Privacy is important to all of us at Sensorise, and you should know what personal information we collect and how we use, store or share this information. Please review this policy and let us know if you have any queries at [email protected].
Please note for the scope of this policy ‘Sensorise’ means Sensorise Digital Services Pvt. Ltd. and all its subsidiaries and the term ‘you’ refers to both people who interact with us as individuals and those who interact with us as representatives of businesses.
We intend to comply with all applicable regulations and good commercial practices in collecting and handling personal data including the GSMA Mobile Privacy Principles, the DOT ESIM Instructions and KYC Guidelines, the SEBI KYC Guidelines, the proposed Data privacy bills and EU GDPR. As an organization, we have subscribed to a set of principles to be followed by all our personnel and any third parties who handle data when they help us provide services to customers or manage our business.
What and Why we Collect?
We collect your personal data for compliance purposes and to provide you with seamless and uninterrupted services. We ensure that personal data we collect, and the process is adequate, relevant and limited to what is necessary, in relation to our purpose of collection. We may use this data to contact you in case of emergencies or potential interruption in services.
What do we do with the information we gather?
- To comply with applicable law and regulation (Government Compliance).
- In accordance with our legitimate interests in protecting Sensorise’s business interests, role as the machine-to-machine service provider in the IoT space, and legal rights, including but not limited to, use in connection with legal claims, compliance, regulatory and investigative purposes (including disclosure of such information in connection with legal process or litigation).
- To establish and fulfil a contract with you, for example, if you make a purchase from us or enter into an agreement to provide or receive services. This may include verifying your identity, taking payments, communicating with you, providing customer services and arranging the delivery or other provision of products or services. We require this information in order to enter into a contract with you and are unable to do so without it.
- With your express consent to respond to any comments or complaints we may receive from you, or to investigate any complaints received from you, about our portals, or our products or services.
- We may use information to provide you personalized (i) communications; (ii) setting up portal logins, and (iii) products or services for you, in accordance with our legitimate interests.
- To monitor the use of our portals and online services. We may use your information to help us check, improve and protect our products, content, services and website, both online and offline, in accordance with our legitimate interests.
- If you provide a credit or debit card, we may also use third parties (such as POS, payment gateway service providers) to check the validity of your account number and card number that you submit in order to prevent fraud, in accordance with our legitimate interests and those of third parties.
- In circumstances where you contact us by telephone, calls may be recorded for quality, training and security purposes, in accordance with our legitimate interests.
- We may use your information to invite you to take part in market research or surveys if you have given your consent for the same.
How do we protect your personal data and where do we store it?
- Security: Data is at the heart of an IoT business, whether it is personal data or data about our
customers’ devices. We use industry-standard measures to safeguard all data and have a continuous process in place to test the effectiveness of these measures and to review the threat landscape and new tools available. You have a role to play in security as well, and we ask that you use prudent measures to protect against unauthorized access to your account information, including logging out of your account when finished, not sharing your login information and taking other customary security precautions appropriate for the situation.
- Agreements with Affiliates and Other Parties who Process Personal Data: Sensorise is entering into formal agreements based on “standard contractual clauses” that commit us to follow the principles in
- Data Storage: The personal data that we collect from you is stored in India on our servers.
- Lawfulness, Fairness & Transparency: All your personal data, in all circumstances, will be processed lawfully, fairly and in a transparent manner in relation to the data subject.
- Accuracy: We take every reasonable step to update or remove data that is inaccurate or incomplete. You have the right to request us to erase or rectify erroneous data related to you, but this must be done within a month of the date of data collection.
- Integrity and Confidentiality: We commit to keeping your personal data safe and protected against unauthorized, or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical, or organizational measures.
- Phishing: We are aware that there are people who may pose as legitimate businesses and try to trick you into disclosing personal information that can be used to steal your identity. We will not request your account login or password, your credit card information or any sensitive data that could be used to steal your identity, in an unsolicited or non-secure email or telephone call. If you believe that someone representing themselves as being associated with Sensorise has requested this information in a contact that you did not request or initiate, please contact us immediately at [email protected] so that we take appropriate steps to find out the details.
With whom does Sensorise share personal data?
- Access by Sensorise staff: We allow access to personal data only to those of our employees, consultants or service providers who have a need to access the information for a lawful purpose. We train our employees on how to appropriately handle personal data and require that consultants and service providers do likewise.
- Access by other third parties: We may store your information with or allow access to your information to third parties who provide us with certain services, including website maintenance, database and cloud, customer support, payment processing, telecom service providers or other services. Our contracts with these service providers only allow the use of your information to provide these services and require that they do not disclose it unless required in certain situations, like those described in the following paragraph. We review the security policies and practices of our third-party service providers, as appropriate, as part of our own efforts to maintain the security of your information.
- Law Enforcement, Court Orders and Protection of Our Rights: We may disclose any of your information to government officials as necessary to comply with applicable laws and order, with advance intimation to you to the degree possible. If we receive a request to disclose any such information, we may do so if we believe in our reasonable discretion that such request is lawful, and that disclosure is reasonably necessary to comply. We may also disclose your personal data to respond to subpoenas, court orders, or legal process, or to establish or exercise our legal rights or defend against legal claims.
- Other Disclosures: We may also disclose your information if we believe it is necessary in order to protect our property rights or rights of a third party, to protect the safety of any person or of the public or to prevent any activity that we believe is harmful, illegal or unethical. For example, we may need to use personal data in order to enforce our terms of service with customers and our workplace rules or, to engage in other business or corporate transactions. We will put in place appropriate security measures, such as non-disclosure agreements, whenever possible.
How long do we keep personal data?
- We will not keep your personal data for any purpose longer than necessary to fulfil the original or a compatible purpose. In some instances, we are required to retain certain information by law or due to our role as the M2M service provider and for as long as reasonably necessary to meet regulatory or accreditation requirements to resolve disputes, prevent fraud and abuse, or to enforce our terms and conditions. Where this is the case, your personal data will only be processed for the relevant legitimate purpose and not used for marketing.
- Where you are a user, we will keep your personal data for the length of any contractual relationship you have with us and after that for a period of up to 2 years or as required for legal and compliance purposes, whichever is longer
- Where you are a prospective user and you have expressly consented to us contacting you, we will only retain your personal data for this purpose (a) until you unsubscribe from our communications;,
(b) while you interact with us and our content; or (c) for 2 years from when you last interacted with us for a point of future reference.
- In the case of any contact you may have with our customer services team, we will retain your details for as long as is necessary to resolve your query and for two weeks after the query is closed.
- We may retain your personal data for a time beyond the specified retention period, to allow for information to be reviewed and any deletion to take place. After it is no longer necessary for us to retain your personal data, we dispose of it securely according to the applicable policy.
Amendments or Updates to this Privacy Statement
Concerns and Disputes
Under No Circumstance, including, but not limited to, negligence, shall the Company be liable for any indirect, special, exemplary, or consequential damages that result from the use of its service, or the inability to use, including but not limited to the information, materials on the page, page content, page code, user services or the software. While the Company shall take reasonable precautions against security breaches, no webpage or Internet transmission is completely secure, and as such, the Company shall not be liable for any indirect, special, exemplary, or consequential damages that may result from unauthorized access, hacking, data loss, or other breaches that may occur.
All disputes if any, shall be subject to the exclusive jurisdiction of Courts in New Delhi, India only.