Global|English
CareersAcademy ↗Contact us
Legal

Privacy Policy

Last updated 3 July 2026

This policy explains what personal data TMLC collects through this website, why, who we share it with, and the rights you hold over it.

The Machine Learning Company (“TMLC,” “we,” “us,” or “our”) provides enterprise AI and machine-learning consulting and products. This Privacy Policy explains how we collect, use, disclose, and safeguard personal data when you visit tmlc.in (the “Site”), contact us, subscribe to our updates, download a resource, or apply for a role.

TMLC is the data controller (or, under India’s Digital Personal Data Protection Act, 2023, the Data Fiduciary) for the personal data described here. This policy covers only the Site. It does not govern the systems we build and operate for clients inside their own environments; those are governed by the separate agreements we sign with each client.

1. Personal data we collect

We collect the following categories of personal data.

  • Information you provide. When you submit the contact form we collect your name, email address, company, topic of interest, and message. For our newsletter we collect your email address. For a gated resource we collect your name, email, and company. When you apply for a role we collect your name, contact details, résumé/CV, and anything you include in your application.
  • Information collected automatically. With your consent, our analytics tools record standard technical data such as your approximate location, device and browser type, pages viewed, and referring source. No analytics or marketing scripts load until you accept them.
  • Marketing attribution. If you arrive via a campaign link, we may record attribution parameters (for example UTM tags) so we understand which channels bring people to us.
  • Cookies and local storage. We store your cookie-consent choice in your browser’s local storage. Analytics cookies are set only after you consent. See our Cookie Policy for detail.

2. How we use personal data

  • To respond to your enquiry and to scope, propose, and discuss potential work.
  • To deliver a resource, newsletter, or other content you have requested.
  • To assess and administer job applications.
  • To operate, secure, and improve the Site, including preventing spam and abuse (via Cloudflare Turnstile).
  • To understand how the Site is used, in aggregate, where you have consented to analytics.
  • To comply with our legal obligations and to establish, exercise, or defend legal claims.

3. Legal bases for processing (GDPR / UK GDPR)

Where the EU or UK General Data Protection Regulation applies, we rely on: your consent (for the newsletter, analytics, and non-essential cookies); our legitimate interests (to respond to enquiries, run and secure the Site, and understand its use), balanced against your rights; the performance of a contract or steps taken at your request before entering one; and compliance with a legal obligation.

You may withdraw consent at any time; doing so does not affect processing carried out before withdrawal.

4. How we share personal data

We do not sell your personal data, and we do not share it for third-party advertising. We disclose personal data only to the service providers (processors) that help us run the Site and communicate with you, each bound to process it only on our instructions:

  • Brevo — customer-relationship management, newsletter, and marketing automation.
  • Supabase — database and file storage for form submissions and applications.
  • Resend — delivery of transactional email (for example, notifying us of your enquiry).
  • Cloudflare — bot and spam protection (Turnstile) and content delivery.
  • Google Analytics or Plausible Analytics — Site analytics, loaded only with your consent.
  • Microsoft — scheduling, when you book a meeting through our Microsoft Bookings link.
  • Sanity — content management for our Insights.
  • Our website hosting and content-delivery providers, which process data to serve the Site.

5. International transfers

TMLC operates from India, and our service providers may process data in other countries, including the European Union and the United States. Where personal data protected by the GDPR is transferred outside the EEA or UK, we rely on appropriate safeguards such as the European Commission’s Standard Contractual Clauses. You may request more information about these safeguards using the contact details below.

6. Data retention

We keep personal data only as long as necessary for the purpose it was collected, then delete or anonymize it. Enquiry and CRM records are kept for as long as we have an active or prospective business relationship and for a reasonable period afterwards; newsletter data until you unsubscribe; and job-application data for the duration of the recruitment process and a limited period thereafter, unless we agree with you to keep it on file for future roles.

7. Your rights

Depending on where you live, you may have some or all of the following rights: to access the personal data we hold about you; to correct inaccurate data; to erase data; to restrict or object to processing; to data portability; and to withdraw consent. Under India’s DPDP Act you also have the right to nominate another person to exercise your rights and the right to grievance redressal. Under the California Consumer Privacy Act you have rights to know, delete, and correct, and to be free from discrimination for exercising them; note that we do not sell or share personal data as those terms are defined by the CCPA.

  • To exercise any of these rights, email us at business@tmlc.in. We will respond within the timeframe required by applicable law and may need to verify your identity first.
  • If you are in the EEA or UK and believe we have not handled your data properly, you may lodge a complaint with your local supervisory authority. We would appreciate the chance to address your concern first.

8. How we protect personal data

We apply technical and organizational measures appropriate to the risk, including encryption of data in transit, access controls, and the principle of least privilege. No method of transmission or storage is completely secure, but we work to protect your data and to review our practices as our systems evolve.

9. Children

The Site is intended for a professional, business audience and is not directed to children. We do not knowingly collect personal data from anyone under the age of 18. If you believe a child has provided us personal data, contact us and we will delete it.

10. Third-party links

The Site may link to third-party websites and services we do not control, including TMLC Academy and our scheduling provider. Their privacy practices are governed by their own policies, and we are not responsible for them.

11. Changes to this policy

We may update this Privacy Policy from time to time. When we do, we will revise the “Last updated” date above and, where the change is significant, take reasonable steps to notify you.

12. Contact us

For any question about this policy or about how we handle your personal data — or to raise a grievance under the DPDP Act — contact us at business@tmlc.in, or write to: The Machine Learning Company, Tower 5, World Trade Center, Kharadi, Pune 411014, India.