Back to Home

Privacy Policy

Last updated: July 3, 2026

One Privacy is a cookie consent management platform operated by VKS Software Technologies Pvt Ltd ("we", "us", "our"). This Privacy Policy explains what personal data we collect, how we use it, and the choices you have when you visit our website, create an account, or use the One Privacy service (the "Service").

Because One Privacy is a privacy tool, we hold ourselves to the same standards we help our customers meet. We collect only what we need to run the Service and never sell your personal data.

1. Who we are

VKS Software Technologies Pvt Ltd is the data controller for personal data collected through our website and account systems. Our registered office is India. You can reach our privacy team at hello@oneprivacy.io.

2. Information we collect

We collect the following categories of information:

  • Account data: your name, work email, password (stored hashed), and workspace details when you register.
  • Billing data: plan selection and payment details, which are processed by our payment provider. We do not store full card numbers.
  • Usage data: pages you visit on our website, the domains you add, cookie scans you run, banners and geo rules you configure, and diagnostic logs, used to operate and improve the Service.
  • Metering data: aggregate page-view counts from domains running the One Privacy script, used to apply plan limits and billing. These are counts, not visitor profiles.
  • Device and connection data: IP address, browser type, and approximate location, used for security and to serve region-appropriate consent banners.
  • Communications: messages you send to support or sales, including email and in-app chat.

3. Visitor data processed on behalf of customers

When the One Privacy script runs on your website, we act as a data processor on your behalf and you remain the controller of your visitors' data. For each visitor, the script processes:

  • Consent records: a pseudonymous visitor identifier, the choices made for each cookie category, the consent template and banner version shown, and a timestamp. These form the auditable consent history available in your dashboard.
  • IP address: read at banner load to determine the visitor's region so the correct banner is shown under your geo targeting rules, and to serve the banner in the visitor's language. We do not store visitor IP addresses in consent records.
  • Global Privacy Control (GPC): the browser's privacy signal, which the script honours automatically where you have enabled GPC detection.
  • Consent state passed to your other tools: where you use integrations such as Google Consent Mode v2, the script forwards the visitor's consent state to those tools as you configure. We are not responsible for how those tools process it.

4. Cookie scans

The One Privacy cookie scanner crawls the public pages of domains you add in order to build your cookie inventory. Scans collect technical information about the cookies and trackers a site sets (names, categories, lifespans, and providers), not personal data about the site's visitors.

5. How we use your information

We use personal data to:

  • Provide, maintain, and secure the Service and your account.
  • Run cookie scans, generate consent banners, and record consent as you configure.
  • Process payments, apply plan limits, and manage subscriptions.
  • Respond to support requests and send service-related notices.
  • Detect, prevent, and investigate fraud, abuse, and security incidents.
  • Comply with legal obligations.

6. Cookies on our website

Our own website uses a limited set of cookies, managed, fittingly, by One Privacy itself. For details on what they do and how to control them, see our Cookie Policy.

7. Sharing and sub-processors

We do not sell personal data. We share it only with service providers who help us run the Service (such as cloud hosting, payment processing, and analytics), under contracts that require them to protect it and use it only on our instructions. We may also disclose data where required by law or to protect our rights and users.

8. Data retention

We keep account and billing data for as long as your account is active and as needed to meet legal, tax, and accounting requirements. Consent records are retained for the life of your subscription so your audit trail stays intact, and they remain searchable and exportable from your dashboard. When data is no longer needed, we delete or anonymise it.

9. Your rights

Depending on where you live, you may have the right to access, correct, delete, or port your personal data, to object to or restrict certain processing, and to withdraw consent. This includes rights under the EU and UK GDPR, India's Digital Personal Data Protection Act (DPDP), and the California Consumer Privacy Act (CCPA).

To exercise any of these rights, contact us at hello@oneprivacy.io. If your data is processed by One Privacy on behalf of a customer, please direct your request to that customer, and we will support them in responding.

10. Security

We use technical and organisational measures including encryption in transit, access controls, and regular reviews to protect personal data. No system is perfectly secure, but we work to keep your data safe and to notify you of significant incidents as required by law.

11. International transfers

We may process and store data in countries other than your own, including where our service providers operate. Where we transfer personal data across borders, we rely on appropriate safeguards such as standard contractual clauses.

12. Children

The Service is intended for businesses and is not directed at children. We do not knowingly collect personal data from children.

13. Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the date above and, where appropriate, notify you.

14. Contact us

If you have questions about this Privacy Policy or how we handle your data, contact VKS Software Technologies Pvt Ltd at hello@oneprivacy.io.