Download the pdf

Website Privacy Policy

Introduction

This Privacy Policy ("Policy") explains how [Your Company Name] ("Company," "we," "us," or "our") collects, uses, shares, and protects personal data obtained through our websites, applications, and related services. It is designed to comply with the Digital Personal Data Protection Act, 2023 ("DPDP Act"), and other applicable laws.

By accessing our website or using our services, you consent to the practices described in this Policy. Updates to this Policy will be communicated through our website or other appropriate channels.

Scope of the Policy

This Policy applies to:

  • Personal data collected through websites, applications, and online platforms.
  • Data provided by customers, employees, vendors, and business partners.
  • Information gathered during recruitment or operational processes.
  • Automatically collected data via digital platforms.

Definitions

  • Personal Data: Information that identifies or can identify an individual, such as name, contact details, and online identifiers.
  • Sensitive Personal Data: Information such as financial data, biometric data, health information, or any other data classified as sensitive under applicable laws.

Collection of Personal Data

4.1 Direct Collection

Personal data is collected directly from individuals in the following situations:

  • Contractual engagements or use of services (e.g., names, addresses, payment details).
  • Communications through customer service channels.

4.2 Business and Professional Contacts

Limited data such as names, job titles, and contact details may be collected from business partners and vendors.

4.3 Recruitment and Careers

Applicants may provide educational and professional records, identification documents, and references for recruitment purposes.

4.4 Visitors to Premises

We collect data such as visitor names, contact details, and biometric data (e.g., fingerprints). CCTV footage is recorded for security purposes.

4.5 Automatic Collection

Data such as device identifiers, IP addresses, geolocation, and user preferences are collected via cookies and similar technologies. Refer to our [Cookie Policy] for more details.

Purpose and Use of Personal Data

The Company processes personal data for the following purposes:

  • Fulfilling contractual obligations.
  • Complying with legal and regulatory requirements.
  • Improving website functionality and personalizing user experiences.
  • Marketing and promotional communications with consent.
  • Recruitment, employment, and operational management.
  • Conducting analytics and research.
  • Provision of Services

Specific Purposes and Data Elements

Purpose Data Collected
Registration Name, Email, Contact Number, Address
KYC Compliance Identification Proof, Tax IDs
Billing and Payments Billing Address, Credit Card Details
Customer Support Name, Contact Details, Nature of Inquiry

Sharing of Personal Data

6.1 Regulatory and Legal Compliance

Personal data may be disclosed to regulatory authorities and law enforcement agencies as required by law.

6.2 Third-Party Service Providers

We share data with trusted service providers for IT support, payment processing, and marketing services.The third-party service providers are contractually bound to safeguard and protect the personal data just as the organization (data fiduciary). Contracts ensure that data is used only for intended purposes.

6.3 Business Transfers

Personal data may be transferred during mergers, acquisitions, or asset sales.

Data Security

We implement robust measures to protect personal data, including:

  • Encryption: AES-256 for sensitive data.
  • Access Controls: Restricted access based on role and necessity.
  • Audits: Regular security assessments and compliance reviews.
  • Incident Response: Procedures to address potential data breaches promptly.

Retention of Personal Data

Personal data is retained only as long as necessary to fulfill its purpose or comply with legal obligations. After the retention period, data is securely deleted or anonymized.However, if required by a specific law or any court order in force related to data retention, the personal data may be retained even after the withdrawal of consent for a period specified by such a law or court order till the final remedy of appeal lapses

Children’s Privacy

Our services are not directed at individuals under 18. If you believe we have collected data from a minor, contact us immediately.

Your Rights

Under the DPDP Act, you have the following rights:

  • Access: Request a copy of your personal data.
  • Rectification: Correct inaccuracies.
  • Erasure: Request deletion of data no longer required.
  • Restriction: Limit processing of your data.
  • Withdrawal of Consent: Revoke consent at any time.

To exercise these rights, contact [Privacy Officer Email Address]. Requests will be processed within [Insert Timeline, e.g., 30 days] or as required by law.

Changes to the Privacy Policy

This Policy may be updated periodically to reflect legal, regulatory, or operational changes. Updates will be communicated via our website.

Contact Information

For questions or concerns, please contact:

Privacy Officer
[Your Company Name]
[Contact Address]
Email: [Privacy Officer Email Address]

Next Template →
DPDPA
Table of contents


Report error