Trust Center
Security & Compliance
Enterprise-grade security with DPDP 2023 and GDPR compliance built from day one. Your data protection is our top priority.
Enterprise-Grade Infrastructure
Security is built into every layer of UMAP360, not bolted on as an afterthought.
SHA-256 Hashing
All personally identifiable information (email, phone) is SHA-256 hashed before storage. We never store raw PII in our event database.
AES-256 Encryption
All data in transit uses TLS 1.3, and data at rest is encrypted with AES-256. Your data is protected at every step.
AWS Infrastructure
Hosted on AWS with multi-region redundancy, automated backups, and 99.9% uptime SLA for the Trigger Engine.
Tenant Isolation
Strict tenant isolation ensures your data never touches another client's environment. Complete data separation guaranteed.
Audit Logging
Comprehensive audit logs track all data access and modifications. Full transparency for compliance and security reviews.
SOC 2 In Progress
We are currently working toward SOC 2 Type II certification. Contact us for our latest security documentation.
Built for Indian & Global Regulations
DPDP-native, privacy-first infrastructure built for Indian businesses from day one.
DPDP Act 2023
Built for India's Digital Personal Data Protection Act from the ground up with native consent management and data rights handling.
- Consent management built-in
- Right-to-Erasure API endpoint
- Data residency in India
- 30-day deletion guarantee
GDPR
Full compliance with EU data protection principles. Data minimisation, purpose limitation, and user rights are built into the platform core.
- Data minimisation by design
- Purpose limitation enforced
- DPA available on request
- Data export functionality
Privacy Policy
Last updated: April 2026
UMAP360 is committed to protecting the personal data of our users and their end-customers in accordance with India’s Digital Personal Data Protection Act 2023 (DPDPA), the GDPR, CCPA/CPRA, and applicable data protection regulations.
Our comprehensive Privacy Policy covers data collection, processing purposes, legal basis, third-party sub-processors, data retention, your rights under DPDPA/GDPR/CCPA, cookie policy, international data transfers, security measures, breach notification, and compliance with Google API Services User Data Policy and Meta Platform Terms.
Read Full Privacy PolicyData Deletion
You have the right to request deletion of your personal data at any time. We support data deletion for UMAP360 dashboard users, Meta/Facebook users, Google users, and end users whose data is collected via the SDK.
Request Data Deletion →Terms of Service
Last updated: February 2026
By accessing or using the UMAP360 platform, you agree to be bound by these Terms of Service. UMAP360 is operated by Project 360 Intelligence Private Limited, incorporated in India.
Acceptable Use
You may use UMAP360 only for lawful purposes and in compliance with applicable laws, including DPDP 2023. You are responsible for obtaining valid consent from your end-users for data collection and processing activities conducted through the platform.
Service & Billing
Subscription fees are billed as described on our Pricing page. No refunds are issued for partial billing periods. Enterprise clients with uptime SLA credits are eligible for a 10% service credit if uptime falls below 99.9% in any given month.
Limitation of Liability
To the maximum extent permitted by law, UMAP360’s total liability shall not exceed the fees paid by you in the three months preceding the claim. A comprehensive Terms of Service document is available on request at legal@umap360.com.
Data Processing Agreement
Available for Growth & Enterprise customers
A Data Processing Agreement (DPA) is available for Growth and Enterprise customers. Our standard DPA covers: the scope and purpose of data processing, sub-processor disclosures, security obligations, data subject rights procedures, and breach notification protocols in line with DPDP 2023 and GDPR requirements.
Enterprise customers requiring a signed DPA before onboarding, or requiring a custom DPA to reflect your organisation’s requirements, can request one from our team.
Request DPASecurity Questions?
Our team is here to help with security assessments, compliance questions, or custom requirements.