Privacy Policy

Effective Date: 2024-05-28

NEWLINE INFOTECH PRIVATE LIMITED (“we”, “our”, “us”) is committed to protecting the privacy of your personal data. This Privacy Policy explains how we collect, use, share, and safeguard your information when you use our software, applications, and services (collectively, the “Services”). This policy is in compliance with the Information Technology Act, 2000, and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011.

1. Information We Collect
We may collect the following types of information:

Personal Information: Includes name, email address, phone number, residential address, payment details, and any other personally identifiable information that you provide to us voluntarily.

Sensitive Personal Data or Information (SPDI): Includes passwords, financial information (such as bank account or credit card details), physical or mental health conditions, sexual orientation, medical records, biometric information, etc. (in accordance with the IT Rules, 2011).

Non-Personal Information: Includes information like IP addresses, browser type, operating system, and usage data that cannot be directly linked to a specific individual.

2. Purpose of Collection and Usage
We collect your personal information and SPDI only for lawful purposes, including:

Providing Services: To deliver, maintain, and improve our services and software.

Authentication: Verifying your identity for secure access to services.

Communication: Sending notifications about software updates, promotional offers, or responding to inquiries.

Compliance: Ensuring compliance with legal obligations and applicable regulations.

Security: Enhancing security measures, fraud detection, and preventing misuse of our services.

3. Consent
By using our Services, you consent to the collection and use of your personal information in accordance with this policy. You may withdraw consent at any time, but this may restrict your ability to use certain services.

For SPDI, your explicit consent will be obtained before collection, use, or transfer, except in situations where collection is necessary for compliance with legal obligations.

4. Disclosure of Information
We do not disclose your personal information or SPDI to third parties except under the following circumstances:

With Your Consent: Where you provide explicit consent for such sharing.

Third-Party Service Providers: For facilitating our services (e.g., cloud hosting, analytics) under strict confidentiality agreements.

Legal Requirements: Where disclosure is required by law or legal process, or to comply with applicable laws and regulations.

Business Transfers: In case of a merger, acquisition, or sale of assets, your information may be transferred to the new entity.

5. Reasonable Security Practices and Procedures
We adopt reasonable security practices and procedures in line with Rule 8 of the IT Rules, 2011. This includes the use of encryption, secure servers, and firewalls to safeguard your personal data and SPDI.

However, no method of transmission over the internet or electronic storage is completely secure, and we cannot guarantee absolute security.

6. Retention of Information
We retain your personal information for as long as necessary to fulfill the purposes outlined in this policy, or as required by law. After the retention period, personal data is securely deleted or anonymized.

7. Your Rights
You have the following rights under Indian IT laws:

Access and Correction: You may request access to your personal information and ask for corrections or updates.

Withdrawal of Consent: You can withdraw your consent to process your personal data or SPDI at any time.

Grievance Redressal: If you have any concerns or complaints, you may contact our Grievance Officer at the details provided below.

8. Cookies and Tracking Technologies
We use cookies and similar technologies to improve your experience and track usage patterns. You may refuse the use of cookies through your browser settings, but this may affect the functionality of some features.

9. Third-Party Links
Our services may contain links to third-party websites. We are not responsible for the privacy practices of these external websites. We encourage users to read the privacy policies of such websites before sharing any personal data.

10. Children’s Privacy
Our services are not directed at children under the age of 18. We do not knowingly collect personal information from minors. If we become aware that we have inadvertently collected such information, we will take immediate steps to delete it.

11. Changes to This Privacy Policy
We may update this policy from time to time. Any changes will be communicated through appropriate channels, and the “Effective Date” will be updated accordingly.

12. Grievance Officer
In compliance with Rule 5(9) of the IT Rules, 2011, we have appointed a Grievance Officer to address any concerns or grievances regarding your personal data. You may contact the Grievance Officer at:

Grievance Officer
Email: [Insert Grievance Officer Email]
Phone: [Insert Phone Number]
Address: [Insert Mailing Address]

We will address your complaints within 30 days of receipt, as required under Indian law.

Key Compliance Points for Indian IT Laws:
Sensitive Personal Data (SPDI): Clear definition and handling of SPDI (passwords, financial info, etc.).
Grievance Officer: Designating a grievance officer is mandatory under Indian law.
Consent: Explicit consent is required for collecting SPDI and general personal information.
Reasonable Security Practices: Companies must follow reasonable security practices such as encryption and secure data handling protocols.
Access and Correction: Users have the right to access and correct their data.
This version is compliant with Indian laws, but I recommend consulting a legal expert to ensure your policy covers any additional legal requirements specific to your company’s practices.