Privacy Policy.

1. Introduction.

JourneyOS (journeyos.in, operated by Bhavishya Garg under the JourneyOS brand) provides a behavioral funnel intelligence diagnostic for consumer-brand pilots. This privacy policy describes how JourneyOS collects, uses, and protects personal data during pilot engagements and on this public website.

This policy applies to information JourneyOS collects on journeyos.in and to client-pilot data processed under a signed data processing agreement.

2. Information we collect.

On the public website (journeyos.in): aggregated visit data via Cloudflare Web Analytics (page views, referrer domain, country geography); form submissions you provide via the demo request form (name, work email, optional mobile number, company and role, optional conversion-problem text). Cookies are limited to the strict-necessary scope for site function and the analytics aggregation described above.

During a pilot engagement: anonymized voice-of-customer artifacts (reviews, NPS verbatims, support tickets), funnel event data with hashed user identifiers, and optional customer-attribute samples. The specifics are negotiated in the per-pilot data processing agreement.

3. How we use information.

Public-website data: to operate the website, respond to demo requests, and improve the website experience. Pilot-engagement data: to run the JourneyOS method on the client funnel and produce diagnostic outputs (customer-type identification, simulation outputs, intervention recommendations). JourneyOS does not train models on client pilot data and does not aggregate pilot data across clients.

4. Information sharing and disclosure.

JourneyOS does not sell personal data. JourneyOS does not share client pilot data with third parties except as required to deliver the engagement (subprocessors named in the data processing agreement) or as required by law. Public-website analytics are processed by Cloudflare Web Analytics under their published terms.

5. Data retention.

Public-website analytics retain for the period defined by Cloudflare Web Analytics. Demo-form submissions retain until the engagement closes or you request deletion. Pilot-engagement data retains for the pilot duration plus 30 days by default; custom retention is set in the per-pilot data processing agreement. Deletion on request is guaranteed within 30 days.

6. Your rights under GDPR (EU and UK).

Right of access

You may request confirmation of whether JourneyOS is processing your data, and a copy of that data.

Right to rectification

You may request correction of inaccurate data and completion of incomplete data.

Right to erasure

You may request deletion of your data, subject to JourneyOS's retention obligations under contract.

Right to restrict processing

You may request a temporary halt to processing while a dispute is resolved.

Right to data portability

You may request a structured, machine-readable copy of the data you provided to JourneyOS.

Right to object

You may object to processing based on legitimate interest grounds. JourneyOS will stop processing unless an overriding legitimate ground applies.

7. Your rights under DPDP (India).

Right to information

You have the right to be informed about the personal data JourneyOS processes about you and the purpose of that processing.

Right to correction, completion, updating, and erasure

You may request correction, completion, updating, or deletion of personal data that is inaccurate, incomplete, or no longer required for the purpose for which it was processed.

Right to grievance redressal

You may raise a grievance with JourneyOS's designated grievance officer (currently the founder, contact below) and escalate to the Data Protection Board of India if unresolved.

Right to nominate

You may nominate another person to exercise these rights on your behalf in the event of incapacity or death.

8. International data transfers.

JourneyOS operates from India. Pilot data may be processed in India and in JourneyOS-controlled infrastructure that may be located in additional jurisdictions specified in the per-pilot data processing agreement. Cross-border transfer mechanisms (standard contractual clauses, where applicable) are documented in the data processing agreement.

9. Children's privacy.

JourneyOS does not knowingly collect personal data from children under the applicable age of consent in any jurisdiction. The JourneyOS service is a B2B diagnostic for consumer brands; the public website is intended for professional audiences.

10. Changes to this policy.

JourneyOS may update this policy as the engagement model matures and legal counsel finalizes the language. The "Last updated" date at the top reflects the most recent revision. Material changes will be communicated via the website and, where applicable, directly to active pilot clients.