Privacy Policy

This policy explains what data EnlightLab collects when you visit lp.enlightlab.com, how we use it, who we share it with, and the choices you have. We try to keep this short and human readable.

Who we are

EnlightLab is an engineering consulting practice operated by Dhananjay Goel from 606 Clover Hills Plaza, NIBM Road, Pune 411048, Maharashtra, India. For any privacy related question or request, email dj@enlightlab.com.

What we collect

Information you provide

When you fill in any form on this website (main lead form, exit intent popup, or any future form), we collect:

• Full name
• Work email address
• Phone number, including the country dial code
• Budget range you select
• Project description you write
• Which service you are enquiring about

Information collected automatically

When you visit the website, our systems automatically receive:

• IP address and the rough geographic region it maps to
• Browser user agent and device type
• UTM campaign parameters from the URL you arrived on
• The page URL you submitted from
• Anonymous page view and Core Web Vitals telemetry
• Heatmap and session replay events that exclude form input contents

What we do not collect

• We never ask for credit card or bank details on this website
• We never ask for government identity documents
• We do not record the contents of form fields in session replays
• We do not buy or scrape third party contact lists

How we use your information

We use the information you submit only for the following purposes:

• Lead follow up. We contact you about the engineering project you enquired about, by email, phone, or messaging app.
• Discovery call scheduling. We use the contact details to confirm and remind you of a booked discovery call.
• Email nurture sequence. If you do not respond, we send up to three follow up emails over twelve days. Every email contains a one click unsubscribe link.
• Service relevant updates. Occasionally, case studies or insights relevant to the service you enquired about. You can unsubscribe at any time.
• Analytics. Aggregate, non identifying analytics to improve the website and ad targeting.
• Conversion measurement. Reporting back to ad platforms that an enquiry occurred, without revealing your personal data to them.

Who we share information with

We use the following third party processors. Each one only sees the data needed for its function, under their own privacy terms:

• Vercel (hosting and edge analytics) — vercel.com/legal/privacy-policy
• Resend (transactional and nurture email delivery) — resend.com/legal/privacy-policy
• Make.com (webhook routing between systems) — make.com/en/privacy-notice
• Notion (internal CRM storage of leads) — notion.so/privacy-policy
• Cal.com (discovery call scheduling) — cal.com/privacy
• Google Analytics 4 and Google Ads (anonymised website and ad measurement) — policies.google.com/privacy
• Microsoft Clarity (anonymised heatmaps and session replay) — privacy.microsoft.com
• Twilio (only used when SMS or WhatsApp follow up is enabled) — twilio.com/legal/privacy

We do not sell your personal data, ever.

Cookies and similar technologies

This website sets the following categories of cookies:

• Strictly necessary. Session and security tokens required for the website to function.
• Analytics. Google Analytics 4, Vercel Analytics, and Microsoft Clarity cookies to understand aggregate usage. These do not identify you personally.
• Advertising. Google Ads cookies to attribute that an ad click later led to an enquiry. No personally identifying data is sent to Google through this channel.

You can block cookies in your browser settings. The site will continue to work, but some analytics features will be reduced.

How long we keep your data

• Lead enquiries: retained in our CRM for 24 months from your last interaction with us, then deleted.
• Email nurture data: retained while you remain subscribed. Removed within 7 days of unsubscribe.
• Anonymised analytics: retained according to each provider's default policy (typically 14 to 26 months).
• Session replay data: 30 days, then deleted by Microsoft Clarity automatically.

Your rights

Regardless of where you live, you can ask us to:

• Show you the data we hold about you
• Correct any inaccurate data
• Delete your data from our systems
• Export your data in a portable format
• Stop sending you marketing emails (every email also has a one click unsubscribe)
• Object to processing for direct marketing

To exercise any of these rights, email dj@enlightlab.com. We will respond within 30 days. We do not charge for these requests.

International data transfers

Some of our processors (Vercel, Resend, Google, Microsoft, Cal.com) store data in the United States or the European Union. Where required, transfers are protected by the Standard Contractual Clauses or equivalent legal mechanisms.

Security

We protect your information through HTTPS encryption, server side input validation, and strict access controls on our CRM and email systems. We never log API keys, tokens, or sensitive credentials. If we ever experience a data breach affecting your information, we will notify you within 72 hours.

Children

This website and our services are not intended for children under 16. We do not knowingly collect data from children. If you believe a child has submitted information, contact us and we will delete it.

Updates to this policy

We may update this policy from time to time. Material changes will be notified to subscribed contacts by email at least 14 days before they take effect. The current version is always at lp.enlightlab.com/privacywith the “Last updated” date at the top.

Contact

Questions, requests, or concerns about this policy:

Dhananjay Goel
Founder, EnlightLab
606 Clover Hills Plaza, NIBM Road
Pune 411048, Maharashtra, India
dj@enlightlab.com