How SattoAI handles website, project, and payment information

Who this policy applies to

This Privacy Policy applies to visitors, consultation leads, prospective clients, clients, and authorized users who interact with SattoAI through this website, contact forms, client discussions, project delivery, invoices, online payments, or support channels.

Information collected

SattoAI may collect information that you submit directly, including name, email address, phone number, company name, website, role, service interest, project type, current tools, company size, revenue range, budget range, timeline, pain points, awareness source, and project messages.

SattoAI may also collect technical and attribution details such as CTA source, source page, service context, IP hash, browser type, device details, approximate location derived from technical data, timestamps, form validation events, and security logs. This helps with inquiry handling, fraud prevention, analytics, and website improvement.

Project and client information

During project discussions or delivery, SattoAI may receive workflow notes, business process details, sample files, screenshots, database fields, API documentation, credentials shared for setup, automation logic, dashboard requirements, user roles, and support messages. Clients should avoid sending unnecessary personal, financial, health, identity, or confidential third-party data unless it is required for the agreed project scope.

Payment and billing information

When SattoAI adds paid services, checkout links, invoices, subscriptions, retainers, deposits, refunds, or payment collection, SattoAI may collect billing contact details, invoice details, GST or tax details where applicable, selected service or plan, payment amount, payment date, payment status, transaction ID, refund status, and payment gateway reference numbers.

Card, UPI, net-banking, wallet, or other payment credentials should be entered only on the payment gateway, bank, card network, UPI app, or authorized payment provider page. SattoAI should not store raw card numbers, CVV, UPI PINs, net-banking passwords, or full payment credentials on this website. If saved cards, recurring payments, or subscriptions are enabled, they should be handled through gateway-supported tokenisation or mandate systems with required customer consent and authentication.

How information is used

Information is used to respond to inquiries, evaluate project fit, prepare proposals, estimate timelines, deliver services, configure automations, create dashboards or software, manage support, maintain website security, prevent spam or misuse, process payments, issue invoices, manage refunds, and keep business records.

SattoAI may also use aggregated or non-identifying information to understand which services are most requested, improve website pages, improve forms, and plan future service offerings.

Consent and lawful use

By submitting a form, contacting SattoAI, booking a consultation, sharing project information, or making a payment, you consent to the use of your information for the relevant purpose. Where a separate contract, statement of work, invoice, payment mandate, or client agreement applies, information may also be used to perform that agreement, meet legal obligations, resolve disputes, and protect legitimate business interests.

Sharing with service providers

SattoAI may share limited information with service providers required to run the business, such as hosting providers, email providers, analytics tools, CRM or spreadsheet tools, automation platforms, payment gateways, banks, accountants, legal advisors, security tools, and project delivery tools. These providers should only receive information needed for their role.

SattoAI does not sell personal information. Information may be disclosed if required by law, court order, payment dispute process, fraud investigation, tax compliance, or to protect the rights, safety, and security of SattoAI, clients, users, or the public.

Analytics and attribution

The website includes a lightweight event bridge for future analytics. It is designed to fail silently when no analytics provider is configured and should be reviewed before connecting a production analytics service. If analytics, advertising pixels, heatmaps, or remarketing tools are added later, this policy should be updated to explain what is collected and how users can control it.

Cookies and local storage

The website may use essential cookies, session storage, local storage, or similar technologies for security, login sessions, form behavior, preferences, analytics, and performance. Visitors can control many cookies through browser settings, but blocking essential cookies may affect login, forms, or payment flows.

AI and project data

SattoAI may use AI tools to support project planning, summarization, workflow design, code assistance, document drafting, automation logic, or testing. Client project data should only be used according to agreed project terms, and sensitive data should be minimized, masked, removed, or replaced with sample data whenever possible.

AI-assisted processing should be configured with appropriate review, access control, vendor assessment, and human supervision. SattoAI should not use client confidential information to train public AI models unless the client has clearly agreed in writing.

Security practices

SattoAI aims to use reasonable security practices such as HTTPS, input validation, access controls, least-privilege access, credential protection, backups where appropriate, security logging, and limited access to project and contact records. No website, payment system, email system, or internet transmission can be guaranteed to be fully secure.

Clients are responsible for sharing credentials securely, rotating temporary credentials after setup, avoiding unnecessary sensitive data in messages, and maintaining security in their own tools, hosting accounts, gateways, and third-party platforms.

Data retention

Contact submissions, consultation notes, project messages, invoices, and payment records may be retained for business follow-up, service delivery, accounting, tax, security, dispute handling, and legal record keeping. Information may be deleted, anonymized, or archived when it is no longer needed, unless retention is required by law, contract, payment dispute, tax record, or security reason.

Your choices and rights

You may request access, correction, update, deletion, or withdrawal of consent for your personal information by contacting SattoAI. Some requests may be limited where information is needed for invoices, tax records, payment disputes, security logs, legal obligations, or ongoing service delivery.

You can unsubscribe from non-essential marketing messages where such messages are sent. Service, invoice, payment, security, and project-related messages may still be sent when needed.

Children's privacy

SattoAI services are intended for businesses, founders, teams, and professional users. This website is not intended to collect personal information from children. If a parent or guardian believes a child has shared personal information, they can contact SattoAI for review and deletion where appropriate.

International tools and transfers

Some hosting, analytics, email, automation, AI, payment, or project management tools may process information outside India or outside the user's country. SattoAI should choose reputable providers and configure access, storage, and sharing in line with project requirements and applicable law.

Policy updates

SattoAI may update this Privacy Policy when services, payment methods, analytics tools, client portals, legal requirements, or business processes change. The updated date at the top of the page will show when the policy was last revised.

Contact and grievance requests

For privacy questions, correction requests, deletion requests, payment data questions, or grievance requests, contact SattoAI at support@sattoai.in or call 9608781895. Please include enough detail to identify the request, but do not send passwords, OTPs, UPI PINs, CVV numbers, or unnecessary sensitive information by email or form.

Legal review before launch

This policy is a practical website draft and not legal advice. Before launching online payments, subscriptions, client login, analytics pixels, or services for regulated industries, SattoAI should review this policy with a qualified professional for the owner's jurisdiction, business model, payment gateway terms, tax obligations, and applicable privacy laws.