Sign up today and get 20% off — applied instantly at checkout.

Privacy Policy

Effective as of Apr 25th, 2025.

Entity: Wesoftek Solutions Private Limited, incorporated under the Companies Act, 2013, with registered office at Unit No. 105, First Floor, Iris Tech Park, Sector 48, Sohna Road, Gurgaon, Haryana, India, 122018. (“Dunwrk”, “we”, “us”, or “our”).

Dunwrk is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our platform, including our website, web and mobile applications, APIs, and related services (collectively, the “Platform”). It also describes your choices and rights.

By registering for, accessing, or using the Platform, you agree to this Privacy Policy, which forms an integral part of our Terms & Conditions. If you do not agree, please do not use the Platform.

1. Introduction

Who we are & what we do.

Dunwrk is a secure SaaS platform that streamlines task management, team collaboration, and project tracking. Our services include task assignment, project timelines, team communications, dashboards, reporting, and admin tools.

Changes to this Policy.

We may update this Policy to reflect legal, technical, or business changes. We will post updates on the Platform and, where changes materially affect your privacy, notify registered users via email or prominent notice. Your continued use after the “Effective Date” constitutes acceptance of the updated Policy.

Roles.

Unless otherwise stated in a separate agreement, Dunwrk acts as a data controller for account, billing, and support data, and as a processor for workspace data that organizations upload/manage (e.g., tasks, files, comments). Where Dunwrk is a processor, the organization (workspace owner) is the controller.

2. Children’s Privacy

Our Platform is not intended for children under 18 (or the age of majority in your jurisdiction). We do not knowingly collect personal information from minors without verifiable parental/guardian consent. If you believe a minor has provided information to us, contact [privacy@dunwrk.com] and we will promptly delete it.

3. Data We Collect About You

Account & Profile Information.

  • Name, email, password (hashed), phone (optional), organization details, role/title.
  • If you use SSO (Google/Microsoft/etc.), we receive minimum necessary identifiers/claims (e.g., name, email, tenant ID).

Billing & Payments.

  • Plan, invoices, tax IDs (PAN/GST, where applicable), transaction metadata.
  • We do not store card numbers; payments are processed by PCI-DSS compliant providers.

Workspace Content & Usage.

  • Tasks, projects, attachments, comments, dashboards, integrations, and related metadata (timestamps, status changes, actors).
  • Access logs and audit trails (e.g., login time, IP, device fingerprint) for security, troubleshooting, and compliance.

Support & Communications.

  • Helpdesk tickets, emails, chats, survey responses, feedback, beta participation.

Automatically Collected (Cookies/Telemetry).

  • IP address, device/OS/browser data, pages/screens viewed, feature use, referrers, crash reports, performance metrics.

  • Cookies and similar technologies (see Cookie Policy). You can control non-essential cookies via the banner/settings.

Third-Party Sources.

  • Analytics (aggregated), error logging, email delivery, authentication, cloud hosting, fraud prevention—data received is limited to what’s necessary to provide the service.

4. How We Use Your Data

Purposes.

We use personal data to:

  • Create and manage accounts/workspaces; authenticate users; provide SSO.
  • Operate, maintain, secure, and improve the Platform (including analytics and performance).
  • Provide customer support, service communications, and transaction notices.
  • Personalize in-product experience (e.g., reminders/notifications) and offer opt-in marketing.
  • Enforce Terms, prevent misuse, detect/prevent fraud, and ensure platform integrity.
  • Comply with legal obligations, respond to lawful requests, and protect rights/safety.

Lawful Bases (illustrative).

  • Performance of contract (providing the Platform and support).
  • Legitimate interests (security, service improvement, analytics balanced with privacy).
  • Consent (non-essential cookies/marketing; sensitive data if ever applicable).
  • Legal obligation (tax, accounting, regulatory compliance).

We do not use your workspace content for advertising. Aggregated and de-identified analytics may be used to improve services but do not identify you or your organization.

5. With Whom We Share Your Data

We share data only as necessary and with safeguards:

  • As you instruct within your workspace (e.g., with team members, collaborators, admins).
  • Service providers/sub-processors (cloud hosting, CDN, database, search, analytics, monitoring, email/SMS, payments, support). These parties process data under contracts that include confidentiality, security, and data protection obligations.
  • Affiliates/advisors/auditors for internal governance, financial reporting, or compliance.
  • Legal & safety: to comply with law or enforce rights; to respond to valid legal processes or requests from authorities.
  • Business transfers: in connection with a merger, acquisition, or asset sale, subject to continuing protections.
  • Advertising partners only with your explicit consent (if used; off by default).

6. Legal and Safety-Related Disclosures

We may disclose information where necessary to: (a) comply with applicable law, regulation, legal process, or enforceable governmental request; (b) protect the safety, rights, or property of users or the public; (c) detect/prevent fraud, security, or technical issues; (d) establish, exercise, or defend legal claims.

7. Data Retention and Deletion

  • We retain personal data for as long as your account is active or as needed to provide services, comply with law, resolve disputes, and enforce agreements.
  • Workspace owners/admins control retention of workspace content and may delete data per their policies.
  • You (or your workspace admin) may request deletion at [privacy@dunwrk.com]; we verify identity/authority before processing.
  • When deletion is initiated, items are soft-deleted (no longer visible) and then permanently erased from active systems; recovery isn’t possible after permanent deletion.
  • Backups and logs may retain deleted content for a limited period (typically up to 90 days) before secure overwrite.
  • We may delay or decline deletion where legally required (e.g., tax, fraud prevention, litigation), restricting processing to those purposes only.
  • For data held by sub-processors, we cascade deletion requests and take reasonable steps to confirm completion.
  • After account closure, we retain only minimal records required for tax, fraud prevention, or other legal obligations.

8. Your Privacy Choices

  • Account settings: view/update profile information; manage notifications.
  • Marketing: opt-out via unsubscribe links or settings (transactional emails will still be sent).
  • Cookies: manage non-essential cookies via our Cookie Policy controls.
  • Workspace content: add, modify, export, or delete content subject to your role/permissions.
  • Account deletion: you may request account closure; we’ll confirm and process deletion subject to legal/operational constraints and backup windows.

9. Communications from Us

  • Transactional/service emails (security alerts, invoices, critical updates) are essential.
  • Marketing emails/SMS/push notifications are sent only with consent and can be withdrawn at any time.
  • Administrative notices about material changes to Terms/Policy will be provided via email or in-product.

10. Protecting Your Information

We implement technical, organizational, and physical safeguards, including:

  • Encryption in transit and at rest; TLS; hardened cloud infrastructure; network isolation.
  • Role-based access controls, SSO/MFA options, least-privilege, audit logs, and monitoring.
  • Regular backups, vulnerability management, and incident response procedures.
  • Despite safeguards, no system is 100% secure. You should: use strong unique passwords, enable MFA, limit access to authorized users, review permissions regularly, and notify us at [security@dunwrk.com] of any suspected unauthorized access.

11. Your Responsibilities

You must comply with applicable laws (including data protection), your internal policies, and contractual obligations when processing others’ data in the Platform. Misuse may result in suspension/termination under our Terms.

12. Third-Party Services

The Platform may link to or integrate with third-party services (e.g., identity providers, storage, communication tools). Their privacy practices are governed by their own policies. We are not responsible for third-party content or privacy practices. Review those policies before enabling integrations.

13. International Data Transfers and User Rights

Location & Transfers.

We process data in India and may transfer/store it in other countries where we or our service providers operate. Where required, we implement appropriate transfer safeguards (e.g., contractual protections).

Your Rights (subject to jurisdiction and controller/processor role):

  • Access: request a copy of your personal data.
  • Correction: request correction of inaccurate or incomplete data.
  • Deletion: request deletion, subject to legal/operational limits.
  • Objection/Restriction: object to or request restriction of certain processing.
  • Portability: request export of data you provided in a machine-readable format.
  • Withdraw Consent: where processing is based on consent.

For India (DPDP Act): you may exercise the above rights by writing to legal@wesoftek.com. We will authenticate your request and respond within a reasonable period as required by law. If you are an Authorized User within an organization, please contact your workspace admin/controller first; we will support the controller in fulfilling your request.

For the EEA/UK (if applicable): where GDPR/UK GDPR apply, Dunwrk will honor rights and lawful bases accordingly. You may contact your supervisory authority if you believe your rights are infringed.

14. How to Contact Us

Email (Privacy/DPO/Grievance): legal@wesoftek.com

Postal: Unit No 105, First Floor, Iris Tech Park, Sector 48, Sohna Road, Gurgaon, Haryana, India, 122018.

We are committed to transparency and to protecting your information using industry-standard practices. If you believe your privacy has been impacted, please contact us—we will investigate and respond in accordance with applicable law.