category basis.
Your preferences are saved in a cookie called cookieyes-consent for a period of one year, so that you are not asked again on every visit.
You can change your preferences at any time by clicking the “Cookie Settings” link in the footer of the website. This will reopen the CookieYes preference panel and allow you to update your choices freely.
CookieYes is designed to be compliant with GDPR, CCPA, and India’s Digital Personal Data Protection Act, 2023 (DPDP Act). Your consent record — including a timestamp and the specific choices you made — is logged by CookieYes for compliance audit purposes.
C4. Cookies We Do Not Control
Certain cookies may be set by third-party services that are embedded in your provisioned website by you as the website owner, not by SvaNet. Examples include:
YouTube or Vimeo — if you embed videos from these platforms, they will set their own cookies on your visitors’ devices.
Google Fonts or Google Maps — if loaded externally, Google may set analytics or functional cookies.
Social media share buttons — platforms such as LinkedIn, X (Twitter), or Instagram set their own tracking cookies when their widgets or share buttons are embedded in a page.
SvaNet has no visibility into or control over these cookies. If you are a visitor encountering such cookies on a SvaNet-provisioned website, please refer to that website owner’s own privacy and cookie policy for details.
C5. Managing Cookies via Your Browser
In addition to using the CookieYes consent panel, you can manage or delete cookies directly through your browser settings at any time. Please note that blocking cookies at the browser level may affect the functionality of websites you visit.
Google Chrome — Settings → Privacy and Security → Cookies and Other Site Data
Mozilla Firefox — Settings → Privacy & Security → Cookies and Site Data
Safari — Preferences → Privacy → Manage Website Data
Microsoft Edge — Settings → Cookies and Site Permissions
Opera — Settings → Advanced → Privacy & Security
You can also opt out of Google Analytics tracking across all websites by installing the Google Analytics Opt-out Browser Add-on, available at tools.google.com/dlpage/gaoptout.
C6. Do Not Track (DNT)
Some browsers offer a “Do Not Track” (DNT) signal that can be sent to websites as you browse. Currently, there is no universally agreed standard for how websites are required to respond to DNT signals. SvaNet does not currently alter its cookie behaviour in response to DNT signals. However, your choices made through the CookieYes consent panel serve as the functional equivalent of that preference and are fully honoured.
14. Updates to this Policy [Last updated: 1 May 2026]
As we liberate more surnames and add new community tools, we may update this policy. We will notify you of any significant changes via your SvaNet professional email.
