Privacy Policy

About this policy

Your privacy is important to us, and we are committed to protecting your privacy. We believe it is important for you to know what personal data we at Kratikal Tech Pvt. Ltd. collect from you, why we collect it, how we use it, and what rights you might be entitled to as a data subject or consumer.

It is important that you read this policy, together with any additional and more specific information we may provide to you on various occasions when we are collecting or processing personal data. Your use of our sites, products, or services indicates you agree to our collection, usage, and disclosure of your information as described in this Privacy Policy.

What is personal data?

Personal data refers to any piece of information that relates to an identifiable individual. This may include but is not limited to name, email ID, IP address, etc.

What information do we collect?

We collect the information only needed for legitimate business purposes.

You may need to provide some personal information such as your full name, email ID, contact details, designation, etc. when you sign up for an account, register for an event, ask for customer support, or wish to buy our product or services.

If you are availing our products or services; we may collect the following personal information from you or through your employer - full name, email ID, contact details, address, designation, fax, etc.

We may collect personal information directly from publicly available databases, social media sites, or in collaboration with our partners from time to time. You may also need to provide some personal information if you wish to explore employment opportunities with us.

Why do we collect this information?

We use personal information solely for the purpose of interacting with you and to enable you to avail of our products or services. We use personal information only for the specific reason for which it is provided. We do not sell your personal information to anyone.

How do we collect this information?

We gather your Personal Data when you access our website, submit information via our submission forms, get in touch with us, provide information directly to us, or upload data to our technology platforms. Additionally, we may receive Personal Data that has been collected by our affiliates, channel partners, service providers, and other third-party providers.

What the data will be used for?

We gather and handle personal information with specific objectives in mind. Firstly, we use it to deliver the services or products you've requested, ensuring your needs are met. Secondly, we employ your data to engage in communication, promptly addressing your inquiries and requests. Furthermore, we leverage this information to customize and elevate your experience on our platform or website, tailoring it to your preferences. We also utilize the data to enhance and refine our services and offerings, ensuring we consistently meet your expectations. Finally, it's essential for us to adhere to legal and regulatory obligations, which is another crucial purpose for collecting and processing personal data.

Legal Basis for Data Processing

The processing of your personal data is carried out on one or more of the following legal bases:

Your consent:  When you have given us explicit permission to process your data.

Contractual necessity:  When processing is necessary to fulfil a contract or take pre-contractual steps at your request.

Legal obligation:  When processing is required to comply with legal obligations.

Legitimate interests:  When processing is based on our legitimate interests or those of a third party, provided that such interests are not overridden by your interests or fundamental rights.

Data Sharing

We may share your personal data with the following categories of recipients:

Service providers:  Third-party entities that assist us in delivering our services.

Affiliates and subsidiaries:  Companies within our corporate group.

Legal and regulatory authorities:  When required by law or to protect our rights and interests.

Your Rights

You have certain rights regarding your personal data:

Access  You may request access to the personal data we hold about you.

Correction:   You have the right to correct any inaccurate or incomplete personal data.

Deletion:   You may request the deletion of your personal data under certain circumstances.

Objection:   You can object to the processing of your data for direct marketing or legitimate interests.

Portability:   You can request the transfer of your data to another data controller.

How to exercise your rights?

To exercise your rights, please contact us at legal@kratikal.com

How will we inform users of our privacy policy changes?

We reserve the right to update this privacy notice at any time, and we will provide you with a new privacy notice when we make any substantial updates. We may also notify you in other ways from time to time about the processing of your personal data.

Statement on protecting personal data.

We are fully committed to information security and compliance with applicable regulations. We have implemented strong security controls for the protection of data. We have designed and implemented an information security program in line with the International Organization for Standardization (ISO) 27001:2013 standard and Service Organization Controls 2 (SOC 2). We have put in place appropriate measures to comply with the European Union (EU) General Data Protection Regulation (GDPR).

Though we take reasonable measures to protect our assets against unauthorized access or attack; the internet inherently is not fully secure. While we work towards and strive to protect your personal information/privacy, we would like you to take note of inherent Internet risks associated with data transfer and processing. You also need to ensure that your User ID, Password, etc. are not disclosed to anyone and that your systems are safe for usage.

At any point, if you suspect any security issues or incidents, or you receive any suspicious mail from someone holding themselves out to be a Kratikal employee or from a fake website claiming to be affiliated with Kratikal, you may reach out to us at legal@kratikal.com

Additional information

California Consumer Privacy Act (CCPA):

The California Consumer Privacy Act (CCPA) is a significant piece of privacy legislation that came into effect on January 1, 2020, in the state of California, USA. The CCPA grants California residents greater control over their personal data by providing them with the right to know what information businesses collect about them, the right to request the deletion of their data, and the right to opt out of the sale of their data to third parties. It also imposes various obligations on businesses, requiring them to be transparent about their data practices, implement data protection measures, and respect consumers' privacy preferences. The CCPA has had a substantial impact on how businesses handle personal data and has set a precedent for data privacy regulations in the United States.

Virginia Consumer Data Protection Act (VCDPA)

The Virginia Consumer Data Protection Act (VCDPA) is a comprehensive data privacy law that was signed into law on March 2, 2021, and became effective on January 1, 2023. This legislation is designed to protect the personal information of Virginia residents by giving them certain rights and imposing obligations on businesses that collect and process their data. The VCDPA provides consumers with the right to access their personal data, request its deletion, and opt out of data processing for certain purposes. It also places responsibilities on businesses to be transparent about their data practices, implement security measures to safeguard data and conduct data protection assessments. The VCDPA signifies Virginia's commitment to data privacy and follows a growing trend of state-level data protection laws in the United States, like the California Consumer Privacy Act (CCPA) and the European Union's General Data Protection Regulation (GDPR).

United Arab Emirates (UAE) - UAE Data Protection Law

The UAE has established a framework to safeguard the personal data of its residents through Federal Law No. 2 of 2019, known as the Data Protection Law. According to Article 2 of this law, personal data encompasses information that can identify an individual directly or indirectly, aligning with the principles of the EU GDPR. The law is applicable to all entities, including government bodies, businesses, and individuals, and it governs the entire data lifecycle, from collection and usage to storage and transfer. A key objective of the UAE Data Protection Law is to ensure the lawful and equitable handling of personal data and to uphold individuals' rights, including their right to access, correct, and delete their data, thereby enhancing data privacy and transparency in the UAE.

Saudi Arabia - Personal Data Protection Law (PDPL)

Saudi Arabia's Personal Data Protection Law (PDPL) represents a significant development in data privacy regulations within the Kingdom. Enacted to safeguard personal data, the PDPL likely includes key provisions such as consent requirements for data processing, data subject rights, the appointment of Data Protection Officers (DPOs), rules for international data transfers, and mandates for reporting data breaches. The PDPL is aimed at ensuring that personal information is handled with care and in accordance with established data protection principles. As with any legal framework, it's crucial to stay updated on the most recent developments and consult official sources or legal experts for the latest information on personal data protection in Saudi Arabia.

India’s Digital Personal Data Protection Act, 2023

India has achieved a major milestone with the swift passage of the Digital Personal Data Protection (DPDP) Bill, 2022. This legislation, approved by the Union Cabinet on July 5 and subsequently passed in both houses of Parliament in August 2023, has now become the Digital Personal Data Protection Act. Alongside other related bills, including the Digital India Bill and the draft Indian Telecommunication Bill, 2022, this act forms a significant part of India's efforts to enhance data protection in its rapidly evolving digital environment.

Fundamentally, the DPDP Act aims to enhance accountability and responsibility for entities operating in India, including internet companies, mobile apps, and data-processing businesses. Emphasizing the "Right to Privacy," the law demands transparent and responsible handling of personal data, safeguarding the privacy and data protection rights of Indian citizens. Notably, the Act's jurisdiction extends beyond India's borders, covering data processing activities abroad, especially concerning organizations serving Indian individuals or profiling Indian citizens. This extension bolsters data protection, ensuring that Indian citizens' data enjoys strong safeguards even when handled outside the country.

Contact us about the privacy policy

If you have a privacy concern, complaint, or question regarding this privacy statement, please let us know by sending an email to legal@kratikal.com

We value your trust and will take the appropriate measures to ensure that we fulfil your request.