1. Introduction

    This Privacy Statement sets out details on how COMPLIANCE SUTRAS TECHNOLOGIES PRIVATE LIMITED (here in after referred as “CS”, or “Compliance Sutras” or “CSTPL”, or “Company”, or “Regtech Company”) and its affiliates, as applicable, collect, use, share and store your data, in respect of personal information collected through the website only, and not in respect of any products/ services being availed from COMPLIANCE SUTRAS.

    COMPLIANCE SUTRAS respects the right of individuals to have control over their personal data and ensures it acts in compliance with legislative and regulatory requirements.

    COMPLIANCE SUTRAS has implemented reasonable security practices and procedures that are proportionate with the nature of and functions of the business. While COMPLIANCE SUTRAS strives to implement above-par, industry best practices, however, we cannot guarantee the complete security of your personal information provided to us. You agree and acknowledge to be bound by this Privacy Notice, upon your visit to COMPLIANCE SUTRAS’s website and its sub-set pages, and further consent to our collection, usage, processing, and sharing of your personal information, as provided below. If you do not agree with these terms, do not use the COMPLIANCE SUTRAS website.

    2. Purpose of this Statement

    This Statement sets out how COMPLIANCE SUTRAS collects, uses, shares and stores your data, in respect of the personal information collected solely through the website and not in respect of any personal information collected while availing any products/ services from COMPLIANCE SUTRAS. It outlines COMPLIANCE SUTRAS’s responsibilities under the applicable laws and regulations, setting out how it will comply and provide instruction for handling personal data.


    .

    3. Collection of Personal Data

    COMPLIANCE SUTRAS collects the following personal information through its website, through two modes, viz. Enquiry submission or event search.

    • Demo and other Enquiry Submission: COMPLIANCE SUTRAS collects information including the name, email address, phone number, legal status (individual or company) country, and any other details provided by you, when submitting an enquiry through the website.
    • Events Submission: COMPLIANCE SUTRAS collects information including the name, email address, phone number, legal status (individual or company) country, and any other details provided by you, when requesting for marketing materials.

    4. Purposes for Collecting Personal Data

    COMPLIANCE SUTRAS collects personal data for the following purposes:

    • For responding to the enquiries submitted through the website, in respect of products/ services offered by COMPLIANCE SUTRAS, and event updates.
    • For marketing purposes and sharing information regarding new upcoming events.
    • For initiating feedback mechanisms, and improvement purposes of the website functionalities.
    • Reasons/Legal basis for Processing Personal Data Compliance with Legal Obligations per extant laws.

    5. Legitimate Interests

    COMPLIANCE SUTRAS may process your personal data when there is a weighed and balanced legitimate interest where the processing is needed, and such interest is not overridden by the rights of others, including yours. e.g., to provide the service required, internal documentation, contact customers in relation to the transaction or for customer care initiatives.

    6. Consent

    In certain scenarios, COMPLIANCE SUTRAS will process personal data from you only after you have provided your consent for that specific purpose. For example, before sending direct marketing materials to customers and/or potential customers if new purposes are identified for processing personal data provided to COMPLIANCE SUTRAS, fresh consent will be obtained before such processing.

    7. Personal Data Sharing

    In alignment with the purposes established in this privacy statement, COMPLIANCE SUTRAS may disclose personal data from you to Data Processors. COMPLIANCE SUTRAS may share personal data with third-party service providers, acting on behalf of COMPLIANCE SUTRAS (hereinafter Data Processors) to perform services on behalf of COMPLIANCE SUTRAS, for example, information technology, data hosting, marketing, customer care, event coordination, etc. COMPLIANCE SUTRAS takes reasonable measures to ensure that personal data that is processed by Processors is protected and not used or disclosed for purposes other than as directed by COMPLIANCE SUTRAS. Relevant Authorities – COMPLIANCE SUTRAS may disclose your personal data as necessary to meet legal and regulatory requirements. This may include lawful requirements to disclose personal data to government and regulatory authorities.

    8. Method of Securing Personal Data

    COMPLIANCE SUTRAS shall ensure that appropriate technical and organizational measures are adopted to protect personal data against unauthorized or unlawful Processing and against accidental loss or destruction of, or damage to, such personal data. In the event of an unauthorized intrusion (including any loss of devices containing personal data or unauthorized disclosures) whether physical, electronic, or otherwise, to any personal data held by a data processor, the data processor shall inform the data controller of the incident as soon as reasonably practicable. COMPLIANCE SUTRAS shall also inform the appropriate regulator or the data protection authority of the incident as soon as reasonably practicable

    9. Tenure of Personal Data Retention

    COMPLIANCE SUTRAS shall retain your personal data collected through the website for as long as it is necessary to fulfill the purpose for which it was collected, and for satisfying any legal obligations. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data, and whether we can achieve those purposes through other means, and the applicable legal requirements.

    10. Transfer of Personal Data

    COMPLIANCE SUTRAS shares personal data with regulatory and government organizations, partners and clients. All these transfers are made to fulfill the obligations of its contracts and to comply with laws and regulations. Further, if COMPLIANCE SUTRAS shares personal data with a third-party, for storing, COMPLIANCE SUTRAS aims to ensure that such third parties have safeguards for data protection as well as it is bound well through required contractual obligations. Further, COMPLIANCE SUTRAS does not allow such third parties to use the personal data for their own purposes.

    11. Cross-border Data Transfers

    COMPLIANCE SUTRAS may transfer your personal data collected to destinations outside of the country where the personal data was originally collected, within the COMPLIANCE SUTRAS group of companies, to fulfill the purposes for which your data is collected through the website. Where COMPLIANCE SUTRAS does so, COMPLIANCE SUTRAS aims to ensure that security measures and appropriate safeguards are put in place to protect personal data and ensure that all transfers comply with applicable data protection law. COMPLIANCE SUTRAS also aims to ensure that processing is only carried out following its instructions. In all cases where COMPLIANCE SUTRAS transfers personal data across borders, COMPLIANCE SUTRAS relies on acceptable and defined legal mechanisms to ensure that COMPLIANCE SUTRAS protects personal data at all times. COMPLIANCE SUTRAS may use agreements and adequacy protections that have been defined by the applicable regulations.

    12. Your Rights as Data Subjects

    Your rights as data subjects whose personal data is processed by COMPLIANCE SUTRAS are as follows:

    Right to Access
    Right to Rectification
    Right to Erasure
    Right to Nominate
    Right to Grievance Redressal
    Contact Person for Data Subjects

    For any details on personal data that COMPLIANCE SUTRAS possesses or processes, you may please write to connect@regtechcomply.ai

    13. Breach of Data Protection

    Any breach of Personal Data should be notified in writing to connect@regtechcomply.ai. Further, COMPLIANCE SUTRAS has the responsibility to bring it to the attention of the relevant authority as soon as the breach is identified.

    14. Changes to this Statement

    COMPLIANCE SUTRAS reserves its right to update this Statement at any time. Therefore, you as data subjects should periodically review the COMPLIANCE SUTRAS website to make sure they are aware of the latest version.

    Last updated on Oct 27, 2024.