APPLICABLE PRIVACY LAWS means Information Technology Act, 2000 of India, as in force, especially as amended by Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 and other laws of India as in force, in relation to personal data privacy, personal data protection and data and information security.
LAWS means the laws of India, enacted by the Parliament or any state legislature, as in force, and shall include the rules and regulations by any subordinate or statutory executive authorities, judgments and orders of Supreme Court of India, jurisdictional High Courts and other subordinate courts and applicable orders of other tribunals and quasi-judicial authorities having binding force as a law. LAWS shall include APPLICABLE PRIVACY LAWS.
ACT means Information Technology Act, 2000 of India
RULES means Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 of India
PERSONAL INFORMATION shall have a same meaning defined under the RULES and shall include, but not limited to the information attributable to the natural person such as name, gender, date of birth, date of marriage anniversary, physical address (including Pin Code), email id., telephone number, mobile number, messenger id., native language, ethnicity, caste, religion / faith, preferences, income, expenditure, assets, liabilities, employment, hobbies, and such other information which can be directly identified with the individual person.
SENSITIVE PERSONAL INFORMATION shall have the same meaning as under section 43A of the ACT read with the rule 3 of the RULES and shall include, but not limited to, the PERSONAL INFORMATION such as passwords, bank account information, credit / debit card information, UPI information, health conditions, sexual orientation, biometric information, assets, liabilities, income, expenditure, conjugal or other sensitive relationships etc.
NON-PERSONAL INFORMATION means the information which is not a PERSONAL INFORMATION. Such information shall include, but not limited to, system information such as IP address, source of traffic, geographical information, web usage, data usage etc., through cookies or other embedded apps / codes, either developed by WEBSITE or provided by third-party, but used with the consent of WEBSITE. For example, the Facebook pixel or similar codes / applets from the advertisers collect the information about the source ad wherefrom the visitor has clicked and visited on the website or landing page.
Collection and Use of INFORMATION
WEBSITE may collect the following types of INFORMATION from the USER:
PERSONAL INFORMATION shall be collected only with the consent of the USER.
The PERSONAL INFORMATION shall be collected only in case where the USER intends to receive any information, either digital or otherwise, from the WEBSITE, such as e-books, reports, white papers, emails, offers, notifications, newsletters, access to database, etc. or the USER intend to be a part of certain digital communities / groups, whether paid or not, operated and maintained by the WEBSITE on any social media or digital platforms or for the processing of the order of the USER, where the USER places the order on the WEBSITE for purchase of any goods / services offered by the WEBSITE or for resolution of any queries of the USER, either through the chat board or external messaging applications or email or telephone lines or forms embedded on the WEBSITE.
NON-PERSONAL INFORMATION may be collected and used for improving the SERVICES. Such NON-PERSONAL INFORMATION, if collected through cookies, shall be only with the consent of the USER for accepting cookies. However, certain NON-PERSONAL INFORMATION may be accessible at and collected at the system level as a part of technical operations of the client-server systems interacting with each other. If it is not practically possible to obtain the consent of the USER or such consent is not taken as a generally accepted industry practice or not required by LAWS, WEBSITE shall not take consent of the USER for such NON-PERSONAL INFORMATION.
WEBSITE may collect any SENSITIVE PERSONAL INFORMATION with the consent of the USER, wherever it is required either by LAWS or for providing any service for which it is either mandatory or imperative or desirable to collect such SENSITIVE PERSONAL INFORMATION. However, USER shall provide such SENSITIVE PERSONAL INFORMATION, if he or she wishes to provide, at his or her own risk. If the USER chooses not to provide any SENSITIVE PERSONAL INFORMATION, he or she shall not be entitled to avail the SERVICES to the extent for which providing SENSITIVE PERSONAL INFORMATION is mandatory or imperative.
Any SENSITIVE PERSONAL INFORMATION such as credit card details, bank details etc., may be demanded by the external payment gateways, for processing the payment of the USER. It is recommended that the USER must read and understand the privacy and data protection policies, terms and conditions of use and disclaimers of such external payment gateways. WEBSITE does not, in any way, make any representations or give any warranties of the services of such external payment gateways and the WEBSITE shall not be liable for any loss incurred by the USER due to any acts or omissions of such external payment gateways.
WEBSITE shall keep the PERSONAL INFORMATION and SENSITIVE PERSONAL INFORMATION confidential to the extent reasonably possible and the WEBSITE shall not share the same with any third party except in compliance of LAWS or any order of any court or statutory authority.
WEBSITE may, however, use the PERSONAL INFORMATION to verify and authenticate the USER for providing access to certain sections of WEBSITE which are accessible only for the registered users.
The INFORMATION shall be collected and used only for the intended purpose which is communicated to and consented by the USER
Storage and Retention of INFORMATION
The WEBSITE shall store the INFORMATION in secured electronic format, either in the systems of the WEBSITE or any third-party servers, and shall ensure that the access to such INFORMATION, whether personal or not, is not accessible by or disclosed to any third party who is not authorized to access or use such INFORMATION.
In case of storage of INFORMATION in third-party servers, the WEBSITE shall reasonably ensure that such third-party service providers have adequate data security measures including adoption of the best practices and industry standards of information security such as ISO/IS/IEC 27001.
The INFORMATION shall be retained only till the time it is lawfully necessary for the intended use or for the period which is prescribed by LAWS for retention of information.
Correction or Deletion of INFORMATION
The WEBSITE shall correct the INFORMATION provided by the USER at the request of the USER. However, the USER agrees that certain information cannot be corrected or deleted, either by legal restrictions or by system restrictions not controllable by the WEBSITE, and in such cases, the WEBSITE shall neither be bound to correct or delete such INFORMATION nor be responsible for the consequences, of whatsoever nature, due to such INFORMATION.
Disclosure of INFORMATION
The WEBSITE shall however disclose, without consent of the USER, the INFORMATION to the Court or any Statutory Authority, to comply with any order of such Court or Statutory Authority or to comply with the LAWS.
WEBSITE may disclose the INFORMATION its affiliates, group companies, HSP, consultants, vendors, and contractors, who provide various services such as data processing, information verification, information and security audit, payment processing, customer service, hosting services, data analytics services, IT infrastructure or any such other services which are necessary for providing SERVICES to the USERS. However, the INFORMATION to such third parties shall be disclosed under the necessary confidentiality restrictions and covenants such as Non-Disclosure Agreement.
Foreign Laws Compliance
The WEBSITE is substantially based in India and is intended for the users in India only and fully subject to Indian jurisdiction. WEBSITE shall, to the extent possible, try to comply with the data privacy or data protection laws of countries or territories other than India (“Foreign Laws”) such as, but not limited to GDPR of EU, however, does not guarantee compliance with such Foreign Laws, unless the WEBSITE falls under the jurisdiction of such Foreign Laws.
Users from the jurisdictions other than India should access the WEBSITE at their own risk.
Despite of adoption of all the reasonable measures for ensuring that the INFORMATION is collected, stored, used, and disclosed in accordance with the LAWS and the best practices, USER understands, and accept the inherent security risks (on account of hacking, data loss, network failures, disk or drive failure / crash, system failures / crash, security breaches, encryption breaches, etc.) in transmission of data over the internet / cellular / data networks and storage in the systems and the USER will not hold the WEBSITE responsible or liable for any breach of security or the disclosure of Personal Information unless the WEBSITE has been grossly and willfully negligent or have committed fraud.
For any clarifications or explanations or further information, USER is requested to contact firstname.lastname@example.org.