Privacy Policy

This Privacy Notice describes how GV Mantra Technologies Pvt Ltd collects, uses, and protects personal data when you interact with us — whether through our website, as a client, or as a business contact. We take your privacy seriously and handle all personal data responsibly and transparently.

Who we are

GV Mantra Technologies Pvt Ltd is a Salesforce consulting firm headquartered in Gurgaon, Haryana, India. We specialise in Salesforce Revenue Cloud implementations, Managed Services, and Staff Augmentation, serving clients in the United Kingdom, Europe, and North America.

For the purposes of this notice, GV Mantra acts as a Data Controller for personal data we collect directly (such as client contact details and website enquiries), and as a Data Processor when we work with data on behalf of our clients within their own Salesforce environments.

What Personal Data We Collect

We collect only what we need. The personal data we hold falls into two categories:

Business contact data — collected when you engage with us as a client, partner, or via our website contact form:

Name and job title
Business email address and telephone number
Company name
Any information you include in a website enquiry

Client engagement data — during Salesforce implementations or support work, our consultants may access employee or customer records within your Salesforce environment. This data is accessed directly within your system and is never downloaded, copied, or stored on GV Mantra’s own systems.

Why We Use Your Data

We process personal data for the following purposes, each with a clear legal basis:

Delivering our services — to manage and execute contracted engagements (legal basis: performance of contract)
Managing client relationships — to communicate, coordinate, and maintain our business relationship (legal basis: legitimate interests)
Responding to website enquiries — to reply to messages submitted via our contact form (legal basis: legitimate interests)
Legal and financial obligations — to comply with applicable laws, including tax and audit requirements (legal basis: legal obligation)

We do not use your personal data for marketing without your explicit consent. We do not sell your data. We do not use your data for automated decision-making or profiling.

How We Store and Protect Your Data

Personal data is stored on secure, enterprise-grade cloud platforms:

Salesforce CRM — client contact records (Salesforce enterprise security, ISO 27001 certified)
Microsoft 365 — email and project correspondence (Microsoft GDPR-compliant infrastructure, encrypted at rest and in transit)

All GV Mantra systems are protected by multi-factor authentication (MFA), role-based access controls, and full disk encryption on all devices. No personal data is stored on local devices. Access is revoked immediately upon any employee or contractor departure.

How Long We Keep Your Data

We retain personal data only for as long as necessary:

Client contact records — for the duration of our engagement plus 3 years
Website enquiries — up to 12 months from receipt, deleted sooner if no engagement follows
Financial and contractual records — 7 years, as required by applicable law
Client Salesforce org data — not retained by GV Mantra; accessed within your system only

Upon expiry of the applicable retention period, personal data is securely deleted from our systems.

International Data Transfers

GV Mantra is based in India. Our cloud platforms (Salesforce and Microsoft 365) are hosted on infrastructure that may be located in the UK, EU, or US. Both Salesforce and Microsoft operate under Standard Contractual Clauses (SCCs) and recognised data transfer frameworks, providing appropriate safeguards for UK and EU personal data.

If you require a Data Processing Agreement (DPA) for your engagement with us, please contact us at hello@gvmantra.com.

Your Data Protection Rights

Depending on your location, you have the following rights over your personal data. To exercise any of them, contact us at privacy@gvmantra.com. We will respond within 30 days.

Right of Access Request a copy of the personal data we hold about you.

Right to Erasure Request deletion of your data where there is no legitimate reason to retain it.

Right to Object Object to processing based on our legitimate interests.

Right to Rectification Ask us to correct inaccurate or incomplete data.

Right to Restrict Processing Ask us to limit how we use your data in certain circumstances.

Right to Data Portability Request your data in a portable, machine-readable format.

UK Residents If you are not satisfied with our response, you have the right to complain to the Information Commissioner's Office (ICO) at ico.org.uk or on 0303 123 1113.

Third Parties

We do not sell or share your personal data with third parties for commercial purposes. The only sub-processors we use are Salesforce Inc. and Microsoft Corporation — both of whom operate under robust data protection agreements and are GDPR-compliant.

We will never pass your data to any other third party without your explicit consent, except where required by law.

Contact Us

For any questions or requests relating to your personal data, please contact our Data Privacy Lead:

Vikram Middha — Chief Technology Officer

Email: hello@gvmantra.com

GV Mantra Technologies Pvt Ltd, Gurgaon, Haryana, India

Updates to This Notice

This privacy notice is reviewed annually. Any material changes will be communicated to active clients by email. The effective date at the top of this page always reflects the current version.