Data Retention Policy | CollarCheck

Feedback

×

Data Retention Policy

  • 1. EFFECTIVE DATE. This Data Retention Policy Agreement {HEREINAFTER interchangeably titled as ‘AGREEMENT’ ‘or DATA RETENTION AGREEMENT’ for intents of brevity} explains how M/s. Collar Check Pvt. Ltd. {‘DATA FIDUCIARY’}, determines the purposes and means of the lawful processing of personal data of a Data Principal in compliance with legal requirements of Digital Personal Data Protection Act, 2023 &the Information Technology Act, 2000 which are presently in force within India.
  • 1.1 This Agreement, as a whole, constitutes a Click Wrap Agreement, the contents whereof; AND the terms and conditions governing the contents and usage thereof (as defined by Article (1.13) of our EULA) stand binding upon your acceptance.
  • 1.2 The terms set forth under; and constituting this Agreement shall be in addition to the EULA, Data Privacy Policy Agreement; Cookie Agreement; as well as the Data Mining & Sale Agreement published on our website.
  • 1.3 This Agreement shall be made effective on & from the day it is first uploaded, published and made available on public domain on official portal of M/s. Collar Check Pvt. Ltd.; and every User availing of the benefits of M/s Collar Check Pvt. Ltd. shall be deemed as having constructive notice of its terms, NOTWITHSTANDING anything stated or implied to contrary, or inconsistent therewith.
  • 1.4 The terms set forth and constituting this Data Retention Policy Agreement shall be deemed to cover our affiliate concerns having a direct, substantial or remote relationship with, or otherwise affected by terms and conditions of this Agreement.
  • 2. INTERPRETATION CLAUSE. Unless repugnant to context or the subject-matter of this Agreement herein, the expressions:
  • 2.1 “ACT” shall mean the Information Technology Act, 2000 & the Digital Personal Data Protection Act, 2023 as in force in India;
  • 2.2 “DATA FIDUCIARY” shall mean M/s. Collar Check Pvt. Ltd. acting in its fiduciary capacity towards the best interests of a Data Principal in all matters involving usage, purpose and means employed by Data Fiduciary to process personal data of Data Principal;
  • 2.3 “DATA PRINCIPAL” shall mean every user who uses or profits from the usage of the services introduced into the relevant product market by the Data Fiduciary for its own usage or benefit to the limited extent consistent with this Agreement; whether as an employer or employee to extent consistent with the EULA dated……….of which this Agreement forms a part.
  • 2.4 “PERSONAL DATA BREACH” shall, in context of this Agreement, include the unlawful or unauthorized processing of any personal data or accidental disclosure, acquisition, sharing, usage, alteration or destruction of; or loss of access to any personal data which compromises the confidentiality, integrity or availability of personal data belonging to Data Principal;
  • 2.5 “SENSITIVE PERSONAL DATA” shall, for purpose of this Agreement, include all/every personal information or data of a Data Principal which comprises of information relating to a Data Principal’s (a) password; (b) financial information or (c) physical, psychological, physiological or mental health conditions; or (b) medical records and history, or (c) biometric condition(s); or (d) email addresses, nicknames, birthdays, time zones or photographs uploaded; or (e) a combination of all/any of these.
  • 3. PURPOSE AND OBJECTIVE OF RETENTION. Data Fiduciary recognizes that as an intermediary platform, it is required to handle, process and store sensitive personal data (as defined by Article (2.9) of its Data Privacy Policy Agreement) which it is also required to store and destroy in a manner consistent with statutory requirement and its commercial interests. In pursuance thereof, Data Principal is devising this Agreement from the perspective(s) of a commercial & legal perspective.
  • 4. RESPONSIBILITY OF DATA RETENTION. Data Fiduciary, including all sub-contractors and other third-parties to whom all, or any part of this Agreement may be assigned for cause, undertake personal responsibility for retention of all data collected by it in course of its role as an intermediary platform, including, but not limited to devising & implementing reasonable security practices and procedures which are designed to protect such information from unauthorised access, damage, use, modification, disclosure or impairment by a third-party; and undertakes to comply with GDPR requirements as applicable.
  • 5. DATA RETENTION PERIOD. Keeping in mind that personal information (as defined under Article (1.12) of its EULA), as well as sensitive personal data (as defined under Article (2.9) of its Data Privacy Policy Agreement) can be lawfully retained as long as retention is feasible for purposes of achieving the business & commercial purposes for which data is being collected, retained & processed by Data Fiduciary, thus, for purposes of substantial compliance of the same, Data Fiduciary shall cause to proactively manage personal information of an User of its services, including for accounting, tax or legal reasons herein.
  • 5.1 GENERAL OBLIGATIONS OF DATA FIDUCIARY. Taking cognizance of its statutory obligations under Indian Contract Act, 1872; the Information Technology Act, 2000 & the Digital Personal Data Protection Act, 2023, Data Fiduciary undertakes it shall, at all points of time, be responsible for complying with all three enactments in respect of all, or any personal data of a Data Principal using its Mobile Application & processed by it, or by a Data Processor specifically designated by it for this purpose.
  • 5.2 All personal data processed by a Data Fiduciary, as defined under this Agreement, shall be updated at all points of time, notwithstanding that the same may be used for purposes of making a valid decision affecting the best interests of a Data Principal, or which is required to be disclosed to another Data Fiduciary for any lawful purposes consistent with Indian laws.
  • 5.3 All personal data of a Data Principal shall be processed and protected from all forms of hacking or unauthorized access in letter & spirit, and to the limited extent provided under Article (8), (9), (10) & (14) of this Data Retention Policy Agreement.
  • 6. SECURING OF DATA. During, and in course of usage of enforcement of this Data Retention Policy Agreement,, it is mutually understood by Data Principal & Data Fiduciary that the latter is committed towards maintaining the highest degree of transparency standards involved in securing a Data Principal’s personal data; and shall, at all times, take such reasonable measures as it deems necessary or expedient for purposes of protecting the Data Principal’s legal rights and personal data.
  • 7. COLLECTION OF DATA. WITHOUT PREJUDICE TO anything said, done or recorded, whether expressly or by implication, in, by or under terms of Article (5) of this Agreement, Data Fiduciary covenants, warrants and assures Data Principal herein that all data collected by the former & constituting personal data under the Information Technology (Reasonable Security Practices & Procedures and Sensitive Personal Data or Information) Rules, 2011 shall be used by Data Fiduciary solely & exclusively for the purposes of improving the Data Principal’s usage experience over the Mobile Application, as defined by Article (2.2) of this Agreement; and all such data collected by Data Fiduciary may be used thereby for purposes of increasing the safety and accuracy of the within-named Mobile Application, in addition to rendering relevant application content & product offers.
  • 7.1 COLLECTION AND PROCESSING OF PERSONAL DATA. All personal data of a Data Principal may be collected by Data Fiduciary in following ways: (a) by data voluntarily provided by Data Principal; that is to say, by registration on the Mobile Application; or (b) by automatic collection of data; that is to say, data collected by way of cookies or other similar tracking technologies.
  • 7.2 Nothing shall impair a Data Fiduciary to process data in any manner whereby such processing is (a) necessary or proper for purposes of enforcing a legal right or claim recognized under Indian law, or; (b) in interest of prevention, detection or prosecution of a crime or offence punishable by Indian law, or (c) necessary for a scheme of compromise, arrangement, reconstruction, merger or amalgamation of any company, one of which is Data Fiduciary; or (d) is otherwise required by law.
  • 7.3 Pursuant to the terms set forth in this Agreement, Data Fiduciary hereby declares that it may, for lawful purposes consistent with execution of this Agreement, cause to process personal data of Data Principal registered on its Mobile Application.
  • 7.4 IN PARTICULAR AND WITHOUT PREJUDICE TO anything recorded in terms of Article (7.3) of these Presents, Data Fiduciary shall bear no liability towards Data Principal in the processing of its personal data in the following circumstances hereinafter stated:
  • 7.4.1 For the specified purposes for which the Data Principal has voluntarily provided its personal data to the Data Fiduciary;
  • 7.4.2 For the performance of legal obligations, including compliance with disclosure requirements under domestic Indian law;
  • 7.4.3 For the purposes of compliance with any judgement, order or decree issued under domestic laws, whether or not the same constitutes a valid claim of a contractual or civil nature under laws in force within the territorial limits of India or otherwise;
  • 7.5 NOTHING HEREIN CONTAINED shall impair, or be deemed to prevent Data Fiduciary from collecting personal information of a Data Principal relating to its (a) name; (b) address; (c) location (d) date of birth; (e) password; (f) actual place or residence; (g) residential address or any of them for purposes of prevention of any offence punishable under any laws in force within India.
  • 7.6 Nothing shall authorize Data Fiduciary from causing to capture, maintain, scan, index or use; or otherwise use any form of data mining technologies such as, but not limited exclusively to clustering or classifying for purposes of maximizing sales in a manner consistent with tone and tenor of this Agreement and WITHOUT PREJUDICE TO penalty of any laws in force in India.
  • 7.7 NOTHING HEREIN CONTAINED shall operate as a bar in any manner or form so as to prevent Data Fiduciary from connecting Data Principal with any third-party application services to import relevant information about its activities on the Mobile Application herein, SUBJECT NEVERTHELESS TO the provisions set forth under the Information Technology Act & the DPDA, 2023.
  • 8. USAGE OF INFORMATION. Data Fiduciary assures, covenants and warrants that all personal information of Data Principal , inclusive of information acquired by it in the course of usage of the mobile application by Data Principal shall, at all times, be used by Data Fiduciary exclusively for purposes of honoring, promoting and performing its contractual obligations towards Data Principal such as, but not limited exclusively to account management, identification and debugging of any errors, including syntax errors arising in the course of usage of its Mobile/Web Application & incidental or ancillary issues.
  • 9. TRANSFER OF PERSONAL DATA. Data Fiduciary reserves its rights to transfer all, or any personal data or information collected by it under this Agreement, including, but not limited to any sensitive personal data or information thereby collected from an End User to any other affiliate, body corporate, successors-in-interest or other person, whether or not situated in India to extent that such affiliate, body corporate, successors-in-interest or other entity ensures same or higher degree of data privacy and data protection as Data Fiduciary; and provided that such transfer of data or information collected by the Data Fiduciary is necessary for compliance with GDPR norms, as applicable to India, or other legislations.
  • 10. DISCLOSURE OF INFORMATION. It is expressly & by implication affirmed, covenanted and acknowledged by Data Fiduciary & Data Principal that information rendered by a Data Principal to Data Fiduciary constitutes its own personal information.
  • 10.1NOTWITHSTANDING ANYTHING TO THE CONTRARY STATED HEREINBEFORE, Data Fiduciary expressly covenants, warrants and assures Data Principal that it shall not, without prior consent of Data Principal, cause to disclose any personal data of Data Principal thereby collected in course of usage of Data Fiduciary’s platform to any other third-party or entity, or other intermediary SAVE AS, OR EXCEPT WHERE such disclosure is required to be made pursuant to any decree, order, judgement or other finding rendered by any Court of Justice or other regulatory authorities in any legal proceedings initiated before such authorities.
  • 11. DATA PROCESSING RESTRICTIONS. In the event that any personal data belonging to, or identifying material particulars of Data Principal is found to be inaccurate, nothing shall prevent Data Fiduciary from causing to verify and/or update the said information on its server on written request received by its Data Protection Officer from affected Data Principal to that effect.
  • 12. BUSINESS TRANSFER. In the event that the business of Data Fiduciary is (a) acquired, merged or amalgamated into, or with another Data Fiduciary or other entity, or; (b) caused to stand reorganized, sold or declared insolvent or bankrupt by any valid decree, order, judgement or finding of any Court of Justice, quasi-judicial or regulatory authority specifically empowered for this purpose herein, nothing herein shall impair or prejudice the Data Principal’s legal rights in consequence.
  • 13. REVISION OF POLICY. This Data Retention Policy may be revised or amended by Data Fiduciary either in whole or in part from time to time for purposes of improving its services to Data Principal, or otherwise in compliance with domestic Indian laws; and every such material change so made to the present Agreement herein shall be notified by Data Fiduciary by way of a social media update or an email duly communicated to the e-mail address of Data Principal duly registered with Data Fiduciary and associated with Data Principal’s account on the Mobile App owned by Data Principal. Further, by continuing to access or use the Mobile App herein, Data Principal expressly acknowledges to be legally bound by all assurances, terms, covenants and warranties set forth under this Agreement, including revisions or amendments made by the Data Fiduciary.
  • 14. FORMATION OF E-CONTRACT. This Privacy Policy shall be deemed to constitute an e-contract formed by way of an electronic record; and by using the platform owned and operated by Data Fiduciary& published on relevant operating system software, the Data Principal affirms without further protest or demur that it shall be bound by, and strictly observe this Agreement.
  • 15. OBSERVANCE OF AGREEMENT. Data Principal & Data Fiduciary undertake that they shall, on and after publication of this Agreement, cause to observe all assurances, covenants, representations, stipulations and warranties set forth herein and shall not deviate, nor cause to do acts, or engage in conduct which amounts to a breach of contract, or violates Indian law.
  • 16. GRIEVANCE REDRESSAL MECHANISM. Nothing shall cause to impair or prevent a Data Principal having a legitimate legal grievance in respect of all, breach of any of its data privacy rights, including a suspected personal data breach, or a breach of its sensitive personal data in course of using the Mobile Application belonging to Data Fiduciary from communicating an e-mail to the designated Data Protection Officer within a period of thirty days next-following the incidents of breach thereby.
  • 16.1On receipt of the said complaint referred to under Article (26) of this Agreement, the Data Protection Officer appointed by the Data Fiduciary shall make all reasonable endeavors to dispose of the complaint within a period not exceeding………days.
  • 16.2Nothing shall be construed as implying a waiver of rights in Data Principal in filing appeal with the Designated Data Appellate Protection Officer against findings of Data Protection Officer within a span of sixty days following date of the disposal order.
  • 17. REVIEW. This Policy may be reviewed from time to time by Data Fiduciary for purposes of complying with any change in law.
  • 18. ASSIGNMENT. Other than for limited purposes of performance of this Agreement, nothing shall be construed as authorising an User of the services offered by this Intermediary Platform from assigning, conveying or transferring any of its obligations towards its Counter-Party(i.e. hiring employer, or employee) in any manner inconsistent with the terms of this Agreement.
  • 19. AMENDED AND CONSOLIDATED VERSION. This Data Privacy Policy Agreement constitutes the amended and consolidated, up-to-date version of this Agreement hereto, and is executed and made effective as of the Day, Month and Year above.
  • 20. CONTACT If you have any questions or concerns regarding contents or terms of our Data Privacy Policy (including amended versions thereof), or if you need assistance in managing your account, please contact us at support@collarcheck.com for redressal of your grievances.
  • 21. HEADINGS. Headings shall not be deemed to constitute an essential or integral part and parcel of this Agreement at any given time, but may be used as an external aid for the purposes of reading into the intendment of this Data Privacy Policy.
  • 22. INDEMNITY. Data Principal undertakes to indemnify, compensate and hold harmless, at all points of time, the Data Fiduciary against all, or any breach of contract, losses or injuries arising out of performance or execution of this Agreement hereto to the extent that Data Fiduciary has acted in good faith and discharged its fiduciary obligations towards it in a lawful manner.
  • 23. INCORPORATION. This Agreement subsumes & incorporates by reference, all prior Agreements executed on subject-matter of this document and declares this Agreement as being the updated version reflective of legal intent of the Data Fiduciary.
  • 24. SEVERABILITY. If, at any point of time on or after the Effective Date, any Article constituting an essential or integral portion of this document is declared as void, unconscionable or unenforceable; or otherwise, repugnant to, or opposed to public policy or Indian law by a valid decree, order, finding or judgement of any Court of Justice in exercise of its original or appellate civil or criminal jurisdiction, NOTHING THEREIN CONTAINED shall be ever deemed to impair execution of the portions thereby saved.
  • 25. FORUM NON CONVENIES. Each Party to this Agreement comprising Data Principal & Data Fiduciary hereby covenant, assure and warrant to one another that they do cause to waive any objections, cross-objections and related waivers as to venue of action instituted hereto; and warrant that all legal disputes arising out of the application, construction, execution, interpretation, scope or validity of this Agreement shall be ordinarily triable by the Courts of Justice at New Delhi, India.
  • 25.1NOTHING HEREIN CONTAINED under Article (25) shall be deemed to impair a Party to this transaction from causing to settle their respective legal disputes against each another by out-of-court settlement procedures such as mediation and/or arbitration.
  • 25.2AMENDMENT. This Data Retention Policy Agreement may be amended by Data Fiduciary at any point of time, and every such amendment thereby made shall be caused to be published on its website, as well as its Mobile Application for information of all interested parties, including Data Principal, thereby affected as a result of such amendment or modification thereof.
  • 26. CONSTRUCTION OF REFERENCES. Unless repugnant to the context or the subject-matter of this Agreement, references as to expressions importing words used in masculine gender shall be taken as covering their feminine counterparts; references as to terms importing words used in singular shall be deemed as covering their plural versions; and references as to either the Time or Day, or the relevant Calendar Month shall be taken as ordinarily meaning the British & not the Saka Calendar.
  • 27. APPLICATION OF INDIAN CONTRACT ACT ET. AL. For matters not expressly set forth herein, provisions set forth under the Indian Contract Act {IX OF 1872}; Information Technology Act {XXI OF 2000} & Commercial Courts Act {IV OF 2016} shall apply.
  • 28. PUBLICATION OF POLICY. This Data Retention Policy may be published, in addition to the portion designated in the Mobile Application, to the website vis-à-vis Web Application, if any, on which such Policy is ordinarily hosted by the Data Fiduciary.
  • 29. MISCELLANEOUS. For matters not expressly provided hereto, the provisions set forth under the Indian Contract Act; Information Technology Act, 2000; the Digital Personal Data Protection Act, 2023 & other laws in force shall apply.
  • 30. UPDATES. This Agreement may be updated from time to time. The “Last Updated” date at the bottom of our website page will provide the exact date & time on which updated version of this Data Retention Policy was uploaded on our platform.
  • 31. CONTACT. If you have questions or concerns regarding the contents of our Privacy Policy, Terms of Service or this Agreement, or if you need assistance in managing your account, please contact us at support@collarcheck.com for redressal of your grievances.