Privacy Policy

Effective Date: October 10, 2025

Last Updated: October 10, 2025

California Automata™ ("we," "our," or "us"), owned and operated by Aditya Patange, is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website (california-automata.tech) and use our automation services.

By using our services, you agree to the collection and use of information in accordance with this Privacy Policy.

## 1. Data Controller

Aditya Patange is the data controller responsible for your personal information. California Automata™ operates under the ownership and direction of Aditya Patange, who makes all decisions regarding the processing of personal data.

Contact Information:

▶Email: zero@thehackersplaybook.org
▶Business Address: Mumbai, India (Primary), California, USA (Secondary)

## 2. Information We Collect

### 2.1 Personal Information You Provide

When you submit an automation request or interact with our services, we collect:

▶Full name
▶Email address
▶Company/Organization name
▶Task description (details about automation requirements)
▶Project budget range
▶Timeline preferences
▶Consent acknowledgments
▶Any additional information you provide in communications

### 2.2 Automatically Collected Information

When you visit our website, we may automatically collect:

▶IP address
▶Browser type and version
▶Device type and operating system
▶Pages visited and time spent
▶Referring website addresses
▶Date and time of access
▶General location information (country/region)

### 2.3 Cookies and Tracking Technologies

We may use cookies and similar tracking technologies to enhance your experience. Types of cookies used:

▶Essential cookies: Required for website functionality
▶Analytics cookies: Help us understand how visitors use our site
▶Preference cookies: Remember your settings and preferences

You can control cookies through your browser settings.

## 3. How We Use Your Information

We use the collected information for the following purposes:

▶Service Delivery: Process and respond to automation requests, provide consultations, and deliver services
▶Communication: Contact you about your requests, provide updates, and respond to inquiries
▶Business Operations: Manage client relationships, billing, and project execution
▶Improvement: Analyze usage patterns to improve our website and services
▶Legal Compliance: Comply with applicable laws, regulations, and legal processes
▶Security: Detect, prevent, and address fraud, security issues, and technical problems
▶Marketing: With your consent, send information about our services (you can opt out anytime)

## 4. Legal Basis for Processing

We process your personal information based on the following legal grounds:

### 4.1 Consent

When you submit the automation request form or agree to receive communications, you provide explicit consent for processing.

### 4.2 Contract Performance

Processing is necessary to perform our contract with you and deliver automation services.

### 4.3 Legitimate Interests

We have legitimate business interests in:

▶Providing and improving our services
▶Analyzing usage to enhance user experience
▶Preventing fraud and ensuring security
▶Managing business operations

### 4.4 Legal Obligations

We process data to comply with legal requirements under Indian and US laws.

## 5. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

Retention Periods:

▶Active client data: Duration of business relationship plus 7 years (for legal/tax purposes)
▶Automation request data: 5 years from submission
▶Communication records: 5 years
▶Analytics data: 26 months
▶Marketing consent: Until you withdraw consent

After retention periods expire, we will securely delete or anonymize your personal information.

## 6. Data Security

We implement appropriate technical and organizational security measures to protect your personal information, including:

▶Encryption: Data encryption in transit (TLS/SSL) and at rest
▶Access Controls: Restricted access to personal data on a need-to-know basis
▶Secure Servers: Use of secure, monitored server infrastructure
▶Regular Audits: Periodic security assessments and updates
▶Vendor Management: Ensuring third-party service providers maintain adequate security

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee absolute security.

## 7. Sharing of Information

We do not sell, rent, or trade your personal information.

We may share your information with:

### 7.1 Service Providers

Third-party vendors who assist us in operating our website and providing services, including:

▶Hosting providers
▶Email service providers
▶Analytics providers
▶Payment processors

These service providers are contractually obligated to protect your data and use it only for specified purposes.

### 7.2 Business Partners

▶The Hacker's Playbook™ (parent organization)
▶CETSON Technologies™ (USA operations partner)
▶SEA Records™ (project affiliation)

These entities operate under shared privacy frameworks and may access data for operational purposes.

### 7.3 Legal Requirements

We may disclose your information when required by law, including:

▶In response to subpoenas, court orders, or legal processes
▶To comply with government regulations
▶To protect our rights, property, or safety
▶To investigate fraud or security issues
▶In connection with legal proceedings

### 7.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred. You will be notified of any such change.

## 8. International Data Transfers

California Automata™ operates under dual jurisdiction (India and USA). Your information may be transferred to and processed in:

▶India (primary operations, Mumbai)
▶United States (secondary operations, California)
▶Other countries where our service providers operate

We ensure appropriate safeguards are in place for international transfers, including:

▶Standard contractual clauses
▶Adequacy decisions
▶Privacy Shield frameworks (where applicable)
▶Explicit consent

## 9. Your Privacy Rights

Depending on your location, you may have the following rights:

### 9.1 General Rights

▶Right to Access: Request a copy of your personal information
▶Right to Rectification: Request correction of inaccurate or incomplete information
▶Right to Erasure: Request deletion of your information ("right to be forgotten")
▶Right to Restriction: Request restriction of processing in certain circumstances
▶Right to Object: Object to processing based on legitimate interests or for direct marketing
▶Right to Data Portability: Request transfer of your data to another controller
▶Right to Withdraw Consent: Withdraw consent at any time (does not affect prior processing)

### 9.2 California Privacy Rights (CCPA)

If you are a California resident, you have additional rights:

▶Right to Know: What personal information is collected, used, shared, and sold
▶Right to Delete: Request deletion of your personal information
▶Right to Opt-Out: Opt out of the sale of personal information (we do not sell data)
▶Right to Non-Discrimination: Not be discriminated against for exercising your rights

### 9.3 European Privacy Rights (GDPR)

If you are in the EU/EEA, you have rights under GDPR:

▶All rights listed in Section 9.1
▶Right to lodge a complaint with a supervisory authority
▶Right to object to automated decision-making and profiling

### 9.4 Indian Privacy Rights

Indian residents have rights under applicable Indian laws, including the Information Technology Act, 2000.

### 9.5 How to Exercise Your Rights

To exercise any of these rights, contact us at:

▶Email: zero@thehackersplaybook.org

We will respond to your request within:

▶30 days (CCPA)
▶1 month (GDPR, extendable to 3 months for complex requests)
▶As required by applicable law

We may require verification of your identity before processing requests.

## 10. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately. We will take steps to delete such information from our systems.

## 11. Third-Party Links and Services

Our website may contain links to third-party websites, including:

▶The Hacker's Playbook™ (thehackersplaybook.org)
▶CETSON Technologies™ (cetson.tech)
▶SEA Records™ (searecords.world)
▶Social media platforms
▶Partner websites

We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any personal information.

## 12. Do Not Track Signals

Some browsers support "Do Not Track" (DNT) signals. Our website does not currently respond to DNT signals, as there is no industry standard for how to handle such signals.

## 13. Changes to This Privacy Policy

We reserve the right to update this Privacy Policy at any time. Changes will be effective immediately upon posting on this page.

We will notify you of material changes by:

▶Updating the "Effective Date" and "Last Updated" at the top of this policy
▶Sending an email notification to your registered email address
▶Posting a prominent notice on our website

Continued use of our services after changes constitutes acceptance of the updated Privacy Policy. If you do not agree to changes, you must discontinue use of our services.

## 14. Governing Law and Jurisdiction

### 14.1 Dual Jurisdiction

This Privacy Policy is governed by the laws of:

Primary Jurisdiction - India: California Automata™ was founded in Mumbai, India in 2003. Indian privacy laws, including the Information Technology Act, 2000, and associated rules, have primary jurisdiction.

Secondary Jurisdiction - United States: Where applicable, California state privacy laws (including CCPA) and US federal laws apply.

### 14.2 International Compliance

We comply with:

▶GDPR (General Data Protection Regulation) for EU/EEA residents
▶CCPA (California Consumer Privacy Act) for California residents
▶LGPD (Lei Geral de Proteção de Dados) for Brazilian residents
▶Other applicable international privacy laws

## 15. Organizational Information and Data Processors

California Automata™ operates under the following structure:

▶Owner and Data Controller: Aditya Patange
▶Founded: 2003, Mumbai, India
▶Primary Operations: India (Mumbai)
▶Secondary Operations: United States (California)
▶Powered by: The Hacker's Playbook™
▶Official USA Operations Partner: CETSON Technologies™
▶Project by: SEA Records™
▶Technical Direction: Aditya Patange (Sonic Engineering)

All partnerships operate under shared privacy frameworks and data processing agreements.

## 16. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

Email: zero@thehackersplaybook.org

Data Protection Officer: Aditya Patange

Response Time: We will respond to inquiries within 10 business days.

Aditya Patange retains all ownership rights to California Automata™ and all associated data processing operations.

This privacy policy is governed by The Hacker's Playbook™ privacy framework and complies with applicable privacy laws including GDPR, CCPA, and other relevant regulations.