Home
Publish listing Add
0 0

Privacy

Privacy Policy

 

H. Disclosure of Information:

 

  • Other users of Trade Directory Service may see your ratings submissions in a way that is consistent with the use of the Trade Directory Service. For example, a rating of "ABC Restaurant" on Trade Directory will be available to every user of the Trade Directory Service who has that mobile phone number in their mobile phone's address book or contact list and has tagged the mobile phone number as a friend in the Trade Directory App friends ratings feature. For more information on this feature, please refer paragraphs above.
  • We do not sell or share your Personally Identifiable Information (such as mobile phone number) with other third-party companies for their commercial or marketing use without your consent or except as part of a specific program or feature for which you will have the ability to opt-in or opt-out. We may share your Personally Identifiable Information with third party service providers to the extent that it is reasonably necessary to perform, improve or maintain the Trade Directory Service.
  • We may disclose your personal information to third parties, such as vendors, sellers, service providers, business partners and other stakeholders. This disclosure may be required for us to provide you access to our products and services; for fulfilment of your orders; for enhancing your experience; for providing feedback on products; to collect payments from you; to comply with our legal obligations; to conduct market research or surveys; to enforce our Terms of Use; to facilitate our marketing and advertising activities; to analyse data; for customer service assistance; to prevent, detect, mitigate, and investigate fraudulent or illegal activities related to our product and services, sending postal mail and e-mail, removing repetitive information from customer lists, analyzing data and links (including paid listings and links), processing payments, transmitting content, scoring, assessing and managing credit risk, and providing customer service. We do not disclose your personal information to third parties without your explicit consent. These third-party service providers may have access to personal information needed to perform their functions, but may not use it for other purposes. Further, they must process the personal information in accordance with applicable law.
  • We share information with our affiliated companies, business partners, associates etc with whom we are having an arrangement to provide/receive services. We may use the information we receive from them, and they may use the information we share with them, to help operate, provide, improve, understand, customize, support, and market our Services and their offerings. This includes helping improve infrastructure and delivery systems, understanding how our Services or theirs are used, securing systems, and fighting spam, abuse, or infringement activities and promoting, marketing of business.
  • As we continue to develop our business, we might sell or buy other businesses or services. In such cases, all of our rights and obligations under our Privacy Policy are freely assignable by us to any of our affiliates, in connection with a merger, acquisition, restructuring, or sale of assets, or by operation of law or otherwise, and we may transfer your information to any of our affiliates, successor entities, or third party while providing the services subject to the pre-existing Privacy policy.
  • We may disclose personal information if required to do so by law or in the good faith belief that such disclosure is reasonably necessary to: (a) respond to subpoenas, court orders, or other legal process or to government/ law enforcement agencies requests; (b) enforce our Terms and any other applicable terms and policies, including for investigations of potential violations; (c) detect, investigate, prevent, and address fraud and other illegal activity, security, or technical issues; or (d) protect the rights, property, and safety of our users, companies, or others. (e) for purpose of verification of identity, or for prevention, detection, investigation including cyber incidents, prosecution, and punishment of offences.
  • We disclose the account and other personal information when we believe such disclosure is appropriate to comply with the law; enforce or apply our Terms of Use and other agreements; or protect the rights, property, or safety of Trade Directory, our users, or others. This includes exchanging information with other companies and organizations for fraud protection.
  • Trade Directory shall share/disclose the data/information, without obtaining prior consent from You, with Government agencies mandated under the law to obtain information including sensitive personal data or information for the purpose of verification of identity, or for prevention, detection, investigation including cyber incidents, prosecution, and punishment of offences.

I. Transfer of information:

  • Trade Directory shall not transfer sensitive personal data or information including any information, to third parties in India, or outside India, except under the following circumstances:
    1. To fulfill your requests for products and services
    2. To fix errors, and improve the usability and effectiveness of the Services
    3. To fraud prevention, public safety and legal functions
    4. To prevent and detect fraud and abuse in order to protect the security of our customers, Trade Directory, and others
    5. It is necessary for the performance of the lawful contract between Trade Directory and data principal; or
    6. where data principal has consented to data transfer;
  • However Trade Directory ensures the same level of data protection that is adhered to by them as that of Trade Directory as provided for.
  • When using vendors to collect personal information on the behalf of Trade Directory, it shall ensure that the vendors comply with the data protection requirements of Trade Directory as defined in this Policy.

J. Retention of Your Information:

  • The Personal information may only be used for the purposes identified in the TOS and only if you have given consent. Personal information shall be retained for as long as necessary for business purposes identified in the TOS at the time of collection or subsequently authorized by you. We retain your personal information in accordance with applicable laws, for a period no longer than is required for the purpose for which it was collected or as required under any applicable law. However, we may retain data related to you if we believe it may be necessary to prevent fraud or future abuse or if required by law or for other legitimate purposes. We may continue to retain your data in anonymised form for analytical and research purposes.
  • When the use of personal information is no longer necessary for business purposes, a method shall be in place to ensure that the information is destroyed in a manner sufficient to prevent unauthorized access to that information or is de-identified in a manner sufficient to make the data non-personally identifiable. Trade Directory shall have a documented process to communicate changes in retention periods of personal information required by the business to you who are authorized to request those changes.
  • Trade Directory holding sensitive personal data or information shall not retain that information for longer than is required for the purposes for which the information may lawfully be used or is otherwise required under any other law for the time being in force. Trade Directory has framed the data retention policy and it retains all sorts of data/information including sensitive personal data or information in accordance with data retention policy. The data/information shall be de-identified/destroyed, when the purposes of data collection can be achieved, in accordance with our data retention policy.
  • Personal information shall be erased if their storage violates any of the data protection law or if knowledge of the data is no longer required by Trade Directory or for the benefit of the data providers. Additionally, Trade Directory has the right to retain the personnel information for legal and regulatory purpose as per applicable laws. Trade Directory shall perform an internal audit on an annual basis to ensure that personal information collected is used, retained and disposed-off in compliance with the applicable law.

K. Review of Information by You:

  1. Trade Directory shall establish & facilitates a mechanism to enable you to review the data/information you had provided, as per your choice, and shall access, edit, rectify, modify, delete any personal information or sensitive personal information found to be inaccurate or deficient. However Trade Directory shall not be responsible for the authenticity of the personal information or sensitive personal information supplied by you.
  2. You shall be entitled to obtain the details about your personal information upon a request made and set forth in writing. Trade Directory shall provide its response within 72 (seventy two) hours of receipt of written request. You shall have the right to require Trade Directory to correct or supplement erroneous, misleading, outdated, or incomplete personal information. We shall record & document each access request as it is received and the corresponding action taken. Trade Directory shall provide personal information to you in a plain simple format which is understandable.

L. Your Consent (Opt-in & Opt-out):

  • By visiting our Platform or by providing your information, you consent to the collection, use, storage, disclosure and otherwise processing of your information (including sensitive personal information) on our Platform in accordance with this Privacy Policy. If you disclose to us any personal information relating to other people, you represent that you have the authority to do so and to permit us to use the information in accordance with this Privacy Policy. You, while providing your personal information over our Platform or any of our partner Platform or establishments, consent to us (including our affiliates, lending partners, technology partners, marketing channels, business partners, vendors, service providers and other third parties) to contact you through SMS, instant messaging apps, call and/or e-mail for the purposes specified in this Privacy Policy.
  • If you want to manage, change, or edit your information, we allow you to do so through the Settings tools: You can change your settings to manage certain information available to other users. You can manage your contacts, groups, and broadcast lists, or use our block feature to manage the users with whom you communicate.
  • If you are vendors, you can add or update certain information in vendor’s module, update your account information by accessing your vendors Account Information, and adjust your e-mail or other communications you receive from us by updating your Notification Preferences.
  • You can add or update your Personal Information on regular basis. Trade Directory would retain your previous Personal Information in its records.
  • You may, of course, decline to submit Personally Identifiable Information through the Trade Directory Service, in which case Trade Directory may not be able to provide certain services to you. If you do not agree with our Privacy Policy or Terms of Service, please delete your account and uninstall the Trade Directory mobile application; your continued usage of the Trade Directory Service will signify your assent to and acceptance of our Privacy Policy and Terms of Service. To protect your privacy and security, we take reasonable steps (such as SMS authentication in certain cases) to verify your identity before registering your mobile phone number and granting you access to the Trade Directory Service. Please contact Trade Directory via email to privacy at TradeDirectory.org or available web forms with any questions or comments about this Privacy Policy, your personal information, your consent, or your opt-in or opt-out choices.
  • Trade Directory shall, prior to the collection of information including sensitive personal data or information, provide an option to you to not to provide the data or information sought to be collected. Trade Directory shall establish systems for the collection and documentation of Your consent to the collection, processing, and/or transfer of personal data. You shall be informed about the choices available to them with respect to the collection, use, and disclosure of personal information.
  • Further, Trade Directory shall establish & facilitates a mechanism to enable You to, at any time while availing the services or otherwise, to withdraw its consent given earlier to Trade Directory. If You not providing the consent or later on withdrawing your consent, Trade Directory reserves its right not to provide goods/services for which the said information was sought. Consent shall be obtained (in writing/electronically) from You before or at the time of collecting personal information or as soon as practical thereafter.
  • The changes to your preferences shall be managed and documented. Consent or withdrawal of consent shall be documented appropriately. The choices shall be implemented in a timely fashion and respected. If personal information is to be used for purposes not identified in the TOS at the time of collection, the new purpose shall be documented, You shall be notified, and consent shall be obtained prior to such new use or purpose. You shall be notified if the data collected is used for marketing purposes, advertisements, etc.,. Trade Directory shall review the policies of the Third Parties and types of consent of Third Parties before accepting personal information from Third-Party data sources.

M. Consent to Push Notification:

  • You agree and confirm that any review, rating and comments, including any other content or data therein, that you submit/post on Trade Directory platforms viz. WEB, WAP, APP & Phone etc. such details as per Trade Directory's discretion will be shared with your Tagged Friends who are the users of Trade Directory's services.

N. Third-party Advertisers, Links to Other Sites:

  • TradeDirectory is currently ad-free and we hope to keep it that way forever. We have no intention to introduce advertisement into the product, but if we ever do, we will update this section.
  • If you use Trade Directory services of our Partners, you will be redirected to Partners' websites/applications and your entry to Partners websites/applications will be based on your Trade Directory login credentials after seeking your permissions to share the data further. Trade Directory shall not be responsible for its Partner’s privacy practices or the content of their privacy policies, and we request you to read their privacy policies prior to disclosing any information. If you pay using our Services, we may receive information and confirmations, such as payment receipts, from app stores or other third parties processing your payment.

O. Children Information

  • We do not knowingly solicit or collect personal information from children under the age of 13 and use of our Platform is available only to persons who can form a legally binding contract under the Indian Contract Act, 1872. If you are under the age of 18 years then you must use our Platform or services under the supervision of your parent, legal guardian or any responsible adult.

P. Our Commitment to Information Security:

  • The security of your Personal Information is important to us. You are responsible for keeping your device and your account safe and secure, and you must notify us promptly of any unauthorized use or security breach of your account or our Services. Your account information is protected by the password you use to access your online account. Please keep this password confidential. Trade Directory uses commercially reasonable physical, managerial, and technical, electronic and procedural safeguards to preserve the integrity and security of your personal information. Trade Directory shall adopt reasonable security practices and procedures as mandated under applicable laws for the protection of your Information. For this purpose, Trade Directory adopts internal reviews of the data collection, storage and processing practices and security measures, including appropriate encryption and physical security measures to guard against unauthorized access to systems where Trade Directory stores your Personal Information. We cannot, however, ensure or warrant the security of any information you transmit to Trade Directory and you do so at your own risk and you hereby waive and release Trade Directory from any claim of damages under contract.
  • Trade Directory may share your Information with third parties under a confidentiality agreement which inter-alia provides for that such third parties not disclosing the Information further unless such disclosure is for the purpose. However, Trade Directory is not responsible for any breach of security or for any actions of any third parties that receive your Personal Information. Trade Directory is not liable for any loss or injury caused to you as a result of you providing your Personal Information to third party (including any third party websites, even if links to such third party websites are provided on the Website). Notwithstanding anything contained in this Policy or elsewhere, Trade Directory shall not be held responsible for any loss, damage or misuse of your Personal Information, if such loss, damage or misuse is attributable to a Force Majeure Event. A "Force Majeure Event" shall mean any event that is beyond the reasonable control of Trade Directory and shall include, without limitation, sabotage, fire, flood, explosion, acts of God, civil commotion, strikes or industrial action of any kind, riots, insurrection, war, acts of government, computer hacking, unauthorized access to computer, computer system or computer network, computer crashes, breach of security and encryption (provided beyond reasonable control of Trade Directory), power or electricity failure or unavailability of adequate power or electricity. While we will endeavour to take all reasonable and appropriate steps to keep secure any Personal Information which we hold about you and prevent unauthorized access. You acknowledge that the internet or computer networks are not fully secure and that we cannot provide any absolute assurance regarding the security of your Personal Information. We maintain physical, electronic, and procedural safeguards in connection with the collection, storage, processing, and disclosure of personal information. Our security procedures mean that we may occasionally request proof of identity before we disclose personal information to you.
  • We maintain reasonable physical, electronic and procedural safeguards to protect your information. Whenever you access your account information, we offer the use of a secure server. Once your information is in our possession we adhere to our security guidelines to protect it against unauthorized access. However, by using our platform, you accept the inherent security implications of data transmission over the internet which cannot always be guaranteed as completely secure, and therefore, there would always remain certain inherent risks regarding use of the Platform. You are responsible for ensuring the protection of login & password records for their account. You hereby waive and release Trade Directory from any claim of damages under contract.
  • We work to protect the security of your data/information including sensitive personal data during transmission by using encryption protocols and software. We follow the Payment Card Industry Data Security Standard (PCI DSS) when handling payment card data. If you choose a payment gateway to complete any transaction on Trade Directory Platform then your credit/debit card data/financial details may be stored in compliance with industry standards/ recommended data security standard for security of financial information, i.e., the Payment Card Industry Data Security Standard (PCI-DSS) and as per applicable law.
  • Trade Directory shall review the policies and collection methods of Third-Parties before accepting personal information from Third-Party data sources. The audit of reasonable security practices and procedures shall be carried cut by an auditor annually undertake significant upgradation of its process and computer resource.

Q. Transparency & Accountability Measures:

  1. Privacy by Design:
    • Trade Directory shall implement policies and measures to ensure that managerial, organisational, business practices and technical systems are designed in a manner to anticipate, identify and avoid harm to you;
    • Trade Directory shall implement policies and measures to ensure that the technology used in the processing of personal data is in accordance with commercially accepted or certified standards;
    • Trade Directory shall implement policies and measures to ensure that the legitimate interest of businesses including any innovation is achieved without compromising privacy interests;
    • Trade Directory shall implement policies and measures to ensure that privacy is protected throughout processing from the point of collection to deletion of personal data and processing of personal data is carried out in a transparent manner and the interest of the data provider is accounted for at every stage of processing of personal Data.
  2. Transparency: Trade Directory shall take reasonable steps to maintain transparency regarding its general practices related to processing personal data and shall make the following information available in an easily accessible form as may be specified -
    • the categories of personal data generally collected and the manner of such collection;
    • the purposes for which personal data is generally processed;
    • any categories of personal data processed in exceptional situations or any exceptional purposes of processing that create a risk of significant harm;
    • the existence of and procedure for the exercise of data principal rights;
    • the existence of a right to file complaints to the Authority;
    • Information regarding cross-border transfers of personal data, if any.
  3. Security Safeguards: Having regard to the nature, scope and purpose of processing personal data undertaken, the risks associated with such processing, and the likelihood and severity of the harm that may result from such processing, Trade Directory shall implement appropriate security safeguards including (a) use of methods such as de-identification and encryption; (b) steps necessary to protect the integrity of personal data; and (c) steps necessary to prevent misuse, unauthorised access to, modification, disclosure or destruction of personal data. Trade Directory shall undertake a review of its security safeguards periodically as may be specified and may take appropriate measures accordingly.
  4. Personal Data Breach: Trade Directory shall notify the Authority of any personal data breach relating to any personal data processed by Trade Directory where such breach is likely to cause harm to any data principal. The said notification includes, (a) nature of personal data which is the subject matter of the breach; (b) number of data principals affected by the breach; (c) possible consequences of the breach; and (d) measures being taken by the data fiduciary to remedy the breach.
  5. Record-Keeping: Trade Directory shall maintain accurate and up-to-date records of the following: (a) important operations in the data life-cycle including collection, transfers, and erasure of personal data to demonstrate compliance; (b) periodic review of security safeguards; (c) data protection impact assessments;
  6. Data Audits: Trade Directory shall have its policies and the conduct of its processing of personal data audited annually by an independent data auditor. The data auditor will evaluate the compliance of Trade Directory with the provisions of law including (a) clarity and effectiveness of notices, transparency, security safeguards, instances of personal data breach and response thereto.

R. Monitoring and Enforcement:

  1. Dispute Resolution & Recourse: Trade Directory shall define and document a cyber-incident management program which addresses the data protection & privacy related incidents. The incident management program includes a clear escalation path up to the executive management, legal counsel, and the board based on type and/or severity of the data breach. It shall define a process to register all the incidents/complaints and queries related to data breach. Trade Directory shall perform a periodic review of all the complaints related to data breach to ensure that all the complaints are resolved in a timely manner and resolutions are documented and communicated to the data principals. An escalation process for unresolved complaints and disputes which shall be designed and documented and the Communication of privacy incident / breach reporting channels and the escalation matrix shall be provided to all data providers.
  2. Dispute Resolution & Escalation Process for Employees: Employees with enquiries or complaints about the processing of their personal information shall first discuss the matter with their immediate reporting manager. If the employee does not wish to raise an inquiry or complaint with their immediate reporting manager, or if the manager and employee are unable to reach a satisfactory resolution of the issues raised, the employee shall bring the issue to the attention of the Grievance Officer.
  3. Dispute Resolution & Escalation Process for Customer / Third Party: Customers / Third Party with inquiries or complaints about the processing of their personal information shall bring the matter to the attention of the Grievance Officer in writing. Any disputes concerning the processing of the personal information of non-employees shall be resolved through arbitration.

S. Terms of Use, Policy & Revisions:

  1. If you choose to use Trade Directory Services, your use and any dispute over privacy is to this policy and our Terms of Use, including limitations on damages, resolution of disputes, and application of the prevailing law in India. If you have any concern about privacy at Trade Directory, please contact us with a thorough description, and we will try to resolve it. Our business changes constantly and our Privacy policy will change also. You should check our websites frequently to see recent changes.
  2. Unless stated otherwise, our current Privacy Policy applies to all information that we have about you and your account. We assure that will never materially change our policies and practices to make them less protective of your information collected in the past without your consent.

T. Grievance Officer:

1. In accordance with Information Technology Act 2000 and rules & regulations made thereunder, the name and contact details of the Grievance Officer are provided below:

Name : Mr. S.Sil
Contact No: 8100062255
Email: grievanceofficer@TradeDirectory.org

2. If you have a query, issue, concern, or complaint in relation to collection or usage of your personal information under this Privacy Policy, please contact us at the contact information provided above or write to us at privacy@TradeDirectory.org /grievanceofficer@TradeDirectory.org.

DEFINITONS:

"Act"

"Act" means the Information Technology Act, 2000 (21 of 2000);

"Automated means"

"Automated means" means any equipment capable of operating automatically in response to instructions given for the purpose of processing data.

"Biometrics"

"Biometrics" means the technologies that measure and analyse human body characteristics, such as 'fingerprints', 'eye retinas and irises', 'voice patterns', "facial patterns', 'hand measurements' and 'DNA' for authentication purposes.

"Body corporate"

"Body corporate" means any company and includes a firm, sole proprietorship or other association of individuals engaged in commercial or professional activities.

"Child"

"Child" means a data provider below the age of eighteen years

"Cyber incidents"

"Cyber incidents" means any real or suspected adverse event in relation to cyber security that violates an explicitly or implicitly applicable security policy resulting in unauthorised access, denial of service or disruption, unauthorised use of a computer resource for processing or storage of information or changes to data, information without authorisation.

"Cyber security"

"cyber security" means protecting information, equipment, devices, computer, computer resource, communication device and information stored therein from unauthorised access, use, disclosure, disruption, modification or destruction.

"Data"

"Data" means a representation of information, knowledge, facts, concepts or instructions which are being prepared or have been prepared in a formalised manner, and is intended to be processed, is being processed or has been processed in a computer system or computer network, and may be in any form (including computer printouts magnetic or optical storage media, punched cards, punched tapes) or stored internally in the memory of the computer.

"Data provider"

"Data provider" means the natural person to whom the personal data relates to.

"Data protection & Security"

Anyone collecting personal & customer information must fairly & lawfully process it only for limited, specifically stated purposes and use the information accurately and in a way that is adequate, relevant and not excessive, and retain the information/records no longer than absolutely necessary, process the information in accordance with law and keep the information secure and never transfer the information outside the country without adequate protection.

"Password"

"Password" means a secret word or phrase or code or passphrase or secret key, or encryption or decryption keys that one uses to gain admittance or access to information.

"Personal information"

"Personal information" means any information that relates to a natural person (individual), which, either directly or indirectly, in combination with other information available or likely to be available with a body corporate, is capable of identifying such person, i.e., Name, Address, mobile Number, email id, Date of birth etc.,.

"Data processor"

"Data processor" means any person, including the State, a company, any juristic entity or any individual who processes personal data on behalf of a data fiduciary, but does not include an employee of the data fiduciary.

"Processing"

"Processing" in relation to personal data, means an operation or set of operations performed on personal data, and may include operations such as collection, recording, organisation, structuring, storage, adaptation, alteration, retrieval, use, alignment or combination, indexing, disclosure by transmission, dissemination or otherwise making available, restriction, erasure or destruction.

"reasonable security practices and procedures"

"reasonable security practices and procedures" means security practices and procedures designed to protect such information from unauthorised access, damage, use, modification, disclosure or impairment, as may be specified in an agreement between the parties or as may be specified in any law for the time being in force and in the absence of such agreement or any law, such reasonable security practices and procedures, as may be prescribed by the Central Government in consultation with such professional bodies or associations as it may deem fit.

"Sensitive personal data or information"

Sensitive personal data or information of a person means such personal information which consists of information relating to; -

  1. password;
  2. financial information such as Bank account or credit card or debit card or other payment instrument details ;
  3. physical, physiological and mental health condition;
  4. sexual orientation;
  5. medical records and history;
  6. Biometric information;
  7. any detail relating to the above clauses as provided to body corporate for
  8. providing service; and
  9. any of the information received under above clauses by body corporate for processing, stored or processed under lawful contract or otherwise;

Provided that, any information that is freely available or accessible in public domain or furnished under the Right to Information Act, 2005 or any other law for the time being in force shall not be regarded as sensitive personal data or information.

"Third Party"

All external parties, i.e. contractors, interns, trainees, vendors, users etc., who have accessed to Trade Directory information assets or information systems.