Privacy Policy

1. Introduction

Auriga Research (a division of Arbro Pharmaceuticals Pvt. Ltd., "we", "us", or "our") is committed to protecting the privacy of individuals who use our website at aurigaresearch.com and clients who engage our laboratory testing services.

This Privacy Policy describes how we collect, use, store, share, and protect your personal information and data. It applies to all interactions you have with us — whether through our Website, email correspondence, telephone, or in-person at our laboratory facilities.

By using our Website or our services, you agree to the collection and use of information as described in this Policy. If you do not agree, please discontinue use of our Website and contact us to discuss your data preferences in relation to our services.

2. Information We Collect

2.1 Information You Provide

We collect information you provide directly to us, including:

• Contact information: Name, company name, email address, phone number, and mailing address
• Service request information: Details about products or samples you wish to test, testing requirements, timelines, and regulatory context
• Sample data: Product names, batch numbers, composition, hazard information, and any other data you provide with submitted samples
• Communication records: Correspondence, quotes, purchase orders, and service agreements
• Feedback and complaints: Any feedback, comments, or complaints you submit

2.2 Information Collected Automatically

When you visit our Website, we automatically collect:

• Usage data: Pages visited, time spent on pages, navigation paths, and referring URLs
• Device information: Browser type, operating system, screen resolution, and device type
• IP address: For security, fraud prevention, and geographic analytics
• Cookies and similar technologies: Session cookies, analytics cookies, and preference cookies (see Section 7)

2.3 Test and Sample Data

In the course of providing testing services, we receive and generate data related to your products and samples. This includes test parameters, raw analytical data, calculated results, and final test reports. All such data is treated as confidential client data under our Information Security Policy and is subject to the confidentiality provisions described in Section 5.

3. How We Use Your Information

We use the information we collect to:

• Process and fulfil laboratory testing service requests
• Generate and deliver test reports and certificates of analysis
• Communicate with you about your service requests, test status, and results
• Invoice and process payments for services
• Maintain records for regulatory compliance and accreditation (NABL, FSSAI, ISO 17025)
• Respond to inquiries and support requests
• Send service updates, regulatory advisories, and information relevant to your testing needs (where you have opted in)
• Improve our Website, services, and operational processes
• Detect, investigate, and prevent fraudulent transactions and other illegal activities
• Comply with legal obligations under applicable Indian laws

We do not sell, rent, or trade your personal information or client data to third parties for marketing purposes.

4. Data Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, disclosure, alteration, or destruction. Our security measures include:

• SSL/TLS encryption for all data transmitted through our Website
• Access controls limiting data access to authorized personnel only
• Secure laboratory information management systems (LIMS) with role-based access
• Regular security assessments and staff training on data protection
• Physical security at laboratory facilities

While we take reasonable precautions, no method of data transmission or storage is completely secure. We cannot guarantee the absolute security of data transmitted to us, and any transmission is at your risk.

5. Test Result Confidentiality & Client Data Protection

We treat all test results, client sample information, product data, and related business information with strict confidentiality. Specifically:

• Test results are disclosed only to the client who submitted the samples (or their authorized representatives)
• Client product formulations, specifications, and proprietary data are never shared with competitors or other clients
• Laboratory staff are bound by confidentiality obligations under their employment agreements
• Subcontracted testing (where necessary) is conducted under confidentiality agreements with qualified sub-laboratories
• Failed test results are held with the same confidentiality as passing results — we do not proactively report failing results to regulatory authorities unless legally required

The only exceptions to our confidentiality obligations are where disclosure is required by:

• A court order, summons, or other valid legal process
• A directive from a competent regulatory authority (NABL, FSSAI, CDSCO, or relevant statutory body)
• Detection of an imminent serious risk to public health or safety

We will inform you promptly of any such required disclosure unless legally prohibited from doing so.

6. Third-Party Services

Our Website may use third-party services to support functionality and analytics. These may include:

• Analytics services (e.g., Google Analytics 4) for understanding Website usage patterns. IP addresses are anonymized where technically feasible.
• Cloud hosting providers for Website hosting and form data handling
• Email service providers for transactional email delivery

These service providers are required to handle your data in accordance with this Privacy Policy and applicable data protection laws. They are prohibited from using your data for their own purposes.

Our Website may contain links to third-party websites. We are not responsible for the privacy practices of those websites and encourage you to review their privacy policies.

7. Cookies

Our Website uses cookies — small text files stored on your device — to improve your browsing experience. We use:

• Essential cookies: Required for basic Website functionality (e.g., session management). Cannot be disabled.
• Analytics cookies: Help us understand how visitors use our Website so we can improve it. Anonymized usage data only.
• Preference cookies: Remember your preferences (e.g., language, form data) to improve your experience.

Most browsers allow you to control cookies through their settings. Disabling cookies may affect some Website functionality. You can also opt out of Google Analytics tracking at tools.google.com/dlpage/gaoptout.

8. Data Retention

We retain your information for the following periods:

• Client records and test reports: Minimum 7 years from the date of issue, as required for NABL accreditation compliance and potential regulatory queries
• Financial records: 8 years from the relevant financial year as required by Indian tax laws
• Website usage data: 26 months (Google Analytics 4 default)
• Marketing communications opt-in records: Until you withdraw consent or unsubscribe
• Complaint records: 3 years from resolution

After the applicable retention period, data is securely deleted or anonymized. We may retain anonymized, aggregated data for statistical analysis indefinitely.

9. Your Rights

Under applicable Indian data protection laws, you have the right to:

• Access: Request a copy of the personal information we hold about you
• Correction: Request correction of inaccurate or incomplete personal information
• Deletion: Request deletion of your personal data, subject to our legal obligations and legitimate interests
• Withdraw consent: Withdraw consent for marketing communications at any time
• Grievance redressal: Lodge a grievance about our data practices

To exercise any of these rights, please contact us at info@aurigaresearch.com. We will respond within 30 days. Some requests may be subject to our legal obligations — for example, we cannot delete client records during the mandatory retention period for NABL compliance.

10. Children's Privacy

Our Website and services are not directed at children under 18 years of age. We do not knowingly collect personal information from children. If you believe we have inadvertently collected such information, please contact us immediately.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will post the updated Policy on this page with a revised effective date.

For material changes that significantly affect how we handle your data, we will notify active clients by email where we hold a current contact address. We encourage you to review this Policy periodically.

12. Contact Us for Privacy Inquiries

For any questions, concerns, or requests related to this Privacy Policy or our data practices: