Your browser does not support the Canvas
GDPR Policy

1. INTRODUCTION

Xapads Media Private Limited is a company incorporated under the laws of India, having its registered office at Flat No. 82, Jai Triveni Apartment, H-3 Block, Vikas Puri, New Delhi- 110018, India [hereinafter referred to as “We” or “Us” or “Company” or “XAPADS”].

In accordance with all applicable laws, we have created this Privacy Policy [Hereinafter referred to as “Privacy Policy” or “Policy” or “Privacy Statement”] in order to demonstrate our privacy commitment to any individual whose data we collect, store or process for providing or offering our services, including individuals who visit our website [www.xapads.com].

This Privacy Policy will primarily help you understand:

  • The nature of information we collect from you
  • The sources from where your information is collected
  • The manner in which your information is collected
  • The purpose of collecting your information
  • The manner in which your information is stored, used and processed by us
  • The rights you have under applicable laws regarding such information collected by us
  • The process to contact us for any issues regarding the collection or use of your information

2.SCOPE

This Privacy Policy, as mentioned above, is intended to inform you how we gather, define, and use personal data or information that you provide to us when using our website and/or when relying on our services. This Privacy Policy also covers our treatment of any personal data or information that third parties share with us.

3.GOVERNING LAW

We are an organisation based and existing in India and are thus bound by the laws of the Union of India. This Privacy Policy has been prepared in accordance with applicable Indian laws, including the Indian Information Technology Act, 2000.

This Policy, however, contains some specific provisions in accordance with the “Regulation on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC” [Hereinafter referred to as “GDPR”]. These Specific Provisions are only applicable to EU Residents. EU Residents, in context to this Policy, are those individuals who are entitled to protection of their rights under the GDPR.

Thus, depending on where you reside some specific provisions and rights of a data subject, as mentioned in this Privacy Policy, may not apply to you.

4.APPLICABILITY

This Policy applies to all visitors to our website, individual to whom we provide our services, and other individuals who provide their personal information to XAPADS, including individuals whose data is provided to us by third parties. All such users, visitors and other individuals are hereinafter referred to as “Data Subject”.

5.OBJECTIVE

This Privacy Policy, as mentioned above, is intended to inform the Data Subject on how we gather, define, and use personal data or information that a Data Subject directly or indirectly provides to XAPADS when using our website, social media platforms or when relying on our services.

This Privacy Policy also covers our treatment of any personal data or information that third parties share with XAPADS.

This Privacy Policy will primarily help a Data Subject understand:

  • The nature of information we collect about a Data Subject directly or through third parties;
  • The sources from where a Data Subject’s information is collected;
  • The manner in which a Data Subject’s information is collected;
  • The purpose of collecting a Data Subject’s information;
  • The manner in which a Data Subject’s information is stored, used and processed by XAPADS;
  • The rights a Data Subject has under applicable laws regarding such information collected by XAPADS;
  • The process to contact XAPADS for any issues regarding the collection or use of a Data Subject’s information.

6. CATEGORY OF INFORMATION COLLECTED AND USED

A Data Subject’s Information collected by XAPADS primarily consists of: personal information and sensitive personal information [Collectively referred to as “Information” or “Data Subject Information”].

  • Personal Information

    When a Data Subject creates visits the XAPADS website or enters his/her information on any internet form owned by XAPADS, we may directly collect or ask the Data Subject to provide the following Personal Information:

    • First Name and Last Name
    • Personal E-mail ID
    • Company
    • Skype ID
    • IP Address
    • Mobile Number
    • Other information required to offer the best possible services
    • Behavioural or demographic attributes, when tied to personal identifiers

    Additionally, third parties to whom XAPADS provides its services may provide us with certain personal data of Data Subjects such as:

    • IP Address
    • Device Identity
    • ISP
    • User Agent

    Personal information means any information about a Data Subject from which that person can be identified. It does not include data where the identity has been removed [anonymous data] such as cookies, web beacons and other browsing information.

    Browsing Information is information collected through cookies and web beacons to track what features or web-pages you have viewed on our website, and other information about your browser and browsing behaviour. We use browsing information to improve the design and content of our website, to suggest content and products that we think may be relevant to you, and to help us learn things like what pages are most attractive to our visitors, and what promotions visitors like to see, and to gauge the success of our advertising campaigns.

    Because cookies and web beacons are the technology generally driving collection of browsing information, you can also block cookies to control data collection related to interest-based advertising. You can typically do so through your browser. For instructions, check your browser’s technical information. Preventing your browser from accepting cookies prevents the collection of your browsing information for purposes of delivering interest-based ads. However, it may also disable or interfere with other features on our website. For example, cookies allow us to remember your preferences when you logout of your account and then login again. Cookies also allow us to recognize you as an account holder when you return to our website. Most browsers accept cookies automatically.

    In addition to this, while you visit our website, we automatically receive and record certain information of your session. Like many other websites, our website uses log files to do so. These files merely log visitors to the website which is a standard procedure for hosting companies and a part of hosting services’ analytics. The information inside the log files includes internet protocol [IP] addresses, browser type, Internet Service Provider [ISP], date/time stamp, referring/exit pages, and possibly the number of clicks made by you. This information is used to analyse trends, administer the website, track your movement around the website, and gather demographic information. These log files and the information contained in it, such as IP addresses, and other such information, cannot be used by us to identify or ascertain your identity.

  • Sensitive Personal Information

    Certain categories of personal information, such as financial record, health or biometric information, sexual orientation, etc. are considered to be Sensitive Personal Information. Data Subject may choose to share his or her Sensitive Personal Information with XAPADS directly in certain circumstances.

    XAPADS collects and processes Sensitive Personal Information only when it is essential to offer its services to the Data Subject.

    By providing his or her Sensitive Personal Information, the Data Subject agrees that we may collect, use and share this information with third parties for the purpose of processing Data Subject’s service request[s].

    It is hereby clarified that Sensitive Personal Information shall constitute Sensitive Personal Data or Information under the Indian Information Technology Act, 2000.

7.HOW WE COLLECT Data Subject INFORMATION

We collect Information about Data Subject through the following means:

  • whenever a Data Subject uses our services [whether services provided directly by XAPADS or by other companies or acting on our behalf – for example through an ad agency]; .
  • when third parties provide us with Data Subject Information;.
  • when Data Subject visits our website; .
  • when Data Subject interacts with our staff;.
  • when Data Subject interacts with XAPADS via email or social media platforms; .
  • When Data Subject provides his/her information through an online form owned by XAPADS.

8.WHY WE COLLECT DATA SUBJECT INFORMATION

We use Data Subject Information to conduct our business and to provide Data Subject and our other partners with the best possible services and user experience. We will only use Data Subject Information based on this Privacy Policy, our contract with the Data Subject, and when the law allows XAPADS to.

In addition to this, we may disclose Data Subject Information:

XAPADS will collect adequate, relevant and necessary Data Subject Information and will process such information fairly and lawfully for the purpose it is collected. Most commonly, XAPADS will use Data Subject Information in the following circumstances:

  • Where we need to perform the contract we have entered into with the Data Subject;
  • Where we need to comply with a legal obligation;
  • Where it is necessary for our legitimate interests [or those of a third party] and the Data Subject’s interests and fundamental rights do not override those interests;
  • To enable the Data Subject’s use of our services;
  • To send non-marketing commercial communications to the Data Subject;
  • To send the Data Subject email notifications that the Data Subject has specifically requested for;
  • To provide services to third-parties where Data Subject has provided heir consent to such third-parties to collect their information;
  • To send Data Subject marketing communications relating to our business or the businesses of carefully-selected third parties which we think may be of interest to the Data Subject, where Data Subject has specifically agreed to this, by email or similar technology. However, the Data Subject can inform XAPADS at any time if the Data Subject no longer requires such marketing communications;
  • To provide third parties with statistical information about our users but those third parties will not be able to identify any individual user from that information;
  • To deal with enquiries and complaints made by or about the Data Subject relating to services provided;
  • To improve and customise our services in accordance with the Data Subject’s preferences;
  • To keep our website and other systems secure and to prevent fraud;
  • Where the Data Subject has given XAPADS explicit consent to do so.

In addition to this, we may disclose Data Subject Information:

We may also use Data Subject Information in the following situations, which are likely to be rare:

  • Where we need to protect the Data Subject’s interests [or someone else’s interests]
  • Where it is needed in the public interest or for official purposes or to fulfil a legal obligation. For instance, requests made by law enforcement agencies, courts or tribunals.

9.FAILURE TO PROVIDE INFORMATION

If a Data Subject fails to provide certain Information when requested, we may not be able to perform the contract we have entered into with the Data Subject, or we may be prevented from complying with our legal obligations.

The Data Subject hereby accepts and agrees that we shall not be held liable in any manner whatsoever if we are unable to perform our services or if there is a deficiency in our services to the Data Subject due to Data Subject’s failure to provide such information.

The Data Subject agrees that he/she shall not file or initiate any complaints, legal proceedings or claims against XAPADS and/or our employees, directors, associates, etc. in this regard. The Data Subject further agrees to indemnify and hold XAPADS and/or our employees, directors, associates, etc. harmless from any complaints, legal proceedings or claims filed or initiated by any third party against XAPADS in this regard.

10.CHANGE OF PURPOSE

We will only use Data Subject Information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.

If we need to use Data Subject Information for an unrelated purpose, we will notify the Data Subject and we will explain the legal basis which allows XAPADS to do so.

Please note that we may process Data Subject Information without Data Subject’s knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

11.CONSENT

Data Subject agrees that we do not need any additional or further consent from him/her to use Data Subject Information in accordance with this Policy to carry out our legal obligations or exercise specific rights.

12.INFORMATION SHARING AND DISCLOSURE

We may disclose Data Subject Information to any of our employees, officers, insurers, professional advisers, agents, suppliers or subcontractors insofar as reasonably necessary for the purposes set out in this Policy and for the purpose of providing services to Data Subject.

We may disclose Data Subject Information to any member of our company, including our subsidiaries and partners, insofar as reasonably necessary for the purposes set out in this Policy.

In addition to this, we may disclose Data Subject Information:

  • to the extent that we are required to do so by law;
  • in connection with any ongoing or prospective legal proceedings;
  • in order to establish, exercise or defend our legal rights including providing information to others for the purposes of fraud prevention and reducing credit risk;
  • to the purchaser or prospective purchaser of any business or asset that we are or are contemplating selling; and
  • to any person who we reasonably believe may apply to a court or other competent authority for disclosure of that information where, in our reasonable opinion, such court or authority would be reasonably likely to order disclosure of that information.

Except as provided in this Policy, we will not provide Data Subject Information to any other third party.

12.TRANSFER OF INFORMATION OUTSIDE INDIA

There may be occasions when we need to transfer Data Subject Information outside India in order to enable XAPADS to use the information in accordance with this Policy.

Such transfer of information may be to a country which does or does not provide the same level of data protection as in India. In these circumstances we will take appropriate steps to ensure that Data Subject Information is adequately protected.

Typically, such steps include carrying out data security reviews of any recipients and putting in place contracts with such recipients to ensure they employ the same or similar appropriate technical and organisational measures as XAPADS, so that Data Subject Information is adequately protected.

In the specific case of EU Residents, please note that the information that we collect may be transferred to countries which do not have an adequacy decision by the European Commission in respect of that country. This means that the country to which we transfer your information is not deemed to provide an adequate level of protection for your information. To ensure that your information does receive an adequate level of protection we have put in place strong inter country security measures to ensure that your information is treated by those third parties in a way that is consistent with GDPR.

Data Subject expressly agree to the transfer of his/her information described in this Section.

13.DATA SECURITY

We are committed to protecting Data Subject Information and thus implement appropriate technical and organisational security measures to protect it against any unauthorised or unlawful processing and against any accidental loss, destruction, or damage.

Appropriate physical, electronic, and managerial procedures have been put in place to safeguard and help prevent unauthorized access, maintain data security, and correctly use the information collected from Data Subject.

Data Subject Information is processed by XAPADS in strict accordance with the Indian Information Technology Act, 2000, and the rules notified thereunder. We implement and maintain ‘Reasonable Security Practices and Procedures’ as stated in the Indian Information Technology Act, 2000 and the Information Technology [Reasonable Security Practices and Procedures and Sensitive Personal Data or Information] Rules, 2011, while processing, collecting, or handling any Sensitive Personal Information collected from Data Subject.

Please note that in the specific case of EU residents, all information including their Sensitive Personal Information is secured and protected by us in accordance with GDPR.

15.DATA RETENTION

We will only retain Data Subject Information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

In some circumstances we may anonymise Data Subject Information so that it can no longer be associated with the Data Subject, in which case we may use such information without a further statement to Data Subject.

16. WHO HANDLES AND RETAINS Data Subject INFORMATION

Details about the primary entity which handles and retains Data Subject Information is provided below:
Xapads Media Private Limited
Flat No. 82
Jai Triveni Apartment
H-3 Block, Vikas Puri
New Delhi- 110018
India

DATA CONTROLLER
For the purposes of GDPR, we [Xapads Media Private Limited] are a data processor in as much as third-parties are providing us with Data Subject Information for processing purposes.

17. INFORMATION ABOUT CHILDREN

As a general rule, we do not intentionally collect Sensitive Personal Information or Personal Information about children under the age of 13. If we become aware that we have inadvertently collected such information about children under the age of 13, we will take steps to delete the information as soon as possible, except where we are required by applicable law to keep it.

In the specific case of EU Residents, it is the responsibility of the Data Controllers who provide us with the said Data Subject Information to obtain parental/guardian consent prior to collecting or using Sensitive Personal Information or Personal Information of an individual who is under the age of 16 years.

18. DELETION OF INFORMATION

Data Subject may at any time ask XAPADS to delete Data Subject Information. We will consider and where necessary comply with Data Subject’s request in accordance with applicable law, as explained above. Please note that after deleting the information, we may not be able to provide our services to the Data Subject.

We may, however, need to retain certain Data Subject Information for recordkeeping purposes and/or to complete any transactions that the Data Subject began prior to requesting deletion of the information. For instance, when a Data Subject participates in a promotion, he/she may not be able to change or delete the Personal Information provided to XAPADS until after the completion of such promotion.

There may also be residual information that will remain within our databases and other records, which will not be removed. In addition to this, there may be certain Data Subject Information which we may be unable to delete due to legitimate and legal reasons.

Data Subject hereby accepts and agrees that we shall not be held liable in any manner whatsoever if we are unable to perform our services or if there is a deficiency in our services to Data Subject due to Data Subject’s withdrawal of consent.

Data Subject agrees that he/she shall not file or initiate any complaints, legal proceedings or claims against XAPADS and/or our employees, directors, associates, etc. in this regard. Data Subject further agrees to indemnify and hold XAPADS and/or our employees, directors, associates, etc. harmless from any complaints, legal proceedings or claims filed or initiated by any third party against XAPADS in this regard.

19. WITHDRAWAL OF CONSENT

Data Subject may at any time revoke or withdraw Data Subject’s consent to provide Data Subject Information to XAPADS by using the applicable contact details set out at the end of this Policy. However, such action may render it impossible for XAPADS to offer its services to the Data Subject any further.

Data Subject hereby accepts and agrees that we shall not be held liable in any manner whatsoever if we are unable to perform our services or if there is a deficiency in our services to Data Subject due to Data Subject’s withdrawal of consent.

Data Subject agrees that he/she shall not file or initiate any complaints, legal proceedings or claims against XAPADS and/or our employees, directors, associates, etc. in this regard. Data Subject further agrees to indemnify and hold XAPADS and/or our employees, directors, associates, etc. harmless from any complaints, legal proceedings or claims filed or initiated by any third party against XAPADS in this regard.

20.RIGHTS OF EU RESIDENTS

Notwithstanding anything contained above, EU Residents have certain additional rights in relation to the information we hold about you. Some of these only apply in certain circumstances where we are the holding authority of the data and legally/contractually allowed as per the local laws as set out in more detail below.

To exercise any of your rights, please contact the Data Protection Officer at the details provided at the end of this policy.

Access
You have the right to know whether we process information about you, and if we do, to access that information we hold about you and to ascertain how we use it and who we share it with. Please note that we may not provide you with certain information if providing it would interfere with another’s rights [e.g. where providing the information we hold about you would reveal information about another person] or where another exemption applies.

Portability
You have the right to receive a subset of information we collect from you in a structured, commonly used and machine-readable format and a right to request that we transfer such information to another party. If you wish for us to transfer the information to another party, please ensure you provide details of that party and note that we can only do so where it is legally, contractually and technically feasible.

We are not responsible for the security of the information, its transmission or its processing once received by the third party. We also may not provide you with certain information if providing it would interfere with another’s rights [e.g. where providing the information we hold about you would reveal information about another person].

Correction or Restriction
You have the right to correct any Information held about you that is inaccurate.

Erasure
You may request that we erase the information we hold about you in the following circumstances:

a. you believe that it is no longer necessary for us to hold the information we hold about you;
b. we are processing the information we hold about you on the basis of your consent and you wish to withdraw your consent and there is no other ground under which we can process the information;
c. we are processing the Information we hold about you on the basis of our legitimate interest and you object to such processing;
d. you no longer wish us to use the information we hold about you in order to send you promotions, special offers, marketing and lucky draws; or
e. you believe the information we hold about you is being unlawfully processed by us.

However, please note that we may retain the information if there are valid grounds under law for us to do so. We will let you know if that is the case.

Please note that after deleting the information, we may not be able to provide the same level of servicing to you as we will not be aware of your preferences. Where you have requested that we erase information that we have made public and there are grounds for erasure, we will use reasonable steps to attempt to tell others that are displaying the information or providing links to the information to erase such information.

Restrict Processing of your Information
In certain circumstances, you have a right to ask us to stop processing your information other than for storage purposes. However, please note that even if we stop processing your information, we may use it again if there are valid grounds under applicable laws for us to do so [e.g. for the defence of legal claims or for another’s protection].

You may ask us to stop processing your information and just store it with us in the following cases:

  • Where your information is not accurate. In such a case you can ask us to stop processing your information for the duration it takes us to verify whether the information is accurate;
  • Where we wish to erase your information as the processing we are doing is unlawful but you want us to store the information instead;
  • Where we wish to erase the information as it is no longer necessary for our purposes but you require it to be stored for the establishment, exercise or defence of legal claims; or
  • Where you have objected to our processing of your information on the basis of our legitimate interest and during the duration it takes us to determine whether there is an overriding interest for us to retain such information.

Objection
You have the right to object to our processing of your information which is used to send you promotions, special offers, marketing messages, including where we build profiles for such purposes.

You may also object to the processing of your information [including where the processing is profiling] on the basis of our legitimate interest and your objection to such processing.

21. REVIEW OF INFORMATION

Data Subject can contact XAPADS at any time requesting access to Data Subject Information for reviewing or requesting amendment to certain information that Data Subject considers to be incorrect or wrong. XAPADS shall process such requests from Data Subject in accordance with applicable law.

22. CHANGES TO THIS PRIVACY POLICY

  • The Policy is subject to modification from time to time. If we decide to change our Policy, we will post those changes here so that the Data Subject will always know what information we gather, how we might use that information and whether we will disclose it to anyone.
  • We may also notify Data Subject in other ways from time to time about the processing of Data Subject Information.

23. GRIEVANCE OFFICER

In accordance with the Indian Information Technology Act 2000 and the rules notified thereunder, the contact details of the Grievance Officer are provided below:
Name: Prabhjinder Singh Ahuja
Email: singh@xapads.com
Address: Windsor IT Park, 5th Floor, Tower B, Plot No, A1, Sector 125, Noida, Uttar Pradesh 201301
Phone: + 91 9650 440777

This Policy was last updated on [21-09-2021].

24. DATA PROTECTION OFFICER [FOR EU RESIDENTS]

We have appointed a data protection officer in accordance with the GDPR to oversee compliance with this policy. If you have any questions about this Privacy Policy or any requests or complaints, please contact:
Name: Prabhjinder Singh Ahuja
Email: singh@xapads.com
Address: Windsor IT Park, 5th Floor, Tower B, Plot No, A1, Sector 125, Noida, Uttar Pradesh 201301
Phone: + 91 9650 440777

This Policy was last updated on [21-09-2021].