We, at Mai Labs Private Limited (“we”, “We”, “Us”, “us”, “Mai Labs”, “our”), endeavor to maintain strict adherence to data privacy of every individual. In our endeavor to guard such privacy, we inculcate stringent data privacy measures that are in accordance with the applicable laws. This Policy enshrined by us would govern the matters of collection, storage, retention, processing and disclosure of Personal Information. By visiting our website or downloading our application (*) (“Platform”), you (“You”, “you”, “user”) agree and acknowledge to be bound by this Policy and you hereby consent to allow us to collect, store, process and share your Personal Information in the manner set out in this Policy.
PRIVACY OVERVIEW:
When you use our services, you trust us with your Personal Information. We’re committed to keeping that trust, and that starts with helping you understand our privacy practices. Our Privacy sets the foundation for how we approach privacy at Mai Labs.
DEFINITIONS:
Personal Information:means any information that relates to a natural person, which, either directly or indirectly, in combination with other information, available or is likely to be available with a body corporate, is capable of identifying such persons.
Sensitive Personal Data or Information: refers to the personal data of a person which consists information on passwords; financial information such as credit/ debit card, bank account or other details and credentials; physical, physiological or mental health details; sexual orientation; medical records; biometric information; any other information provided to us or our agents, representatives, contractors etc. for providing service; or any other information received by us or our agents, representatives, contractors under any legal contract or otherwise. For your convenience, Personal Information and Sensitive Personal Information shall be collectively referred to as “Personal Information”.
Processingrrefers to any action performed on Personal Information, such as collecting, recording organizing, storing, transferring, modifying, using, disclosing, uploading or deleting.
- POLICY STATEMENT
- The objective behind enacting this Policy is to ensure strict compliance with the prescribed standards of data privacy with regards to Personal Information. This Policy is in compliance with the Information Technology Act, 2000 (“IT Act”) and General Data Protection Regulation (“GDPR”) (for users situated in European Union/European Economic Area) Rules to provide you with a reasonable standard of protection and assurance of safety. Through this Policy, we seek to create a protective and secure environment for dealing with your Personal Information.
TYPES OF INFORMATION WE COLLECT
- We may collect your Personal Information when you use our services through the Platform or otherwise interact with us. We collect Personal Information which is relevant and absolutely necessary for providing the services requested by you and to continually improve our services.
- Information collected from you during on-boarding: We collect, receive, and store your Personal Information that we require to register you on our platform and perform your KYC in order to be fully considerate of the anti-money laundering and counter terror financing legislations and principles. Such information includes your name, phone number, e-mail address, country of residence, identification proofs (such as passport, aadhar, driving license, voter cards etc.), taxation documents (PAN or equivalent), bank details (including cards and accounts), date of birth, blockchain address, wallet address, nominee details, photograph, device indemnifiers, cookies and other similar information that may be used to identify you.
- Your account on our Platform may be linked to your other social media accounts and therefore we may gather your Personal Information when you login to or sync data on our Platform using thirdparty account credentials such as Google Accounts and Facebook and such collection of Personal Information shall also come under the ambit of this Policy.
- We may also collect Personal information during your interaction and access of our Platform for providing better, personalized and enhanced services to you, such Personal Information may include browser type, operating system, Internet Protocol (“IP”) address, mobile device ID, wallet type, date/time stamps, login data, cookies, browser information, pixel tags, time zone setting and location, browser plug-in types and versions. We use this information to analyze trends, administer the Platform, track users’ movements around the Platform, and better tailor our services to your needs. For example, some of the information may be collected so that when you visit the Platform, it will recognize you and the information can be used to personalize your experience.
- We may receive Personal Data about you from third parties that offer their products and/or services for use in conjunction with our Platform or whose products and/or services may be linked with our Platform. While we process such data in accordance with this Policy, we do not make any representations or assurances of the method and processing of your Personal Data by such third parties such as third-party wallet providers, merchants, service providers, payment aggregators and gateways etc.
- Collection and processing of browser cookies: “Cookies” are small files containing data with are automatically generated by any browser you are using to access the Platform. These small data files do not directly contain any Personal Information but data about your usage of the browser. We collect and use cookies only for the purposes of improving our using experience. For example we use cookies to allow you to enter your password less frequently during a session. Cookies can also allow us to provide you with targeted information in line with your interests. We also use cookies to statistically record the use our services on the Platform, and to evaluate that use for the purpose of optimizing the services provided on the Platform.
WHY DO WE COLLECT YOUR DATA (“AGREED PURPOSES”).
- To on-board you on the Platform;
- To identify, register, authenticate and process the transactions made by you on the Platform;
- To comply with the mandatory KYC requirements and any other compliances under laws;
- To improve our internal administration and to manage and improve the services provided to you and the communication made with you;
- To improve the safety, performance, efficiency ease of use of the Platform and provide you with a more personalized experience;
- To adequately comply with any of our legal obligations towards you and our legitimate interest in being able to provide and improve the functionalities of the services we provide to you;
- To effectively manage and respond to any request you submit through our Platform;
- To make you aware of additional products and services which may be of interest to you, or to contact you regarding changes to and new offerings on our application/website, and special events and promotions;
- Provide customer support and respond to your requests and inquiries;
- To avoid and protect us against unintentional error, fraud, and any other criminal activities;
- if it is required by financial regulators to verify, mitigate, or prevent fraud or to manage risk or recover funds in accordance with applicable laws/regulations; inquiries;
- if requested by government authorities for government initiatives and benefit;
- for grievance redressal and resolution of dispute;
- Investigate and address conduct that may violate our polices; and
- Detect, prevent, and address fraud, violations of our terms or policies, and/or other harmful or unlawful activity.
We may pseudonymize and/or anonymous your Personal Information to analyze and track usage patterns that shall aid us in improving our Platform. Be assured that such pseudonymized and anonymized data cannot be used to identify you in any manner.
DISCLOSURE OF YOUR PERSONAL INFORMATION
- We may share your Personal Information within our company, strictly on a “need-to-know” basis. Our employees, IT team, representatives, subsidiaries shall use such information in consistence with the Agreed Purposes for which the information was originally collected or subsequently authorized by you. We will not disclose Personal Information to any other except for the Agreed Purposes, or with the user’s explicit consent, or with a legitimate interest or legal reason for doing so and where it is permitted by applicable law. In each instance, the disclosed Personal Information will be strictly limited to what is necessary and reasonable to carry out the Agreed Purposes.
- The Personal Information that you share with us might be shared with our agents, contractors, affiliates, and service providers such as external data processors (“Third Parties”) for the Agreed Purposes, for e.g., we might use a third-party KYC agency for performing user-identification and onboarding. Such Personal Information shall be shared with these Third Parties as the Platform is supported by their services and without having the necessary information, such service providers and affiliates will not be able to assist us in a manner to discharge our obligations towards you. However, be assured, we ensure that the Third Parties have adequate safeguards and adhere to data privacy norms not less stringent that those of our Policy and the applicable data protection laws. When engaging Third Parties, we enter into agreements with appropriate contractual clauses for protection of Personal Information including requirements to process the Personal Information only in accordance with provisions of applicable laws, instructions from us and to take appropriate technical and organizational measures to ensure that there is no unauthorized or unlawful processing or accidental loss or destruction of or damage to your Personal Information.
- Further, you shall always have the right to know which Third Parties are having access to your Personal Information. You may exercise this right by writing to us at care@myipr.io.
STORAGE PERIOD:
- We shall store and retain your Personal Information as long as it is required for the fulfilment of Agreed Purposes set out in this Policy or as required in accordance with the applicable data privacy laws, whichever is later (“Storage Period”). After the processing is complete or in case you withdraw the consent given for such processing, the Personal Information that is stored and retained with us shall be either deleted or anonymized in accordance with the applicable laws.
- However, it is to be noted that the Platform employ smart contracts that are executed on blockchain technology which is immutable and hence cannot be altered, amended or deleted unless allowed in the smart contract. If you use the Platform, you are consenting to allow certain information such as account transactions, wallet entries etc. to be cryptographically transmitted and stored on that blockchain that may be permanently stored on such blockchain.
SECURITY & RELIABILITY:
We take reasonable security measures to protect Personal Information against loss, misuse, unauthorized or accidental access, disclosure, alteration and destruction. We have implemented policies and maintained appropriate technical, physical, and organizational measures and followed industry practices and standards in adopting procedures for securing and implementing systems designs and protecting Personal Information from unauthorized access, improper use, disclosure and alteration.
- USER ACCESS TO PERSONAL INFORMATION:
- You can modify all of your Personal Information and your privacy preferences by accessing the "Account" section of this website/application at any given time. Users are encouraged to put in a diligent effort in updating their Personal Information from time to time, to continue the flow of seamless counselling and services.
- Subject to the limitation of immutability of data transmitted on blockchains, you may at any point of time, withdraw your consent given to us to process your Personal Information, pursuant to which, you shall not be able to access or use any service provided on the Platform and no further data of yours shall be collected or processed by us. However, the Personal Information already in our possession shall be stored and retained till the Storage Period. To withdraw your consent, please write to us at care@myipr.io.
- AGE TO ACCESS:
We strive to not knowingly collect Personal Information from any person below the age of 18. Our terms and conditions strictly restrict the access of minors to our Platform without the explicit consent of the parent or the guardian. However, if you are a parent or guardian of a minor who has provided us his/her Personal Information without your consent, kindly let us know by writing to our grievance officer.
- THIRD-PARTY WEBSITES:
Our Platform may contain links to third-party websites which are not our authorized Third Parties. When you click on a link to any other website or location, you will leave our Platform and go to another site, and another entity may collect Personal Information from you. We have no control over, do not review, and cannot be responsible for these third-party websites or their content. Please be aware that the terms of this Policy do not apply to these third-party websites or their content, or to any collection of your Personal Information after you click on links to such third-party websites. We encourage you to read the privacy policies of every website you visit. Any links to third-party websites or locations are for your convenience and do not signify our endorsement of such third parties or their products, content, or websites.
- COMMUNICATION:
In order to communicate with you and keep you informed about all our developments, products, events and promotions, we may periodically send you newsletters, emails, messages and app/website notifications. Such communication is not mandatory for you to access our Platform and we provide you with the opportunity to opt-out of receiving any such non-essential communications. If you wish to opt-out, please click on the unsubscribe button on the application/website and the emailers.
RIGHTS OF USER SUBJECT TO GDPR:
If you are a user who is subject to the GDPR, you have the right to:
- Request an access to your Personal Information collected and processed by us. You may also request a copy of your Personal Information which you shall receive in a structured, standard, and properly formatted manner. You may also request transmission of your Personal Information to another person responsible;
- Request a rectification of the incorrect Personal Information (if any) or completion of any incomplete Personal Information stored with us;
Subject to the data transmitted on blockchain at your consent, request deletion or removal of any of your particular or complete Personal Information stored with us;
- Dispute, object or request a restriction on processing of your Personal Information collected by us; and
- Withdraw your consent for processing of your Personal Information at any time in case you have previously given us your consent in this regard.
If you wish to exercise any of the rights mentioned above or any other legal rights you have under the GDPR regarding the collection, storage and processing of your Personal Information, you may write to us at care@myipr.io.
INTERNATIONAL USERS
The Platform is being operated and managed from India and is subject to the applicable laws of India. As an international user (located or situated outside of India) certain other data privacy laws of your territory may be applicable on processing of your Personal Information. However, when you access our Platform and provide your Personal Information through any mode whether through cookies or otherwise, you accept and acknowledge that your Personal Information is being processed in accordance with this Policy and the Personal Information may be processed and stored in India or other countries where the applicable provisions may be less stringent than the data privacy laws of your territory.
CHANGES TO THIS PRIVACY POLICY
This Policy may be updated from time to time for any reason. We will notify you of any changes to our Policy by posting the new Policy at (*). The date the Policy was last revised is identified at the beginning of this Policy. You are responsible for periodically visiting our Platform and this Policy to check for any amendments.
GRIEVANCE OFFICER:
- All your questions, discrepancies and grievances with respect to processing of Personal Information shall be made to the (Grievance Officer) at Grievance@mai.io
- The Grievance Officer shall redress the grievances of the users and other individuals expeditiously and in any event within the period prescribed under law. In case of any queries regarding the content, interpretation, implications of this Policy, you may contact the Grievance Officer at Grievance@mai.io