Legal

Privacy Policy

Last updated: 18 June 2026

This Privacy Policy explains how Pyra Technologies Pvt. Ltd. ("Pyra", "we", "us") collects, uses, discloses, and safeguards personal data when you visit pyrahq.in or use Pyra Voice and Pyra Omega. We are committed to handling your data in line with India's Digital Personal Data Protection Act, 2023 (the "DPDP Act").

1. Who we are

Pyra Technologies Pvt. Ltd. is a company incorporated in India, with its registered office in Bengaluru. For personal data processed in connection with our own website and accounts, we act as a Data Fiduciary. When we process call data on behalf of a business customer, we act as a Data Processor under that customer's instructions.

2. Information we collect

Account & contact data — name, business name, email, phone number, and billing details you provide when you sign up or contact us.
Voice call data — for Pyra Voice, call recordings, transcripts, detected language and intent, phone numbers, and call metadata processed to deliver and analyse calls.
Omega usage data — API requests, routing decisions, model selection, latency, and cost metrics generated when you use the gateway.
Technical data — IP address, device and browser information, and basic usage logs needed to operate the service securely.

3. How we use your data

To provide, operate, and maintain the Pyra platform.
To route requests to the appropriate model and deliver voice calls.
To process billing and provide customer support.
To monitor performance, security, and service quality.
To comply with legal obligations and enforce our terms.

4. Legal basis and consent

We process personal data on the basis of your consent, the performance of a contract with you, and our legitimate and lawful purposes as permitted under the DPDP Act. Where consent is required, we obtain it through a clear, affirmative action and you may withdraw it at any time.

5. Where your data is stored

All customer and call data is stored in AWS Mumbai (ap-south-1) within India. Data is encrypted in transit and at rest. Recordings and transcripts are retained for a configurable period — 90 days by default — after which they are deleted, unless a longer period is required by law or agreed with a customer.

6. Sharing and subprocessors

We do not sell personal data. We share data only with subprocessors that help us run the service (for example, cloud hosting and the model providers a request is routed to), under contractual confidentiality and security obligations, and with authorities where required by law.

7. Your rights

Subject to the DPDP Act, you have the right to:

Access a summary of the personal data we process about you.
Request correction, completion, or erasure of your personal data.
Nominate another individual to exercise your rights in your absence.
Raise a grievance and seek redress (see Section 9).

8. Cookies

Our website uses only essential cookies needed for it to function. Fonts are self-hosted, so no third-party font cookies are set. We do not use advertising trackers.

9. Grievances and contact

For privacy questions or to exercise your rights, contact our Grievance Officer at grievance@pyrahq.in, or our privacy team at privacy@pyrahq.in. We respond to verified requests within the timelines required by the DPDP Act. See our DPDP compliance notice for more detail.

10. Changes to this policy

We may update this policy from time to time. Material changes will be posted on this page with a revised "last updated" date.