ThinkMetal Private Limited (“Company”, “we”, “us”, or “our”) develops and operates industrial manufacturing systems, additive manufacturing machines, software platforms, desktop applications, firmware, AI-enabled systems, research platforms, cloud-connected services, feedstock materials, and related services made available through thinkmetal.in, thinkmetal.com, thinkmetal.ai, associated domains, applications, connected devices, and related infrastructure (collectively, the “Platform” or “Services”).
This includes, without limitation, the Thinkware desktop application, Metal AI research platform, industrial analytics systems, connected manufacturing infrastructure, and related manufacturing intelligence services provided by the Company.
THIS PRIVACY POLICY IS AN ELECTRONIC RECORD IN THE FORM OF AN ELECTRONIC CONTRACT FORMED UNDER THE INFORMATION TECHNOLOGY ACT, 2000 AND THE RULES MADE THEREUNDER AND THE AMENDED PROVISIONS PERTAINING TO ELECTRONIC DOCUMENTS / RECORDS IN VARIOUS STATUTES AS AMENDED BY THE INFORMATION TECHNOLOGY ACT, 2000 OR ANY RELEVANT STATUTE OR REGULATION UNDER ANY APPLICABLE JURISDICTION. THIS PRIVACY POLICY DOES NOT REQUIRE ANY PHYSICAL, ELECTRONIC OR DIGITAL SIGNATURE.
The purpose of this Privacy Policy is to ensure that there is an intact charter to collect, use and protect any personal and/or sensitive data collected by us. This Policy defines our procedure for collection, usage, processing, disclosure and protection of any information obtained by us through the Platform. Capitalized terms that are not defined in this Privacy Policy shall have the same meaning as ascribed to them in our Terms of Service. Any reference made to Privacy policy in this document shall mean and refer to the latest version of the Privacy Policy.
CONSENT
THIS PRIVACY POLICY IS A LEGALLY BINDING DOCUMENT BETWEEN YOU AND THE COMPANY. THE TERMS OF THIS PRIVACY POLICY WILL BE EFFECTIVE UPON YOUR ACCEPTANCE OF THE SAME OR BY YOUR USE OF OUR SERVICES AND WILL GOVERN THE RELATIONSHIP BETWEEN COMPANY AND YOU FOR YOUR USE OF THE PLATFORM AND OUR SERVICES.
PLEASE READ THIS PRIVACY POLICY CAREFULLY AS IT AFFECTS YOUR RIGHTS AND LIABILITIES UNDER LAW. BY USING THIS PLATFORM AND AVAILING OUR SERVICES, YOU INDICATE THAT YOU UNDERSTAND, AGREE AND CONSENT TO THIS PRIVACY POLICY. IF YOU DO NOT AGREE WITH THE TERMS OF THIS PRIVACY POLICY, PLEASE DO NOT USE THIS WEBSITE OR AVAIL OUR SERVICES.
Please be advised that any Information procured by us, shall be:
processed fairly and lawfully for rendering the Services;
- obtained only for specified and lawful purposes;
- adequate, relevant and not excessive in relation to the purpose for which it is required;
- able to be reviewed by the User, from time to time and updated if the need arises; and
- not kept longer than for the time which it is required or the purpose for which it is required or as required by the applicable law.
If you do not agree with this Privacy Policy, you may refuse or withdraw your consent any time, or alternatively choose to not provide us with any Personal Information, you understand that under such circumstance, we may be unable to render Services. Any such intimation to withdraw your consent can be sent to privacy@thinkmetal.in.
WE SHALL NOT BE LIABLE FOR ANY LOSS OR DAMAGE SUSTAINED BY REASON OF ANY DISCLOSURE (INADVERTENT OR OTHERWISE) OF ANY DATA, IF THE SAME IS EITHER (A) REQUIRED FOR SHARING YOUR INFORMATION FOR LEGITIMATE PURPOSES; OR (B) WAS CAUSED THROUGH NO FAULT, ACT, OR OMISSION OF THE COMPANY.
TYPES OF INFORMATION COLLECTED BY US
- “Personal Data” means and includes any Information that relates to a natural person through which an individual is identified, such as the name, contact details, email address, gender, age, organisation name, organisation email id, demographic information such as address and pin code, any photo identity or any other information relevant to product choice and preferences provided by a User, including but not limited to information gathered through availing Services.
- “Sensitive Financial and Identification Information” means and includes information relating to; (i) government ID cards; (ii) financial information such as bank account or credit card or debit card or other payment instrument details; and (iii) any detail relating to the above-mentioned points as provided to us for using the Platform.
- “Technical Information” means and includes any Information gathered through various technologies that may employ cookies, web beacons, or similar technologies to automatically record certain information from your device through which you use the Platform. This technical information may include your Internet Protocol (IP) address, device or browser type, Internet service provider (ISP), referring or exit pages, clickstream data, operating system, hardware model, operating system version, unique device identifiers, and mobile network. This data includes usage information and user statistics.
- “Machine Data” means and includes operational, diagnostic, telemetry, maintenance, calibration, usage, firmware, sensor, environmental, and performance-related information generated by or associated with Company hardware, machines, connected devices, or industrial systems.
- “Manufacturing Data” means and includes job files, CAD files, STL files, STEP files, G-code, slicing configurations, process parameters, machine recipes, manufacturing workflows, material profiles, production analytics, job logs, camera feeds, and related industrial production information processed through the Platform or Services.
- “Material Data” means and includes feedstock information, batch identifiers, lot traceability information, material certifications, powder usage records, recycling statistics, material quality records, and related manufacturing material analytics.
- “Research and AI Data” means and includes material research inputs, prompts, queries, datasets, analytical parameters, simulation inputs, model interactions, experimental data, research outputs, technical documentation, recommendation inputs, generated responses, and related information processed through AI-enabled, research-oriented, analytical, or industrial intelligence services provided by the Company.
- “Non-Personal Information”
- “Information collected through use of our Service” means and includes generic and non-identifying information which is shared with us to avail our Services.
- "Non-Personal Information” means and includes any information that does not reveal your specific identity, such as, browser information, information collected through Cookies (as defined below), pixel tags and other technologies, demographic information, etc. As is true with most websites, our Company gathers some information automatically when you visit the Platform. When you use the Platform, we may collect certain information about your computer or mobile to facilitate, evaluate and verify your use of the Platform. For example, we may store environmental variables, such as browser type, operating system, speed of the central processing unit (CPU), referring or exit web pages, click patterns. This information is generally collected in aggregate form, without identifying any User individually.
(The Sensitive Financial and Identification Information, Technical Information, Locational Information and Non-Personal Information are collectively referred to as “Information").
COLLECTION AND STORAGE OF INFORMATION
Information may be collected in various ways including during the course of you registering as a User on the Platform, or availing certain Services offered on the Platform.
The Company may automatically collect Machine Data, Manufacturing Data, and Material Data from connected hardware systems, software applications, cloud-connected services, firmware components, diagnostic interfaces, and support systems for legitimate operational, safety, maintenance, analytics, security, quality assurance, and service-related purposes.
We may receive Information about you from third-party platforms, such as social media platforms, marketing and advertising firms, commercially available sources and business partners to whom you have consented disclosure of such Information.
Please do note that each category of Information may be treated differently as per this Privacy Policy.
PURPOSE FOR COLLECTING OF INFORMATION
The Company collects, uses, stores and processes your Information for any purpose as may be permissible under applicable laws (including where the applicable law provides for such collection, usage, storage or processes in accordance with the consent of the User) and shall include the following:
to render Services and facilitate your use of the Platform;
to respond to your inquiries or fulfil your requests for information about the various Services offered on the Platform;
to provide you with information about Services available on the Platform and to send you information, materials, and offers;
to send you important information regarding the Platform, changes in terms and conditions, user agreements, and policies and/or other administrative information;
to send you surveys and marketing communications;
to improve user experience;
to help you address your problems incurred on the Platform including addressing any technical problems;
to protect the integrity and for proper administering of the Platform;
to conduct analytical studies, operational analysis, product improvement, and industrial research;
to respond to legal, judicial, quasi-judicial process and provide information to law enforcement agencies or in connection with an investigation on matters related to public safety, as permitted by law;
to implement information security practices;
to determine any security breaches, computer contaminant or computer virus;
to investigate, prevent, or take action regarding illegal activities and suspected fraud;
to enable a potential buyer or investor to evaluate the business of the Company;
Aggregating Information / Anonymized data: We may aggregate Information and analyse it in a manner to further accentuate the level of services that we offer to our customers. This Information includes the average number of Users of the Platform, usage patterns, feature interactions, response rates, etc. and other such statistics regarding groups or individuals. In doing so, we shall not be making disclosures of any Sensitive Personal Information as defined above;
to improve machine reliability, process consistency, manufacturing quality, software stability, material performance, and operational safety;
to monitor machine health, process telemetry, operational efficiency, and connected industrial infrastructure;
to maintain material traceability, quality assurance, and manufacturing compliance records;
to generate anonymized analytics and aggregated operational insights for research, development, performance optimization, and product improvement purposes.
to provide AI-enabled research, analytics, simulation, recommendation, material discovery, industrial intelligence, optimization, and research-support services;
to improve AI models, analytical systems, industrial intelligence systems, recommendation systems, material research capabilities, simulation systems, and operational analytics using anonymized, aggregated, or de-identified information; and
to support research, experimentation, technical analysis, manufacturing optimization, process development, and industrial knowledge systems associated with the Services.
[Individually and collectively referred to as ("Legitimate Purposes")]
SHARING AND DISCLOSURE OF YOUR INFORMATION
The Company does not sell, rent, or trade your Personal Information to third parties for their independent marketing purposes. The Company may, however, share, disclose, transfer, or provide access to Information in accordance with this Privacy Policy, applicable laws, contractual obligations, and legitimate business purposes.
The Company may share Information with its affiliates, subsidiaries, employees, contractors, consultants, service providers, infrastructure providers, payment processors, analytics providers, logistics providers, communication providers, cybersecurity providers, cloud hosting providers, and other operational vendors strictly on a need-to-know basis for the purpose of operating, maintaining, securing, improving, supporting, and providing the Services.
Information may be disclosed where such disclosure is necessary:
to comply with applicable laws, regulations, governmental requests, judicial orders, subpoenas, or legal processes;
to protect the rights, property, systems, operations, intellectual property, safety, or security of the Company, its Users, or third parties;
to detect, investigate, prevent, or address fraud, cybersecurity incidents, unauthorized access, illegal activity, technical issues, safety risks, or violations of applicable agreements;
to enforce the Company’s policies, contractual rights, or legal claims; or
to comply with regulatory, industrial, export control, sanctions, or compliance obligations.
The Company may share Information with authorized distributors, resellers, installation partners, maintenance providers, technical support providers, integration partners, or service personnel solely for providing installation, maintenance, diagnostics, warranty support, technical assistance, training, or operational support services associated with the Platform or Services.
In the event of a merger, acquisition, restructuring, investment transaction, financing, reorganization, asset sale, or transfer of ownership or control involving the Company, information may be transferred as part of such transaction, subject to reasonable confidentiality and legal safeguards.
The Company may share anonymized, aggregated, statistical, or de-identified Information for analytics, operational insights, product improvement, industrial research, benchmarking, market analysis, business intelligence, safety improvement, and legitimate commercial purposes, provided such information does not reasonably identify an individual User or disclose confidential proprietary customer information.
The Company shall implement reasonable contractual, organizational, technical, and confidentiality safeguards while sharing Information with third parties, service providers, contractors, or operational partners.
Except as expressly provided under this Privacy Policy, the Company shall share Personal Information only:
with the User’s consent;
where required by applicable law; or
where reasonably necessary for providing the Services and operating the Platform.
INDUSTRIAL MACHINE, MANUFACTURING, AND OPERATIONAL DATA
The Company may collect, process, store, analyze, and utilize Machine Data, Manufacturing Data, Material Data, Technical Information, and operational analytics generated through the use of the Platform, Services, connected hardware systems, firmware, software applications, cloud infrastructure, support systems, and related industrial equipment.
Such information may include, without limitation:
machine serial numbers and device identifiers;
firmware versions and software configurations;
operational logs and machine telemetry;
calibration, maintenance, and diagnostic records;
machine health and performance metrics;
process parameters and production settings;
job execution logs and manufacturing workflows;
material usage statistics and feedstock records;
environmental and sensor data;
system crash reports and error logs;
connected device communication data;
production analytics and operational insights;
support and troubleshooting records; and
anonymized or aggregated industrial usage statistics.
The Company may process such information for legitimate operational and business purposes, including:
machine functionality and service delivery;
diagnostics and technical support;
predictive maintenance and reliability improvement;
software and firmware updates;
cybersecurity, monitoring, and fraud prevention;
operational analytics and quality assurance;
manufacturing process optimization;
product research and development;
fleet management and remote support services;
regulatory, warranty, safety, and compliance obligations; and
improving machine, software, feedstock, and platform performance.
Certain Services may utilize machine learning models, artificial intelligence systems, analytical engines, recommendation systems, simulation tools, automated processing technologies, or industrial intelligence systems to generate research outputs, recommendations, analytical results, process insights, material suggestions, or operational intelligence functions.
AI-generated outputs, recommendations, simulations, analytical results, research insights, predictions, generated content, or automated suggestions are provided for informational, analytical, research-support, and operational assistance purposes only and should not be solely relied upon for safety-critical, production-critical, aerospace, defense, medical, regulatory, or other high-risk industrial decisions without independent testing, validation, verification, engineering review, and professional assessment.
Users retain ownership of their Manufacturing Data, including proprietary manufacturing files, CAD files, job configurations, process parameters, workflows, and associated intellectual property uploaded, processed, transmitted, or generated through the Services.
The Company does not claim ownership over customer proprietary manufacturing designs, industrial workflows, technical drawings, production recipes, or associated intellectual property solely by virtue of processing such information through the Services.
The Company retains all ownership, title, and interest in:
The Company retains all ownership, title, and interest in: the Platform and Services;
machine operating systems and firmware;
software applications and cloud infrastructure;
algorithms, analytics systems, and interfaces;
documentation and technical materials; and
all associated intellectual property owned or developed by the Company.
The Company may generate and use anonymized, aggregated, statistical, or de-identified Machine Data, Manufacturing Data, Material Data, and Technical Information for analytics, product improvement, reliability enhancement, quality assurance, safety monitoring, research, development, and legitimate business operations, provided that such information does not reasonably identify an individual User or disclose confidential proprietary customer information.
The Company shall not use confidential customer Manufacturing Data, proprietary research data, identifiable customer information, or protected industrial intellectual property for public model training purposes without appropriate authorization, contractual basis, consent, or other lawful justification.
The User acknowledges and consents that certain Services may involve cloud connectivity, telemetry transmission, remote diagnostics, firmware management, machine monitoring, operational analytics, remote support functionality, and related connected industrial system features.
Authorized personnel, service providers, contractors, or support representatives engaged by the Company may access diagnostic logs, telemetry records, machine configurations, operational analytics, and related technical information solely on a need-to-know basis for troubleshooting, maintenance, support, security, compliance, or service-related purposes, subject to reasonable confidentiality and security safeguards.
The Company may maintain material traceability records, feedstock batch records, recycling records, quality assurance documentation, certification records, and related manufacturing compliance information for operational, warranty, quality control, safety, regulatory, research, and support purposes.
Users acknowledge that industrial manufacturing systems may involve elevated temperatures, electrical systems, moving mechanical assemblies, lasers, powders, chemicals, pressurized systems, or other hazardous operating conditions. Users are solely responsible for ensuring appropriate operational safety procedures, trained personnel, environmental controls, and compliance with applicable laws, regulations, and industry safety standards while using the Services.
The Company reserves the right to restrict, suspend, or refuse access to certain Services, software, materials, products, connected functionality, or industrial systems where required under applicable export control laws, sanctions regulations, industrial compliance obligations, safety requirements, legal restrictions, or regulatory directives.
TO OTHER WEBSITES, THIRD-PARTY SERVICES, AND EXTERNAL SYSTEMS
The Platform and Services may contain links, integrations, interfaces, APIs, plugins, embedded content, payment gateways, cloud services, communication tools, third-party software, external websites, industrial systems, or other services operated or controlled by third parties (“Third-Party Services”).
Such Third-Party Services are provided solely for convenience, interoperability, operational functionality, payment processing, analytics, infrastructure support, industrial integrations, communication, maintenance, logistics, or related service purposes. The inclusion of any Third-Party Service does not imply endorsement, affiliation, partnership, certification, or approval by the Company unless expressly stated otherwise.
The Company does not control and shall not be responsible for:
the privacy practices of Third-Party Services;
the content, functionality, security, availability, or performance of Third-Party Services;
data handling or processing practices of third parties;
third-party cybersecurity incidents or infrastructure failures;
third-party payment processing systems;
external industrial integrations or connected systems; or
any loss, damage, liability, or claim arising from the use of Third-Party Services.
Users acknowledge and agree that access to or use of Third-Party Services may be subject to separate terms, conditions, privacy policies, licenses, security practices, operational requirements, and contractual obligations imposed by such third parties. Users are encouraged to independently review such policies and agreements before accessing or using Third-Party Services.
The Company may engage third-party infrastructure providers, cloud hosting providers, analytics providers, cybersecurity vendors, communication providers, payment processors, logistics providers, customer support providers, industrial integration providers, maintenance providers, distributors, and operational vendors in connection with providing, maintaining, securing, supporting, and improving the Services.
Certain Services may involve interoperability or integration with:
industrial automation systems;
machine controllers;
IoT devices;
enterprise software systems;
cloud platforms;
payment gateways;
monitoring systems;
remote support tools;
communication systems; or
third-party manufacturing infrastructure.
The Company shall not be responsible for the availability, compatibility, security, functionality, or performance of such external systems unless expressly agreed otherwise in writing.
Financial transactions conducted through payment gateways or third-party payment processors are processed directly by such providers. The Company does not store full payment card details except as permitted or required for lawful operational purposes. Users acknowledge that payment-related information may be governed by the privacy and security policies of such payment providers.
The Company may use third-party analytics, diagnostics, monitoring, telemetry, communication, infrastructure, or support tools to improve platform reliability, operational performance, cybersecurity, product quality, and user experience, subject to applicable confidentiality and security safeguards.
The Company shall not be liable for any disclosure, loss, interception, corruption, unauthorized access, delay, or security incident caused by Third-Party Services, external systems, internet infrastructure, telecommunications providers, cloud providers, or circumstances beyond the Company’s reasonable control.
Users are solely responsible for evaluating the suitability, legality, reliability, security, and compliance of any Third-Party Services or external systems they choose to access, connect, integrate, or use in conjunction with the Platform or Services.
CHILDREN’S PRIVACY
The Platform and Services are intended for use by businesses, professionals, organizations, industrial operators, manufacturers, technical personnel, and individuals who are legally capable of entering into binding agreements under applicable laws.
The Platform and Services are not directed toward, designed for, or intended to be used by children or minors under the age prescribed under applicable laws (“Children”).
The Company does not knowingly collect, solicit, process, store, or maintain Personal Information from Children without verifiable parental or lawful guardian consent where required under applicable law.
If the Company becomes aware that Personal Information relating to a Child has been collected without appropriate authorization or lawful basis, the Company shall take commercially reasonable steps to delete, anonymize, or restrict such Information in accordance with applicable laws and operational requirements.
Parents, guardians, or authorized representatives who believe that a Child may have provided Personal Information through the Platform or Services may contact the Company using the contact details provided in this Privacy Policy to request review, correction, deletion, or restriction of such Information.
DATA PROTECTION RIGHTS
Subject to applicable laws, including the Digital Personal Data Protection Act, 2023 and other applicable privacy or data protection regulations, Users may have certain rights in relation to their Personal Information processed by the Company.
Such rights may include, subject to applicable legal limitations and operational requirements:
Right to Access Information: Users may request confirmation regarding whether the Company processes their Personal Information and may request access to certain categories of Personal Information maintained by the Company.
Right to Correction and Updating: Users may request correction, rectification, updating, or completion of inaccurate, outdated, incomplete, or misleading Personal Information maintained by the Company.
Right to Deletion or Erasure: Users may request deletion, anonymization, or erasure of Personal Information where such Information is no longer necessary for the purposes for which it was collected, subject to applicable legal obligations, industrial traceability requirements, operational requirements, dispute resolution obligations, cybersecurity requirements, regulatory obligations, warranty obligations, and legitimate business purposes.
Right to Restrict or Object to Processing: Users may, where permitted under applicable law, object to or request restriction of certain processing activities relating to their Personal Information.
Right to Withdraw Consent: Where processing is based on consent, Users may withdraw such consent at any time by contacting the Company using the contact details provided in this Privacy Policy. Withdrawal of consent shall not affect the lawfulness of processing conducted prior to such withdrawal.
Right to Data Portability: Where technically feasible and legally applicable, Users may request transfer of certain Personal Information in a structured, commonly used, and machine-readable format to themselves or another authorized entity.
Right to Grievance Redressal: Users may contact the Company’s designated grievance officer or authorized representative regarding concerns, complaints, requests, disputes, or questions relating to the processing of Personal Information.
Right to Nominate: Where permitted under applicable law, Users may nominate another individual to exercise rights on their behalf in the event of death, incapacity, or inability to exercise such rights.
The Company may request additional information, documentation, authentication materials, or verification procedures before processing any request relating to Personal Information in order to verify the identity, authority, or legitimacy of the requesting party.
The Company reserves the right to refuse, restrict, defer, or partially comply with requests relating to Personal Information where:
such refusal is permitted or required under applicable law;
compliance would adversely affect the rights, safety, confidentiality, intellectual property, trade secrets, or legitimate interests of the Company or third parties;
the request is manifestly unfounded, excessive, repetitive, technically impractical, fraudulent, abusive, or disproportionate;
retention of Information is necessary for legal, regulatory, operational, industrial traceability, cybersecurity, warranty, dispute resolution, fraud prevention, safety, or compliance purposes; or
the requested Information has been anonymized, aggregated, or de-identified.
The Company may retain certain Information despite deletion or restriction requests where such retention is reasonably necessary for:
compliance with applicable laws and regulations;
industrial traceability and quality assurance obligations;
warranty, maintenance, and safety requirements;
cybersecurity monitoring and incident response;
fraud prevention and investigation;
dispute resolution and legal enforcement; or
protection of the Company’s systems, infrastructure, intellectual property, operations, Users, or legal rights.
Requests relating to Personal Information may be submitted to the Company through the contact details or grievance redressal mechanisms specified in this Privacy Policy.
The Company shall take commercially reasonable steps to respond to valid requests within a reasonable timeframe in accordance with applicable laws, operational feasibility, and technical limitations.
STORAGE AND TRANSFER OF INFORMATION
The Company may collect, store, process, transfer, transmit, host, analyze, archive, and otherwise handle Information in electronic, digital, physical, cloud-based, or other forms using systems, infrastructure, platforms, or service providers operated by the Company or authorized third parties.
Information may be stored or processed on servers, cloud infrastructure, backup systems, industrial systems, operational environments, or data centers located in India or in other jurisdictions, subject to applicable laws and commercially reasonable safeguards.
The User acknowledges and consents that Information, including Personal Information, Machine Data, Manufacturing Data, Material Data, Technical Information, operational analytics, support records, and related industrial information, may be transferred to, processed in, or accessed from jurisdictions outside the User’s state, province, or country of residence where the Company, its affiliates, service providers, infrastructure providers, contractors, operational partners, or authorized personnel maintain facilities or operations.
The Company may engage third-party cloud hosting providers, infrastructure providers, cybersecurity providers, analytics providers, communication providers, backup providers, industrial integration providers, and operational service providers for the purpose of storing, processing, securing, monitoring, transmitting, analyzing, or supporting Information and the Services.
Such third parties may maintain independent infrastructure, systems, security practices, certifications, operational standards, and data processing environments. The Company shall take commercially reasonable measures to require such parties to implement reasonable confidentiality, privacy, and security safeguards appropriate to the nature of the Information processed.
The Company may transfer or disclose Information:
to comply with applicable laws, legal processes, governmental requests, judicial orders, or regulatory obligations;
to support operational continuity, disaster recovery, cybersecurity, maintenance, diagnostics, analytics, or industrial support functions;
in connection with mergers, acquisitions, investments, restructuring, financing, business transfers, or asset sales;
to provide customer support, technical services, maintenance, remote diagnostics, warranty support, or operational assistance; or
for legitimate business, industrial, security, compliance, or operational purposes consistent with this Privacy Policy.
The Company may maintain backup copies, archived systems, disaster recovery infrastructure, operational logs, industrial traceability records, and security records for commercially reasonable durations as part of its operational, cybersecurity, compliance, warranty, audit, safety, and business continuity requirements.
While the Company implements commercially reasonable safeguards to protect Information, the User acknowledges that:
internet-based transmissions are not completely secure;
cloud infrastructure and third-party systems may experience vulnerabilities, outages, unauthorized access attempts, or security incidents;
industrial and connected systems may be exposed to cybersecurity risks; and
no method of electronic storage, transmission, or processing can be guaranteed to be completely secure or error-free.
Users are responsible for ensuring that their use, transfer, storage, export, import, processing, or disclosure of Information through the Services complies with applicable laws, contractual obligations, industrial compliance requirements, export control laws, sanctions regulations, and internal organizational policies applicable to them.
By accessing or using the Platform or Services, the User expressly consents to the collection, storage, processing, transfer, transmission, hosting, and handling of Information in accordance with this Privacy Policy and applicable laws.
COOKIES AND OTHER TRACKING TECHNOLOGIES
The Platform and Services may use cookies, pixels, web beacons, SDKs, device identifiers, local storage objects, log files, scripts, APIs, telemetry systems, analytics tools, and similar technologies (“Tracking Technologies”) to collect, process, store, and analyze Information relating to the use of the Platform and Services.
Tracking Technologies may be used for various operational, functional, analytical, security, industrial, diagnostic, and performance-related purposes, including:
authentication and account management;
maintaining user sessions and preferences;
enabling Platform functionality;
improving usability and user experience;
monitoring platform reliability and performance;
analytics and usage measurement;
diagnostics and troubleshooting;
fraud prevention and cybersecurity monitoring;
detecting unauthorized activity or abuse;
machine telemetry and operational analytics;
software and firmware performance analysis;
maintaining security and operational integrity;
improving products, services, industrial systems, and infrastructure;
AI interaction analytics;
research workflow optimization;
model performance monitoring; and
recommendation system improvement.
The Company may use the following categories of cookies and Tracking Technologies.
Strictly Necessary Cookies: These cookies and technologies are essential for the operation, security, authentication, connectivity, and functionality of the Platform and Services and cannot generally be disabled without affecting core functionality.
Functional Cookies: These cookies and technologies enable enhanced functionality, personalization, language preferences, saved settings, operational preferences, and user experience improvements.
Analytics and Performance Cookies: These cookies and technologies help the Company understand how Users interact with the Platform and Services, measure usage patterns, analyze operational performance, improve functionality, monitor reliability, and optimize industrial and software systems.
Security and Diagnostic Technologies: The Company may use Tracking Technologies for security monitoring, fraud prevention, authentication, audit logging, diagnostics, incident investigation, infrastructure monitoring, machine telemetry analysis, and maintaining the integrity and safety of connected systems and Services.
Certain Tracking Technologies may automatically collect Technical Information, including:
IP addresses;
browser and device information;
operating system details;
usage activity and interaction data;
session information;
device identifiers;
network and connectivity information;
crash reports and diagnostics;
machine or software performance metrics; and
operational or telemetry-related analytics.
The Company may use first-party or authorized third-party analytics, infrastructure, communication, monitoring, telemetry, cybersecurity, or support providers in connection with the use of Tracking Technologies, subject to commercially reasonable confidentiality and security safeguards.
Where required under applicable law, non-essential cookies or Tracking Technologies shall only be placed or activated after obtaining the User’s consent through consent banners, preference centers, or other legally compliant consent mechanisms.
Users may control, restrict, disable, reject, or delete certain cookies or Tracking Technologies through:
browser settings;
device settings;
cookie preference tools made available by the Platform; or
third-party opt-out mechanisms where applicable.
Disabling certain cookies or Tracking Technologies may affect the availability, functionality, security, interoperability, reliability, performance, or user experience of certain portions of the Platform or Services.
The Company does not guarantee that disabling Tracking Technologies will completely prevent all forms of Information collection, particularly where certain technologies are necessary for security, operational integrity, diagnostics, fraud prevention, industrial safety, or core service functionality.
The Company may periodically update its use of cookies and Tracking Technologies to reflect operational changes, legal requirements, technological developments, industrial requirements, cybersecurity practices, or improvements to the Platform and Services.
DATA RETENTION
The Company shall retain Information only for as long as reasonably necessary for providing the Services, fulfilling contractual obligations, complying with applicable laws, maintaining operational integrity, resolving disputes, enforcing agreements, ensuring industrial traceability, protecting security interests, and pursuing legitimate business purposes.
Different categories of Information may be retained for different durations depending on the nature of the Information, operational requirements, regulatory obligations, warranty obligations, industrial compliance requirements, security considerations, and legitimate business needs.
The Company may retain the following categories of Information for operational, legal, compliance, support, quality assurance, security, analytics, and industrial traceability purposes:
account and registration information;
billing and transaction records;
support and service records;
machine telemetry and operational logs;
firmware and software diagnostic records;
calibration, maintenance, and service history;
manufacturing process records and production analytics;
material traceability and feedstock batch records;
cybersecurity and audit logs;
communications and support interactions;
backup and disaster recovery records; and
anonymized or aggregated analytical data.
Certain Information may continue to be retained following account deactivation, suspension, or termination where:
retention is required under applicable law;
retention is necessary for regulatory, tax, audit, warranty, safety, industrial traceability, or compliance purposes;
retention is necessary for fraud prevention, cybersecurity, dispute resolution, legal enforcement, or investigation purposes; or
such Information has been anonymized, aggregated, or de-identified such that it no longer reasonably identifies a User.
The Company may periodically delete, anonymize, archive, aggregate, or securely dispose of Information that is no longer reasonably necessary for the purposes for which it was collected, subject to applicable legal, operational, and compliance requirements.
Backup copies, archived records, disaster recovery systems, security logs, and industrial traceability records may continue to exist for a commercially reasonable period following deletion requests, subject to technical feasibility, operational requirements, and legal obligations.
Where required under applicable law, the Company shall take commercially reasonable steps to securely delete or anonymize Personal Information upon valid request by the User, unless retention is otherwise required or permitted under applicable law.
SECURITY MEASURES AND SAFEGUARDS
The Company implements commercially reasonable technical, organizational, physical, administrative, and operational safeguards designed to protect Information against unauthorized access, misuse, disclosure, alteration, destruction, loss, theft, or accidental damage.
Such safeguards may include:
role-based access controls;
authentication and authorization mechanisms;
password protection and credential management systems;
encryption technologies for data in transit and at rest, where applicable;
audit logging and monitoring systems;
network security controls and infrastructure monitoring;
secure cloud infrastructure practices;
firmware integrity verification mechanisms;
secure software development and deployment practices;
restricted administrative access policies;
endpoint and device security controls;
cybersecurity monitoring and incident management procedures;
operational and physical access restrictions;
AI system monitoring controls;
model access restrictions; and
research data access controls.
Access to Information shall be restricted to authorized personnel, contractors, service providers, and operational partners strictly on a need-to-know basis and subject to confidentiality obligations and appropriate access controls.
The Company may utilize third-party infrastructure providers, cloud hosting providers, cybersecurity vendors, analytics providers, communication providers, and operational service providers for hosting, processing, securing, storing, transmitting, monitoring, or supporting the Services. Such third parties may maintain independent security standards, practices, certifications, and safeguards.
While the Company takes commercially reasonable measures to protect Information, no method of transmission over the internet, electronic storage system, cloud infrastructure, industrial network, or connected device environment can be guaranteed to be completely secure, uninterrupted, or free from vulnerabilities.
The User acknowledges and accepts that:
internet-based communications may be susceptible to interception or unauthorized access;
industrial systems and connected devices may be exposed to cybersecurity risks;
third-party infrastructure providers may experience outages, vulnerabilities, or security incidents beyond the Company’s reasonable control; and
absolute security cannot be guaranteed.
Users are responsible for maintaining the confidentiality and security of their account credentials, passwords, access tokens, connected devices, local systems, networks, and authorized personnel access associated with the Services.
Users shall be responsible for implementing appropriate operational safeguards, network protections, access restrictions, backup procedures, endpoint security measures, and industrial cybersecurity controls within their own environments while using the Services.
The Company reserves the right to investigate suspected security incidents, unauthorized access, misuse of the Services, policy violations, cybersecurity threats, or activities affecting the integrity, availability, confidentiality, or safety of the Platform or related systems.
In the event of a suspected or confirmed security incident affecting Information, the Company may take commercially reasonable measures to investigate, contain, mitigate, remediate, notify affected parties where required by law, and restore the integrity and security of the Services.
UPDATES TO THIS PRIVACY POLICY
The Company reserves the right to modify, amend, revise, update, replace, or otherwise change this Privacy Policy at any time in its sole discretion to reflect:
changes in applicable laws or regulations;
operational or business changes;
changes in products, services, software, hardware, or industrial systems;
technological developments;
cybersecurity practices;
regulatory or compliance requirements;
industry standards;
changes in data processing practices; or
any other legitimate business, operational, legal, or security requirements.
Updated versions of this Privacy Policy shall be made available through the Platform, website, software applications, or other official communication channels maintained by the Company. The revised version may include an updated “Last Updated” date and version number.
The Company may, where required under applicable law or where deemed reasonably appropriate, provide additional notice regarding material changes to this Privacy Policy through:
email communications;
in-platform notifications;
website notices;
account notifications;
consent prompts; or
other reasonable communication mechanisms.
The User is responsible for periodically reviewing this Privacy Policy to remain informed regarding the Company’s Information handling practices, policies, and procedures.
Continued access to or use of the Platform or Services after the effective date of any revised Privacy Policy shall constitute acknowledgment and acceptance of such updated Privacy Policy to the extent permitted under applicable law.
Where required under applicable law, the Company may seek renewed consent from Users prior to implementing material changes affecting the manner in which Personal Information is collected, processed, shared, stored, or otherwise handled.
If the User does not agree with any updated Privacy Policy, the User may discontinue use of the Platform and Services and may exercise any rights available under applicable law regarding their Personal Information.
The Company reserves the right to suspend, restrict, or terminate access to certain portions of the Platform or Services where continued use would result in non-compliance with applicable laws, regulatory requirements, security obligations, industrial compliance requirements, or operational policies.
MISCELLANEOUS
This Privacy Policy shall be read together with the Terms of Service and any other policies or agreements issued by the Company in relation to the Platform or Services.
If any provision of this Privacy Policy is found to be invalid, unlawful, or unenforceable under applicable law, the remaining provisions shall continue to remain valid and enforceable.
The Company’s failure or delay in exercising any right or enforcing any provision under this Privacy Policy shall not constitute a waiver of such right or provision.
The rights and remedies available to the Company under this Privacy Policy are cumulative and in addition to any rights or remedies available under applicable law.
Users may not assign or transfer their rights or obligations under this Privacy Policy without prior written consent of the Company. The Company may assign or transfer its rights and obligations in connection with any merger, acquisition, restructuring, financing, or transfer of business operations.
This Privacy Policy shall be governed by and construed in accordance with the laws of India.
Subject to applicable laws, courts located in Chennai, Tamil Nadu, India shall have jurisdiction over disputes arising out of or relating to this Privacy Policy.
The Platform and Services may be subject to applicable export control laws, sanctions regulations, industrial compliance requirements, and technology transfer restrictions, AI-related regulatory obligations, and industrial research compliance requirements. Users agree to comply with all applicable laws while accessing or using the Services.
The Company reserves the right to investigate suspected violations of this Privacy Policy, unauthorized access, misuse of the Platform or Services, cybersecurity incidents, fraud, unlawful conduct, or activities affecting the security or integrity of the Services.
Headings used in this Privacy Policy are for convenience only and shall not affect the interpretation of the provisions contained herein.
GRIEVANCE OFFICER
In accordance with applicable laws, including the Information Technology Act, 2000, the Digital Personal Data Protection Act, 2023, and applicable rules and regulations thereunder, the Company has designated a Grievance Officer for addressing concerns, complaints, requests, or grievances relating to this Privacy Policy, Personal Information, data protection practices, or the use of the Platform and Services.
Grievance Officer Details
Company Name: ThinkMetal Private Limited
Registered Address: 245 & 246-B, 3rd Main Road, Burma Colony, Perungudi Industrial Estate, Chennai, Tamil Nadu, 600096, India
Email: privacy@thinkmetal.in
Support Email: support@thinkmetal.in
Website: thinkmetal.in, thinkmetal.ai
