Privacy Policy

How we protect and handle your data

Effective: Sept 1, 2025
Updated: Oct 21, 2025

Quick Navigation

1

Introduction

This Privacy Policy describes how Izinga Software Private Limited ("Company," "we," "us," or "our") collects, uses, and protects your personal information when you use DeviceLab ("Service"), our secure distributed mobile device testing platform.

Our Contact Information

Izinga Software Private Limited

Center for Innovation and Entrepreneurship,
Indian Institute of Information Technology,
Gachibowli, Hyderabad - 500 032, India

[email protected]

2

Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Name: Your full name from OAuth providers (Google, GitHub)
  • Email address: Your email address from OAuth providers
  • Company name: Derived from your email domain or OAuth provider information
  • Avatar URL: Profile picture URL from OAuth providers (we do not store the actual image)
  • OAuth identifiers: Necessary tokens for authentication

2.2 Device and Technical Information

To provide our testing services, we collect:

  • Device metadata: Device name, operating system, OS version, serial number
  • Node information: Operating system details, tool versions (Java, ADB, Appium, Maestro, etc.)
  • Test session data: Test job details, test case information, session metadata
  • Usage data: Service usage patterns, feature utilization

2.3 Optional Test Logs

  • Test logs: If you opt-in, we store test execution logs in Google Cloud Storage
  • Test results: Associated test outcomes and performance data

2.4 Payment Information

  • Transaction data: Payment history, subscription status, billing amounts
  • Razorpay data: We use Razorpay for payment processing but do not store credit card information

2.5 Automatically Collected Information

  • Analytics data: Through Google Analytics, including page views, user behavior, and usage patterns
  • Cookies: Session cookies for authentication and CSRF protection
  • Log data: Server logs, IP addresses, browser information, access times
3

How We Use Your Information

3.1 Service Provision

  • Providing and maintaining the DeviceLab testing platform
  • Authenticating your account and managing sessions
  • Facilitating device connections and test execution
  • Processing payments and managing subscriptions

3.2 Service Improvement

  • Analyzing usage patterns to improve our Service
  • Developing new features and capabilities
  • Monitoring system performance and reliability
  • Troubleshooting technical issues

3.3 Communication

  • Sending service-related notifications and updates
  • Responding to your inquiries and support requests
  • Providing important security or legal notices

3.4 Legal Compliance

  • Complying with applicable laws and regulations
  • Protecting our rights and preventing fraud
  • Responding to legal requests and court orders
4

Information Sharing and Disclosure

4.1 Third-Party Service Providers

We share information with trusted third-party providers who assist in operating our Service:

  • Google Analytics: For website and application analytics
  • Razorpay: For payment processing (transaction data only)
  • SendGrid: For email delivery services
  • Google Cloud Platform: For hosting and infrastructure
  • Monitoring tools: For system performance and security monitoring

4.2 OAuth Providers

We receive limited information from OAuth providers (Google, GitHub) including name, email, and avatar URL as necessary for authentication.

4.3 Legal Requirements

We may disclose information when required by law, court order, or to protect our rights, property, or safety, or that of our users or the public.

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, user information may be transferred as part of the business transaction.

5

Data Storage and International Transfers

5.1 Storage Locations

  • Primary data: Stored in Google Cloud regions in the USA and Europe
  • Backup data: May be replicated across multiple regions for redundancy
  • Test logs: Stored in Google Cloud Storage (if opted-in)

5.2 International Transfers

Your data may be transferred to and processed in countries other than India, including the United States and European Union. We ensure appropriate safeguards are in place for such transfers.

5.3 Data Security

We implement appropriate technical and organizational measures to protect your data:

  • Encryption in transit and at rest
  • Access controls and authentication
  • Regular security monitoring and updates
  • Secure coding practices
6

Data Retention

6.1 Account Data

  • Core account information: Name, email, company name retained for extended periods for legal and business requirements
  • Device and session metadata: Retained for 1 year, then automatically deleted
  • Payment transaction data: Retained for 1 year for accounting and legal purposes

6.2 Test Data

  • Test logs: If enabled, stored for 1 month then automatically deleted
  • Test session data: Retained for 1 year then automatically deleted

6.3 Backup Data

  • Log backups: Retained for 1 month
  • Other data backups: Retained for 1 year
  • Legal retention: Email addresses and basic account information may be retained longer for legal compliance

6.4 Account Deletion

Upon account cancellation:

  • Account becomes inactive immediately
  • Test logs deleted within 1 month
  • Other data deleted within 1 year
  • Some information may be retained longer for legal requirements
7

Your Rights and Choices

7.1 Data Access

You can access and download your account data and test history through your account dashboard or by contacting us at [email protected].

7.2 Data Correction

You can update your company name and other profile information through your account settings. Avatar URLs are refreshed from OAuth providers upon each login.

7.3 Data Deletion

While we follow automatic deletion schedules, you may request immediate data deletion by contacting [email protected]. We will consider such requests on a case-by-case basis.

7.4 Opt-Out Options

  • Test log storage: You can disable test log storage in your account settings
  • Marketing communications: Future opt-out features will be available in account settings
  • Analytics: You can disable cookies in your browser settings

7.5 Account Deactivation

You may deactivate your account at any time through your account settings or by contacting us.

8

Cookies and Tracking Technologies

8.1 Cookies We Use

  • Session cookies: For user authentication and session management
  • CSRF tokens: For security and protection against cross-site request forgery
  • Google Analytics cookies: For website analytics and usage tracking

8.2 Cookie Management

You can control cookies through your browser settings. Disabling certain cookies may affect Service functionality.

9

Children's Privacy

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we discover we have collected information from a child under 13, we will delete it immediately.

10

Regional Privacy Rights

10.1 European Union (GDPR)

If you are in the EU, you have additional rights including:

  • Right to access your personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Right to withdraw consent

10.2 California (CCPA)

If you are a California resident, you have rights including:

  • Right to know what personal information is collected
  • Right to delete personal information
  • Right to opt-out of sale of personal information
  • Right to non-discrimination

10.3 India (DPDP Act)

We are committed to complying with India's Digital Personal Data Protection Act 2023 and will update our practices as regulations develop.

11

Data Breach Notification

In the event of a data breach that may affect your personal information, we will notify affected users as soon as reasonably possible and in accordance with applicable law requirements.

12

Changes to This Privacy Policy

12.1 Policy Updates

We may update this Privacy Policy from time to time. Updated versions will be posted on our website with a new "Last Updated" date.

12.2 Notification

It is your responsibility to review this Privacy Policy periodically. Continued use of our Service after changes constitutes acceptance of the updated policy.

12.3 Material Changes

For material changes that significantly affect your rights, we may provide additional notice through email or Service notifications.

13

Contact Information

13.1 Privacy Questions

For questions about this Privacy Policy or our data practices, contact us at:
Email: [email protected]

13.2 Data Subject Requests

To exercise your privacy rights or request data access, correction, or deletion, contact us at [email protected] with your request details.

13.3 Mailing Address

Izinga Software Private Limited

Center for Innovation and Entrepreneurship
Indian Institute of Information Technology
Gachibowli, Hyderabad - 500 032, India

14

Governing Law

This Privacy Policy is governed by the laws of India. Any disputes will be resolved in the courts of Hyderabad, Telangana, India.

By using DeviceLab, you acknowledge that you have read and understood this Privacy Policy and consent to the collection, use, and disclosure of your information as described herein.