Privacy Policy

SINC ("SINC," "we," "us," or "our") is operated by Svayam Incarnation Limited, a company registered in London, United Kingdom. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you visit our website at sinc.sh, use any of our products — including Blackgare, Storelink.cc, Monzila.com, and Moggli.com — or engage with our professional services.

By accessing or using our services, you acknowledge that you have read, understood, and agree to be bound by the terms of this Privacy Policy. If you do not agree with the terms outlined herein, please discontinue use of our services immediately.

This policy applies to all information collected through our websites, applications, SaaS platforms, APIs, and any related services, sales, marketing, or events (collectively, the "Services").

We use the information we collect for legitimate business purposes, including but not limited to:

• •Service Delivery: To provide, operate, and maintain our products and services, including Blackgare, Storelink.cc, Monzila.com, Moggli.com, and custom development projects
• •Account Management: To create, manage, and secure your user accounts across our platforms
• •Communication: To respond to inquiries, provide technical support, send transactional notifications, and deliver service-related updates
• •Analytics & Improvement: To analyze usage patterns, diagnose technical issues, conduct A/B testing, and improve the performance and user experience of our Services
• •Marketing & Personalization: To send promotional materials, personalize content, and deliver targeted advertisements, where you have opted in to receive such communications
• •Security & Fraud Prevention: To detect, prevent, and address security threats, fraudulent activity, and violations of our terms of service
• •Legal Compliance: To comply with applicable laws, regulations, legal processes, and enforceable governmental requests
• •AI Model Training: Where applicable and with appropriate consent, anonymized and aggregated data may be used to train and improve our AI models and machine learning systems

We do not sell your personal information to third parties. We may share your information in the following circumstances:

• •Service Providers: We engage trusted third-party vendors to perform services on our behalf, such as cloud hosting (AWS, Azure, GCP), payment processing, email delivery, analytics, and customer support tooling. These providers are contractually obligated to protect your data and may only use it for the purposes we specify.
• •Business Transfers: In the event of a merger, acquisition, reorganization, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control.
• •Legal Requirements: We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court order, subpoena, or government agency request).
• •Protection of Rights: We may disclose information where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person, or as evidence in litigation.
• •With Your Consent: We may share your information with third parties when you have given us explicit consent to do so.

We implement industry-standard technical and organizational security measures designed to protect your personal information against unauthorized access, alteration, disclosure, or destruction. Our security practices include:

• •Encryption of data in transit (TLS 1.2+) and at rest (AES-256)
• •Regular security audits, penetration testing, and vulnerability assessments
• •Role-based access controls and multi-factor authentication for internal systems
• •Secure software development lifecycle (SSDLC) practices across all engineering teams
• •Incident response procedures and breach notification protocols compliant with UK and EU regulations
• •Employee training on data protection, information security, and privacy best practices

While we strive to use commercially acceptable means to protect your personal information, no method of transmission over the Internet or method of electronic storage is 100% secure. We cannot guarantee absolute security, but we are committed to promptly addressing any security incidents in accordance with applicable law.

As a London-based company, we comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. Depending on your location, you may also be protected by the EU GDPR or other regional data protection laws. You have the following rights regarding your personal data:

To exercise any of these rights, please contact us at support@sinc.sh. We will respond to all legitimate requests within 30 days. In certain cases, we may request additional information to verify your identity before processing your request.

Our Services use cookies and similar tracking technologies to enhance your experience, analyze usage, and deliver relevant content. A cookie is a small data file stored on your device when you visit a website.

As a global technology company, SINC operates across multiple jurisdictions. Your personal information may be transferred to, stored in, and processed in countries other than your country of residence, including the United Kingdom, the European Economic Area (EEA), the United States, India, and other countries where our servers, service providers, or team members are located.

When we transfer personal data outside of the UK or EEA, we ensure that adequate safeguards are in place in accordance with the UK GDPR and EU GDPR. These safeguards may include:

• •Standard Contractual Clauses (SCCs) approved by the UK Information Commissioner's Office or the European Commission
• •Adequacy decisions issued by the relevant authority for the destination country
• •Binding Corporate Rules (BCRs) where applicable
• •Data protection agreements with all third-party processors requiring equivalent levels of protection

By using our Services, you acknowledge that your data may be transferred internationally as described above. You may contact us to obtain further details about the specific safeguards applied to the transfer of your personal data.

We retain your personal information only for as long as is necessary to fulfill the purposes for which it was collected, comply with our legal obligations, resolve disputes, and enforce our agreements. The retention period depends on the nature of the data and the context in which it was collected:

• •Account Data: Retained for the duration of your account and for up to 90 days after account deletion, unless a longer retention period is required by law
• •Transaction Data: Retained for a minimum of 7 years to comply with financial record-keeping obligations under UK law
• •Usage & Log Data: Typically retained for up to 24 months, after which it is anonymized or deleted
• •Marketing Communications: Your preferences and opt-out status are retained indefinitely to ensure we respect your choices

When personal data is no longer required, we securely delete or anonymize it using industry-standard methods.

Our Services are not directed to individuals under the age of 16 ("Children"). We do not knowingly collect personal information from children. If you are a parent or guardian and you are aware that your child has provided us with personal data, please contact us immediately at support@sinc.sh.

If we become aware that we have collected personal data from a child without verification of parental consent, we will take steps to promptly delete that information from our servers and systems.

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes to this policy, we will:

• •Update the "Last updated" date at the top of this page
• •Provide a prominent notice on our website or within our applications
• •Send an email notification to registered users where the changes are significant

We encourage you to review this policy periodically to stay informed about how we are protecting your information. Your continued use of our Services after the posting of changes constitutes your acceptance of such changes.

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us using the information below:

For data protection inquiries specifically, you may also direct your correspondence to our Data Protection Officer at support@sinc.sh with the subject line "Data Protection Inquiry." We aim to respond to all requests within 30 days.