Privacy Policy

Toshi Consulting Services Private Limited (“Toshi Consulting”, “we”, “us”, or “our”) operates the website toshiconsulting.com (the “Website”). We are the “Data Fiduciary” responsible for the personal data we process about you under the Digital Personal Data Protection Act, 2023 (“DPDP Act”) and the Information Technology Act, 2000 and rules made thereunder. This Privacy Policy describes how we collect, use, share, retain, and protect your personal data, and the rights available to you as a “Data Principal”.

By using the Website, contacting us, or submitting any form, you acknowledge that you have read and understood this Privacy Policy.

1. Personal data we collect

We collect the following categories of personal data:

• Information you provide directly — when you fill in our contact or enquiry form, we collect your name, email address, phone number (if provided), and the contents of your message.
• Information collected automatically — when you visit the Website, we and our analytics providers may collect your IP address, device and browser type, pages viewed, referring page, and similar usage data through cookies and comparable technologies.
• Information from your communications — if you email, call, or message us, we keep a record of that correspondence.

We do not knowingly collect sensitive personal data through the Website unless you choose to share it with us in your message.

2. How we use your personal data

We use your personal data only for clear, specified purposes, including to:

• respond to your enquiries and provide the information, quotes, or consultation you request;
• deliver, manage, and improve our services and our relationship with you;
• operate, maintain, secure, and improve the Website, including analytics and troubleshooting;
• send you service communications and, where you have consented, relevant updates; and
• comply with applicable law and protect our legal rights.

3. Legal basis and consent

We process your personal data on the basis of your consent and, where applicable, for certain legitimate uses permitted under the DPDP Act. When we rely on consent, that consent is free, specific, informed, unconditional, and given through a clear affirmative action — for example, by submitting our contact form or accepting cookies. You may withdraw your consent at any time as described in Section 8.

4. Cookies and analytics

The Website uses cookies and similar technologies to function correctly and to understand how visitors use it. We use Google Analytics for aggregate usage statistics. Analytics and advertising storage are set to “denied” by default and are only enabled if and when you grant consent. You can control or delete cookies through your browser settings; disabling some cookies may affect how the Website works.

5. How we share your personal data

We do not sell your personal data. We share it only as needed and with appropriate safeguards, with:

• Service providers (Data Processors) who act on our behalf — for example, our website hosting provider, our transactional email provider, and our workflow-automation tools — strictly to provide the services we engage them for;
• professional advisers, where reasonably necessary; and
• authorities or other parties where required to comply with law, enforce our terms, or protect the rights, safety, and property of any person.

6. Cross-border transfers

Some of our service providers may process or store data on servers located outside India. Where personal data is transferred outside India, we do so in accordance with the DPDP Act and take reasonable steps to ensure it remains protected.

7. Data retention

We retain your personal data only for as long as is necessary to fulfil the purposes for which it was collected, to maintain our business records, and to comply with legal obligations. When personal data is no longer required, we delete or anonymise it.

8. Your rights as a Data Principal

Subject to the DPDP Act, you have the right to:

• access a summary of the personal data we hold about you and how we process it;
• request correction, completion, or updating of inaccurate or incomplete data;
• request erasure of your personal data where it is no longer required;
• withdraw your consent at any time, as easily as it was given;
• nominate another individual to exercise your rights in the event of death or incapacity; and
• raise a grievance with us about how we handle your personal data.

To exercise any of these rights, or to withdraw consent, email us at info@toshiconsulting.com. Withdrawing consent does not affect the lawfulness of processing carried out before withdrawal, and we may continue processing where another lawful ground applies.

9. Children

The Website is intended for a business audience and is not directed at children. We do not knowingly process the personal data of any individual under the age of 18 without verifiable consent from a parent or lawful guardian, as required by the DPDP Act.

10. Data security

We implement reasonable technical and organisational security safeguards to protect your personal data against unauthorised access, disclosure, alteration, and loss. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

11. Grievance Officer

In accordance with the DPDP Act and the Information Technology Act and rules, you may contact our Grievance Officer with any complaint or request regarding your personal data:

We will acknowledge and respond to your grievance within the timelines prescribed under applicable law. If you are not satisfied with our response, you may also lodge a complaint with the Data Protection Board of India.

12. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in our practices or the law. The “Last updated” date at the top of this page indicates when it was last revised. We encourage you to review it periodically.

13. Contact us

If you have any questions about this Privacy Policy or our data practices, please contact us at info@toshiconsulting.com or via our contact page.

Browser Extension

Privacy Policy — Digital Wellbeing & Parental Control

Last updated: 25 June 2026

Digital Wellbeing & Parental Control (“the Extension”) is provided by Toshi Consulting Services Pvt. Ltd. (“we”, “us”). We respect your privacy. This policy explains what the Extension handles and how.

Data we process

To provide its features, the Extension processes, entirely on your device:

• The domains (website addresses) of pages you visit and the time spent on each, used to calculate screen-time statistics.
• Your settings: blocklist, per-site time limits, Focus Mode allowlist, Bedtime schedule, and an optional parental PIN.

Where your data is stored

All of the above is stored locally in your browser using the browser’s storage. We do not operate any server for the Extension. Your data is never uploaded, sold, rented, shared, or transferred to us or any third party.

How we use data

Data is used solely to deliver the Extension’s single purpose: screen-time insights and parental controls. We do not use it for advertising, profiling, creditworthiness, or any unrelated purpose.

Children’s privacy

The Extension is designed for families. Because it collects no personal information and transmits no data off the device, it does not gather personal information from children or anyone else.

Your control

You can view, change, or erase your data at any time by using the Extension’s controls or by removing the Extension, which deletes its locally stored data.

Changes

We may update this policy from time to time. The “Last updated” date above reflects the latest revision. Continued use of the Extension after changes take effect constitutes acceptance of the revised policy. For any questions about this Extension privacy policy, contact us at info@toshiconsulting.com.