Privacy Policy

This policy (“Privacy Policy”) is applicable to Digialaya Solution Private Limited (herein after referred as “Digialaya”) and/or branch offices in India. It provides the practices and policies applicable to all (including its employees, interns, contractors, consultants, clients, customers or any other party directly or indirectly engaged for the purpose of business or otherwise) for handling of or dealing in Personal Information, including Sensitive Personal Data or Information (as defined below) that is lawfully collected by Digialaya. We collect personal data of our employees, potential employees, clients, suppliers, business contacts, shareholders and website users or any other individual or entities wherever required for business purposes or otherwise.

Digialaya protects your personal data in accordance with applicable laws and our data privacy policies. In addition, Digialaya maintains the appropriate measures to protect your personal data against unauthorized or unlawful processing and/or against accidental loss, alteration, disclosure or access, or accidental or unlawful destruction of or damage thereto.

Definitions:

•  “Act” shall mean the Information Technology Act, 2000 and Rules thereunder as amended from time to time.
• “Information” shall mean and include Personal Information and Sensitive Personal Data and Information as may be collected by Digialaya.
• “Personal Information (PI)” shall have the same meaning as under Rule 2 (i) of the Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011 as amended from time to time.
• “Rules” shall mean the Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011 as amended from time to time.
• “Registered User” shall mean such user whose registration is accepted by Digialaya.
• “Sensitive Personal Data and Information (SPDI)” shall mean and include information under Rule 3 of the Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011 as amended from time to time.

All words and expressions used and not defined in this document but defined in the Act or the Rules shall have the meanings respectively assigned to them in the Act or the Rules.

Digialaya is fully committed to respecting your privacy and shall ensure that your Information is safe. This privacy policy sets out the practices adopted in respect of Information, including the types of Information that is collected, how the Information is collected, how the Information is used, how long the Information is retained and with whom it is shared (“Privacy Policy”). This Privacy Policy is published in compliance with the provisions of the Act and the Rules made thereunder that require publishing the privacy policy on Digialaya’s website.

Collection of Information:

You may use Digialaya’s website to access Information, learn about its products and services, read publications and check career opportunities etc. without providing any PI/SPDI. Digialaya may collect and process PI/ SPDI provided by you in the following forms:

1. Should you opt to access such services of Digialaya, which are available only to Registered Users, information is required to be provided by you at registration.
2. Information that you provide directly to Digialaya via email or electronic communication.
3. Information that you provide to Digialaya over telephone. Digialaya may make and keep a record of such information shared by you.
4. Information that you provide to Digialaya in physical form whether sent through post or courier or handed over to a Digialaya representative in person.
5. PI/SPDI collected by Digialaya from its employees (refer Appendix 2), suppliers, clients, prospects or onsite consultants or by lead generation for the purpose of employment, availing/providing services etc.

You will at all times have the option of not providing Digialaya with PI/SPDI that Digialaya seeks to collect. Even after you have provided Digialaya with any PI/SPDI, you will have the option to access, modify, rectify or withdraw the consent given earlier by contacting Digialaya on www.digialaya.com. In such cases, Digialaya will have the right to not provide or discontinue the provision of any service that is linked with such PI/SPDI.

Use of Information Collected:

Any information, if collected will be used in connection with the relevant purpose as communicated by Digialaya to you via verbal or written method of any sort. The provider of information availing any Services from Digialaya shall be deemed to have consented to Digialaya for the use of such information as under this policy. Employees, suppliers, clients, prospects or consultants of Digialaya shall be duly advised about the purpose for which any Information is being collected at the time of such collection. We will not use your personal data for purposes that are incompatible with the purposes of which you have been informed, unless it is required or authorized by law, or it is in your own vital interest (e.g. in case of a medical emergency) to do so.

Limited User:

User agrees and also undertakes not to reverse, modify, engineer, copy, transmit, distribute, display, perform, publish, license, reproduce, create works that are derivative from, transfer/sell any part of information or any software that is acquired from the site. Limited reproduction of the website’s content and copying it is allowed only if ‘Digialaya’ is called the source. Also, you need our written permission ‘before’ doing this. It is again made clear to you that wholesale or unlimited reproduction or copying of content for any purpose- non-commercial or commercial and unwarranted changes of information and data within the website’s content is not allowed.

Information sharing:

We do not sell, rent, share, distribute, lease or otherwise provide your Personal Information to third parties, without your prior consent. Keeping this in mind, we may disclose your Personal Information in the following cases:-

1. Employees or Consultants (including auditors, authorized vendors) on a ‘need to know’ basis under a Non-Disclosure Agreement.
2. Governmental authorities, in such manner as permitted or required by applicable law; and
3. Legal proceedings: In the event, Digialaya is required to respond to subpoenas, court orders or other legal process, your PI/SPDI may be disclosed pursuant to such subpoena, court order or legal process, which may be without notice to you.

Security of Information:

We endeavour to only collect such Personal Information that is necessary for the purposes indicated here, and to retain such data for no longer than is necessary for such purposes. The length of time Personal Information is retained, and criteria for determining that time, are dependent on the nature of the Personal Information and the purpose for which it was provided/ collected.  Digialaya takes all the reasonable care for protection of data. Although we provide appropriate firewalls and protections, we cannot warrant the security of any Personal Information transmitted as these systems are not hack proof. Data pilferage due to unauthorized hacking, virus attacks, technical issues is possible, and we assume no liability or responsibility for it.

Notwithstanding anything contained in this Privacy Policy or elsewhere, Digialaya shall not be held responsible for any loss, damage or misuse of your PI/SPDI, if such loss, damage or misuse is attributable to a Force Majeure Event.

Consequences of Violations:

Every Digialaya Employee/Relevant Individual, who deals with or comes into contact with Personal Data regardless of its origin, shall have a responsibility to comply with the applicable law concerning data privacy and specific privacy practices. The Employee/Relevant Individual should seek advice in the event of any ambiguity while dealing with Personal Data or in understanding this Policy. The Employee/Relevant Individual shall be diligent and extend caution while dealing with Personal Data of others, in the course of performance of his/her duties and shall also, at all times prevent any un-authorized person from having access to any computer systems processing Personal Data.

Failure to comply with the Policy and applicable laws may have serious consequences and can expose both Digialaya and the Employee/Relevant Individual to damages, criminal fines and penalties. It is important to note that any non-compliance with this Policy is taken very seriously by Digialaya and may lead to initiation of appropriate disciplinary actions including but not limited to Employee dismissal or Relevant Individual termination.

Retention of Information:

It is Digialaya policy to retain certain Personal Data of the relevant individuals when they cease to be employed/ engaged by Digialaya. This Personal Data may be required for Digialaya’s legal and business purposes, including any residual activities relating to the employment/engagement, including for example, provision of references, processing of applications for re-employment/re-engagement, matters relating to retirement benefits (if applicable) and allowing Digialaya to fulfil any of its contractual or statutory obligations.

We will retain your personal data only for as long as is necessary. We maintain specific records management and retention policies and procedures, so that personal data is deleted after a reasonable time. Once Digialaya no longer requires the Personal Data, it is destroyed appropriately and securely or anonymized in accordance with the law. Services transactional data is retained for three years.

Governing Laws and Disputes:

These terms will be regulated by and created according to the Indian laws without reference to the principles of conflict of laws; disputes that arise regarding hereto will subject themselves to the Gurgaon, Haryana courts’ exclusive jurisdiction

Headings:

The subheadings and headings herein are incorporated for identification and convenience only and do not intend, in any manner, to define, describe, interpret or limit the intent, extent or scope of these Terms or your right to use the site enclosed herein or other pages or section of the site or any of the Linked Sites.

Severability:

In case of determination for any provision in the Terms that it cannot be enforced in part or whole or it is invalid, such unenforceability or invalidity will only attach to that particular provision or the part of said provision; the rest of the part of this provision as well as all the other provisions of the Terms will continue and proceed with effect as before.

Changes to This Policy:

We may update this Privacy Policy from time to time. You are encouraged to check this Privacy Policy on a regular basis to be aware of the changes made to it.

Contact Us:

If you have any questions or concerns or grievances regarding this Privacy Policy, you can email us at [connect@digialaya.com].

Appendix 1

• Rule 2 (i)
  “Personal information” means any information that relates to a natural person, which, either directly or indirectly, in combination with other information available or likely to be available with a body corporate, is capable of identifying such person.
• Rule 3
  Sensitive personal data or information of a person means such personal information which consists of information relating to:-
  1. password;
  2. financial information such as Bank account or credit card or debit card or other payment instrument details ;
  3. physical, physiological and mental health condition;
  4. sexual orientation;
  5. medical records and history;
  6. medical records and history;
  7. Biometric information;
  8. any detail relating to the above clauses as provided to body corporate for providing service; and
  9. any of the information received under above clauses by body corporate for processing, stored or processed under lawful contract or otherwise provided that, any information that is freely available or accessible in public domain or furnished under the Right to Information Act, 2005 or any other law for the time being in force shall not be regarded as sensitive personal data or information for the purposes of these rules.

• Information collected from Registered Users: Sensitive personal data or information of a person means such personal information which consists of information relating to:-