1. Who we are & scope
BizMenia is a global business directory that helps people discover businesses, view their details, and send inquiries (“BizMenia”, “we”, “us”, “our”). For the purposes of the DPDP Act we act as a Data Fiduciary, and under the GDPR as a data controller, for the personal data described here. This policy applies to visitors, registered users, and business owners who use our website and services (the “Service”).
2. Information we collect
Information you provide
- Account data — name, email address, phone number, and a password (or a Google account identifier if you sign in with Google).
- Business profile content — company name, descriptions, logo and images, location, industry, products, services, offers, and links you publish.
- Inquiries & reviews — messages you send to businesses and reviews you post.
Information we collect automatically
- Device & usage data — pages viewed, searches made, referring pages, browser and device type.
- Approximate location — derived from your IP address (including Cloudflare’s country signal). Precise geolocation is used only with your permission (“near me”).
- Cookies & local storage — see our Cookie Policy.
Information from third parties
- Sign-in providers — if you use Google sign-in, we receive basic profile information you authorise.
- Anti-abuse providers — signals from Cloudflare and Cloudflare Turnstile used to keep the Service secure.
3. How we use information
- Operate, maintain, and personalise the directory and search results.
- Connect buyers and partners with businesses, and deliver inquiries.
- Verify businesses and award the Verified badge.
- Protect the Service — prevent spam, fraud, and abuse (including bot checks).
- Measure and improve features through analytics.
- Send service communications and, where permitted, updates you can opt out of.
- Comply with legal obligations and enforce our terms.
4. Legal bases for processing
Where the GDPR or DPDP Act applies, we rely on the following bases:
| Purpose | Legal basis |
|---|---|
| Providing your account and the Service | Performance of a contract |
| Publishing your business profile publicly | Consent / contract |
| Security, fraud prevention, and improving the Service | Legitimate interests |
| Analytics and non-essential cookies | Consent |
| Meeting legal and regulatory obligations | Legal obligation |
5. How we share information
- Public profile content is public by design and appears in search and on profile pages. Your contact details stay private until you choose to send or accept an inquiry.
- Service providers / processors — hosting, storage, email, and analytics vendors that process data on our instructions.
- Our partners and affiliates — we may share business profile information and related content with our partners and affiliates to power discovery, matching, and related business opportunities (see our Terms of Service).
- Legal & safety — where required by law or to protect rights, users, and the public.
- Business transfers — in connection with a merger, acquisition, or sale of assets.
We do not sell your personal data, and we do not “share” it for cross-context behavioural advertising as defined by the CCPA/CPRA.
6. International data transfers
We operate globally, so your data may be processed in countries other than your own. Where we transfer personal data across borders, we use appropriate safeguards such as Standard Contractual Clauses (and the UK Addendum where relevant) or rely on an adequacy decision.
7. Data retention
We keep personal data for as long as your account is active or as needed to provide the Service, and thereafter only as required to meet legal, accounting, or reporting obligations, resolve disputes, and enforce our agreements. Public content you remove is deleted or de-indexed within a reasonable period.
8. Security
We use technical and organisational measures including encryption in transit (TLS), access controls, rate limiting, and bot protection. No method of transmission or storage is completely secure, but we work to protect your data and to notify you and regulators of breaches where the law requires.
9. Your rights
India (DPDP Act)
You may request access to and correction or erasure of your personal data, nominate another individual to exercise your rights, and seek grievance redressal. Contact our Grievance Officer below.
EU / UK (GDPR)
You have rights to access, rectification, erasure, restriction, data portability, and to object to processing, and to withdraw consent at any time. You may lodge a complaint with your local supervisory authority.
California (CCPA/CPRA)
You have rights to know, delete, and correct your personal information, to opt out of sale/sharing (note: we do not sell or share it), to limit use of sensitive personal information, and to non-discrimination for exercising your rights.
Other regions
Residents of Brazil (LGPD), Canada (PIPEDA), and other jurisdictions have similar rights. We honour applicable local data-protection laws.
To exercise any right, email [email protected]. We verify requests and respond within the timeframes required by law.
10. Health data (HIPAA)
BizMenia is a general business directory. It is not a “covered entity” or “business associate” under the U.S. Health Insurance Portability and Accountability Act (HIPAA), and we do not request or knowingly process protected health information (PHI). Please do not submit PHI or other sensitive health information through the Service.
11. Children’s privacy
The Service is intended for businesses and adults. We do not knowingly collect personal data from children (under 13 in the U.S. under COPPA, or below the age of consent under the DPDP Act and GDPR). If you believe a child has provided us data, contact us and we will delete it.
12. Cookies
We use cookies and similar technologies as described in our Cookie Policy. You can control non-essential cookies through your browser and our controls.
13. Do Not Track & Global Privacy Control
Where required, we honour recognised opt-out preference signals such as Global Privacy Control (GPC). Because there is no common standard for “Do Not Track”, we respond to GPC where applicable.
14. Third-party links
The Service links to third-party websites we don’t control. Their privacy practices are governed by their own policies.
15. Changes to this policy
We may update this policy from time to time. Material changes will be posted here with an updated date and, where appropriate, additional notice.
16. Contact & grievances
For privacy questions or to exercise your rights, contact our Grievance Officer / privacy team at [email protected]. For EU/UK requests you may also write to the same address.