Privacy Policy
Effective Date- 01-06-2024
1- Introduction
. This Privacy Notice applies to Xtracover Technologies Private Limited its subsidiaries, and Indian branch offices (collectively referred to as "Adroit Synergies," "We," or "Us").
. As your Data Fiduciary, Xtracover Technologies Private Limited is committed to protecting your personal data, as outlined below.
. Our top priority is safeguarding your privacy and ensuring the security of your personal information. We strive to make your interactions with us confident and trustworthy."
2- Objective.
This Privacy Notice is drafted to let you know about how Xtracover Technologies Private Limited is dedicated to safeguarding your personal data. This notice outlines our data handling practices regarding:
1- Data collection types
2- Data sources (direct and indirect)
3- Data usage purposes
4- Data storage, processing, and security
5- Your data rights
Xtracover Technologies Private Limited is dedicated to safeguarding your personal data and respecting your privacy. This notice provides comprehensive details on how we handle your personal data (PII) in accordance with regulations such as the GDPR and DPDPA.
This policy explains how we handle personal information in compliance with DPDPA and GDPR It applies to information collected:
1- Via our websites and online services.
2- Through email, phone, or text communications
3- At events, webinars, training sessions, campaigns, contests, or office visits
4- Over phone calls (which may be recorded and retained)
Our websites and services are intended for business or professional use by individuals, not children under 18. We do not knowingly collect or market children's data online.
Parent/Guardian Note: If you believe your child provided us with information without consent, contact us to delete their data.
For concerns, inquiries, or to exercise your rights regarding personal data, contact us:
3- Basic Terms
|
Serial No. |
Terms |
Definition. |
|
1. |
Personal Data/Personally Identifiable Information (PII)/Personal Information |
Personal data, or PII, refers to any information that pertains to an identified or identifiable individual (referred to as the ‘data subject’ or ‘PII Principal’). An identifiable individual is someone who can be recognized, either directly or indirectly, particularly through references to identifiers such as a name, identification number, location data, online identifiers, or specific attributes related to their physical, physiological, genetic, mental, economic, cultural, or social identity. |
|
2. |
Law/Act |
Act shall mean; |
|
3. |
Information |
Information shall mean and include Personal information collected by the Adroit Synergies Private Limited. |
|
4. |
Data Principal |
"For this policy, we define a Data Principal as any individual whose personal information is collected, stored, or processed, in accordance with the applicable data protection regulations." |
|
5. |
Data Fiduciary |
An entity (person, company, or organization) that solely or jointly determines the purpose and manner of processing personal data." |
|
6 |
IP Address |
An Internet Protocol address (IP address) is a logical numeric address that is assigned to every single computer, printer, switch, router or any other device that is part of a TCP/IP-based network. |
|
7 |
Machine Readable Format |
Machine-readable data, or computer-readable data, is data in a format that can be easily processed by a computer. Machine-readable data must be structured data. E.g.: word document, pdf document, excel sheet, etc. |
|
8 |
Data/PII Processor |
Data Processor/PII means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the data fiduciary. |
4- Abbreviations
|
Abbreviation |
Meaning |
|
DPO |
Data Protection Officer |
|
TCP/IP |
Transmission Control Protocol/Internal Protocol. |
|
PII |
Personal Identifiable Information |
6- Roles & Responsibilities
Data Fiduciary/Data Controller Details:
Xtracover Technologies Private Limited
A-1, 3rd Floor,FIEE Complex Okhla Industrial Area
Phase-2 New Delhi South Delhi DL 110020
Data Protection Officer (DPO) Contact:
For concerns or inquiries regarding your personal data, please reach out to our nominated DPO at contactus@xtracover.com
7- What Personal data we process?
In order to provide our services effectively, we may collect various types of information about you. This encompasses personal information, including your full name, username, email address, phone number, postal address, and other identifiers, as well as job application details and any other information you provide directly Furthermore, we gather data from your interactions with us, including communication content, website usage patterns, feedback, interests, and publicly available business information.
Technical data, such as your IP address, operating system, browser type, and cookie information, may also be collected. This includes information about your browsing patterns, device data (computers, mobile devices, tablets), website activities (such as page views and session data), advertising identifiers, and cookie-generated information.
We may also process transaction information, such as your purchase history and payment details (processed securely), along with usage data to understand how you engage with our website and services. To personalize your experience, we may use cookies to assign a unique User ID. Please note that cookies do not reveal your identity unless you register or provide information, nor can they access your hard drive.
By collecting and processing this data, we aim to enhance and tailor our services to meet your needs effectively.
8- Purposes and Lawfulness of Processing
We use the personal data we collect from you for various business purposes, based on different legal grounds for processing. Below is a summary of how and on which legal bases we use your personal data: We may use personal data to
1- Service Management: We use your data to process orders, manage accounts, handle inquiries, and fulfil contractual obligations.
2- Communication: With your consent, we send updates, promotions, and service-related information, with an option to opt out anytime.
3- User Experience Improvement: Data is analyzed to enhance website functionality and provide personalized services.
4- Security and Compliance: Your data ensures website security, adherence to legal obligations, and prevention of illicit activities.
5- Protection of Interests: We safeguard operations, rights, and safety while enforcing terms and mitigating risks.
6- Consent-Based Processing: We seek your consent where required before processing your personal data.
By processing personal data responsibly and securely, we aim to deliver effective services, ensure compliance, and maintain user trust.
9- Retention and Storage
We will retain your personal data for the duration necessary to fulfil the purposes outlined in this notice, unless extended retention is legally required or permitted.
Following the retention period, your data will be disposed of through deletion, destruction, or archiving, in accordance with:
1- Applicable laws
2-Industry best practices
3- Regional sectoral guidelines
4- Contractual requirements"
Once the company no longer requires personal data for its specified purposes, it is promptly and securely disposed of in accordance with applicable laws and regulations. This disposal process involves either secure destruction, utilizing methods such as anonymization, Separately, transactional data related to our services is retained for a period of 5 years from the date of transaction, after which it is also securely disposed of or anonymized.
10- Rights for You
As a valued user of our services, you have certain rights regarding your personal data under the Digital Personal Data Protection Act, 2023, and General Data Protection Act based on your use of our services. These rights are designed to ensure your personal data is protected and processed in accordance with applicable laws.
Right to Access. You have the right to request confirmation of whether we are processing your personal data, details about such processing, and a copy of your personal data. This right allows you to understand how your data is being used and ensure its accuracy.
Right to Erasure. You can request erasure of your personal data if certain conditions are met. However, please note that we may not comply with your request if processing your personal data is necessary for:
Compliance with a legal obligation
Establishment, exercise, or defence of legal claims
We will assess each request on a case-by-case basis.
Right to Objection. You can object in writing to any processing of your personal data, which is done on the basis of our “legitimate interests,” if you believe your fundamental rights and freedoms outweigh our legitimate interests. If you object in writing to our processing of your personal data, we shall then have an opportunity to demonstrate that we have compelling legitimate interests which override your rights and freedoms. In addition, you can object to the processing of your personal data for direct marketing purposes, which includes profiling to the extent that it is related to such direct marketing. We will then cease the processing of your personal data for direct marketing purposes.
Right to Portability. You can ask us to provide your personal data to you in a structured, commonly used, machine-readable format, or you can ask to have it 'ported' directly to another data controller, but only where our processing is based on your consent and the processing is carried out by automated means.
Right to Rectification. You can request updates or corrections to certain information. We may verify the accuracy of the data before rectifying it to ensure its integrity. For certain information, you may be able to update or correct it by updating your personal settings within our Offerings.
Right to withdrawal Where processing is based on your consent, you can withdraw it at any time. Please note that withdrawal will not affect the lawfulness of processing done prior to your withdrawal taking effect. If you have questions about withdrawing consent, please contact our Data Protection Officer at contactus@xtracover.com
Right to nominee. The Digital Personal Data Protection Act, 2023 grants you the right to nominate a representative to exercise your rights in the event of death or incapacity. This representative will act on your behalf, adhering to prescribed guidelines and provisions outlined in the Act.
Right of Grievance redressal. In accordance with the Digital personal data protection act 2023, if User faces any grievance with respect to this Privacy Notice, User may contact Data protection officer at contactus@xtracover.com
The Data Protection Officer (DPO) shall respond to and resolve any discrepancies or grievances raised by the User regarding the processing of information, within the timelines stipulated by applicable law. In the absence of such timelines, the DPO shall address the matter within ______ days
To exercise your rights, contactus@xtracover.com We won't discriminate or penalize you for doing so. We'll process your request within a reasonable timeframe, as required by law. For security, we may need to verify your identity before taking action.
11- Security of Personal Data.
We prioritize the security of your information, employing stringent procedures and measures to prevent unauthorized access, breaches, or leaks. Our multi-layered security approach combines technical, organizational, and physical safeguards to protect your personal data from unauthorized access, loss, disclosure, or alteration.
While we implement robust security measures, no system is completely immune to breaches. If you have concerns about your personal information's security or suspect a compromise, please contact us promptly using the contact details provided in this Privacy Notice.
12- Disclosure
We may disclose your information to any of our employees, officers, insurers, professional advisers, agents, partners, suppliers or subcontractors in so far as reasonably necessary for the purposes set out in this privacy Notice and for the purpose of providing services to you.
.We may disclose your personal data to any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries.
.We may disclose your personal data to third parties if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of use and other agreements; or to protect the rights, property, or safety of the Companies, our customers, or others.
.To our third-party service providers who provide services such as website hosting and webinars. The information we provide to third parties service providers is subject to confidentiality obligations and is intended to be used solely for the purpose(s) permitted thereby.
.To identify you to anyone to whom you send messages through the Services. You may also choose to disclose your Personal data on chat, social media, blogs, and other services to which you are able to post information and materials. Please note that any information you post or disclose through these services will become public and may be available to other users and the general public. We urge you to be very careful when deciding to disclose any information on the Services.
.To a third party, in the event of any reorganization, merger, sale, joint venture, assignment, transfer, or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings.
.As we believe to be necessary or appropriate: (a) under applicable law, including laws outside your state or country of residence; (b) to comply with legal process and to prevent, detect, or suppress abuse, fraud, or criminal activity; (c) to respond to requests from public and government authorities and self-regulatory organizations, including public and government authorities and self-regulatory organizations outside your state or country of residence; (d) to enforce our terms and conditions; (e) to protect our operations, assets, or interests or those of any of our affiliates; (f) to protect our rights, privacy, safety, or property, and/or that of our affiliates, you, or others; and (g) to allow us to pursue available remedies or limit the damages that we may sustain.
13- Cross Border Data Transfer
The data that we collect or are provided with may be transferred to and stored at a destination outside the base location. It may also be processed by staff operating outside the base location who work for us or for one of our related companies and affiliates.
We will ensure that a legitimate transfer of your personal data takes place to a location abroad keeping in mind the transfer mechanisms mandated by applicable laws.
14- Changes to this Privacy Notice
This Privacy Notice is subject to periodic updates. We will revise the "Effective Date" at the top of this Notice to reflect significant changes. Additionally, we may post a notice on our website or provide direct notice to you, as required by law, before updates take effect.
15- Requests and Queries
For any queries, suggestions, or requests related to this Privacy Notice, please email at contactus@xtracover.com