Xindus Trade Networks Private Limited, which is a company duly incorporated under the laws of India, and its affiliates worldwide (hereinafter collectively referred to as the “Company”, “Xindus” “we”, “us”, “our”) provide buyer and market access, order fulfillment, shipping, global trade compliance, and related financial transactions.
1. Applicability and Acceptance
1.2 This Policy is applicable to the Users who provide their Personal Information (as defined below) to the Company either through the Platform or otherwise, or whose Personal Information the Company otherwise collects, receives or processes in connection with the offer and sale of its Services. However, this Policy does not apply to Personal Information collected from you offline (unless otherwise specified) or to third-party websites to which Platform may link. This Policy should be read in conjunction and together with the terms of services and other policies as may be available on the Platform (collectively the “Terms of Service”). Please read this Policy carefully and in the event, you do not agree to the terms or policies specified herein, please discontinue the usage of the Platform and the Services.
2. Personal Information
2.1 While using our Services, we may ask you to provide us with certain personally identifiable information (“Personal Information”) that can be used to contact or identify you. The use and the collection of the Personal Information by the Company is dependent upon how the User interacts with the Platform and/or avail Our Services. Such Personal Information may include, but is not limited to:(a) First name and Last name;(b) Email address;(c) Phone number;(d) Date of Birth;(e) Address, State, Province, ZIP/Postal code, city;(f) Tax registration numbers;(g) Identification numbers;(h) Applicable KYC Documents;(i) Geographical Location.
2.2 We collect the above Personal Information when you sign up for our Services, access our Services, and at any time you update your Personal Information on your Xindus account.
2.3 It is your voluntary decision as to whether or not to provide the information as requested on the Platform. However, if you do not provide such information and/or data, we may not be able to provide certain Services or certain features of our Services or Platform, and your use of the Platform and our Services would be limited as a result.
2.4 We may also receive your Personal Information from third parties, such as our partners, third party service providers, etc. This may include your first and last name, identification number, age, gender, email address, address, delivery address and any information that you or the third-party service provider may share with the Company.
2.5 You may provide payment information when you use the Platform to avail our Services, including credit cards numbers, billing information using third-party intermediary PCI-DSS compliant service providers. The payment information is provided directly by you, via the Platform, into the PCI/DSS-compliant payment processing service to which the Company subscribes, and the Company does not, itself, process or store the payment information, except as stated herein. Further, these intermediaries are not permitted to store, retain, or use your billing information for any purpose except for payment processing on our behalf.
2.6 We may automatically collect behavioral and usage information about your visits to the Platform including the pages you view, the links and advertisements you click, search terms you enter, and other actions you take in connection with the Platform and Services. We may also collect certain information from the browser you use to come to Platform, such as your IP address, device identifier, location data browser type and language, access times, the Uniform Resource Locator (URL) of the website that referred you to our Platform and the URL to which you browse away from our site if you click on a link on our site.
3.1 Our purposes for collection of Personal Information shall include without limitation to the following:(a) to verify your identity;(b) to provide Users with Services, information, marketing and promotional materials;(c) for the management of the Services (such as parcel transportation, warehousing and technology services) provided to the Users;(d) to handle, respond and follow up service calls, enquiries, queries, feedback, requests and complaints;(e) to contact Users regarding our Services and provide updates;(f) to understand, diagnose, troubleshoot and fix issues with the Platform and the Services;(g) to communicate with you about your account, Services and activities on the Platform;(h) to conduct polls and surveys and periodically reach out to you via phone, email, or chat to understand your experience in using our Services;(i) to compile and analyze aggregate statistics in respect of the use of the Platform, Services and for our internal use;(j) to evaluate and develop new features, technologies and improvements for providing the Services;(k) ask for ratings and reviews of the Services and the Platform; and(l) to comply with legal and regulatory regulations, including customs and GST requirements.
3.2 Xindus strives to collect only such Personal Information which is necessary and adequate but not excessive in relation to the purposes set out hereinabove. To protect your privacy, you should not provide the Company with any information that is not specifically requested. In the event that Xindus requires the use of your Personal Information for a purpose other than those set out herein, Xindus shall process the Personal Information, so long as we have a ground under the law to do so which may be based on one of the following conditions:(a) Performance of a contract: Herein, we process the Personal Information as it is necessary in order to fulfil our obligations set forth under a contract or for the performance of our agreement with you;(b) Legal obligation: Herein, we process the Personal Information in order to comply with a legal obligation, such as keeping records for tax purposes or providing information to a public body or law enforcement agency;(c) Legitimate interests: Herein, we process your Personal Information where it is in our legitimate interest in running a lawful business. We will only rely on such a ground where an assessment has been performed balancing the interests and rights involved and the necessity of the processing in order to provide our Services, Platform and features to you. Few examples of Our legitimate interests are: (i) to offer information and/or services to individuals who visit the Platform or (ii) to prevent fraud or criminal activity and to safeguard our IT systems etc.
3.3 We will not collect additional categories of Personal Information or use the Personal Information we collected for materially different, unrelated, or incompatible purposes without seeking your specific permission to process your Personal Information and we will only process your Personal Information in this way if you agree to us doing so.
4. Sharing Personal Information
4.1 We do not rent, share, list or sell the Personal Information with any third parties, except as necessary for our legitimate professional and business needs, to allow you to access the Platform, provide Services, carry out your requests, and/or as required or permitted by an applicable law.
4.2 Xindus works with third party services providers to develop, improve and maintain the Platform and provide the Services and we may share Personal Information with them for fulfillment of our Services. Examples of third-party service providers are our listed couriers, shipping companies, insurance companies, payment providers and customer communication tools. In all instances, only necessary Personal Information fields will be shared.
4.4 The Company may also make all Personal Information accessible to its employees and data processors/third party vendors only on a need-to-know basis and for the purposes set out in this Policy. The Company takes adequate steps to ensure that all the employees and data processors/third party vendors, who have access to, and are associated with the processing of Personal Information, respect its confidentiality and that such data processors/third party vendors adopt at least such reasonable level of security practices and procedures as required under applicable law.
4.5 To the extent permissible under the applicable law, we may use and disclose any non-personal data (data which is does not contain any information that can be used to identify natural person) for any purpose. However, in the event we combine any non-personal data with Personal Information, then we will only use and disclose such combined information for the purposes described above while it is so combined.
4.6 We may also disclose or transfer the Personal Information, to another third party as part of reorganization or a sale of the assets or business of the Company. Any third party to which the Company transfers or sells its assets will have the right to continue to use the Personal Information and/or other information that a User provides to us in a manner consistent with this Policy.
5. Transfer Of Data
5.1 Your information, including Personal Information, may be transferred to and maintained on computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ from those from your jurisdiction. If you are located outside India and choose to provide information to us, please note that we transfer the data, including Personal Information, to India and process it there. Your consent to this Policy followed by your submission of such information represents your agreement to that transfer. Xindus will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Policy and no transfer of your Personal Information will take place to an organisation or a country unless there are adequate controls in place including the security of your data and other Personal Information.
6. Links to third party websites
7. Security Practices and Procedures
7.1 We take information security very seriously and maintain reasonable administrative, technical and physical safeguards designed to protect the Personal Information you provide against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure or use.
7.2 We use reasonable security measures to help protect against the loss, misuse and alteration of the Personal Information under our control. However, despite our best efforts, security cannot be absolutely guaranteed against all threats. In addition, please note that emails, messages sent via your web browser, and other similar means of communication with other Users, are not encrypted. Therefore, while we strive to protect your Personal Information, we cannot guarantee its security.
7.3 To the best of our ability, the access to your Personal Information is limited to those who have a need to know. Those individuals who have access to the Personal Information are required to maintain the confidentiality of such data. In addition, please note that emails, messages sent via your web browser, and other similar means of communication with other users, are not encrypted. Therefore, while we strive to protect your information, we cannot guarantee its security.
7.4 Please also be aware that we may use third-party cloud service providers that provide hosting, data storage and other services pursuant to standard terms and conditions that may be non-negotiable. These service providers have informed us or the general public that they apply security measures they consider adequate for the protection of information within their system, or they have a general reputation for applying such measures. However, we will not be liable (to the fullest extent permitted by law) for any damages that may result from the misuse of any information, including Personal Information, by these companies.
9. Targeted Marketing
10. Do-not track statement
11. De-Identified Information
We may aggregate and/or de-identify any information collected / received by us such information can no longer be linked to you or your device (“De-Identified Information”). We may use De-Identified Information for any purpose, including without limitation for research and marketing purposes, and may also share such data with any third parties, including advertisers, promotional partners, and sponsors, in our discretion.
12. User's rights
12.1 In the event, we process your Personal Information, you may avail yourself the rights explained below. Please note that prior to fulfilling your request in relation to the rights provided below, we may verify your identity associated with our Platform. In case we are unable to verify your identity, we reserve the right to deny a request. If you authorize someone to make a request on your behalf, we may also deny your request if we are unable to verify with you that the individual making the request is authorized to act on your behalf.
12.2 In the event, we are processing your Personal Information on behalf of another entity or are acting as a data processor, we will forward your requests, inquiries or claims concerning these processing activities to the respective data controller the necessary action.
12.3 Your rights are as follows:
(a) Withdrawal of Consent: Where we rely on your consent in order to process your Personal Information, you have the right to withdraw your consent at any time, by writing to us at Contact Us. However, if consent is provided to process any Personal Information is withdrawn, we may stop providing the Services or some features of the Services for which such Personal Information was sought. Please note that any processing that we have carried out before the withdrawal of your consent remains lawful. Provided that, notwithstanding such request, this information may be retained to comply with our legal obligations, resolve disputes and enforce our agreements.
(b) Right to review, correct, modify and delete: Further, Users can access, review, modify, correct and delete any Personal Information provided by them which has been voluntarily given by the User and collected by the Company in accordance with the Policy. Please note that in many situations we are required by applicable law to retain all, or a portion, of your Personal Information to comply with our legal obligations, resolve disputes, enforce our agreements, to protect against fraudulent, deceptive, or illegal activity, or for another one of our business purposes.(c) Right to opt-out: The Platform provides an option to all the Users to opt-out of receiving any promotional or marketing communications from us. If you do not wish to receive any promotional or marketing communications from us, you can Contact Us. However, we may still send you service-related communications to ensure continuity of Services.
12.4 The rights provided herein are subject to certain limitations as specified in the applicable laws. Any individual requests will be completed within the time allotted by relevant regulations, which starts to run from the point of the Company confirming your request. To the extent permissible by applicable law and where permitted, we may impose a charge for subsequent requests from the same individual which will be determined by the Company.
12.5 You will not be treated unfairly on account of your choice to exercise any of the above rights. You may be able to appoint an authorized agent to exercise your privacy rights on your behalf. Where we receive a request from an authorized agent, we may take actions to verify that the agent is appropriately authorized to act on your behalf, including by asking for written proof of authorization or confirming directly with you.
13. Retention of Personal Information
13.1 We will retain your Personal Information only as long as it is reasonably required or otherwise permitted or required under applicable law or regulatory requirements. We may also retain your Personal Information so long as it is necessary to fulfil the purposes for which it was collected (including for purposes of meeting any legal, administrative, accounting, or other reporting requirements). Your Personal Information is safeguarded against inappropriate access and disclosure, as per this Policy.
13.2 In case a User has withdrawn or cancelled his registration on the Platform, we are obliged under law to retain Personal Information for a period of one hundred and eighty days after such cancellation. In some cases, we may retain only non-personally identifiable data indefinitely or to the extent allowed by applicable law.
13.3 Notwithstanding the above, in many situations we are required by applicable law to retain all, or a portion, of your Personal Information to comply with our legal obligations, resolve disputes, enforce our agreements, to protect against fraudulent, deceptive, or illegal activity, or for another one of our business purposes.
Our Platform is not designed for individuals under the age of 18 (eighteen) (“Child” or “Children”) and we do not knowingly collect Personal Information from any Child. If you are a Child, you may browse our Platform, but please do not provide your Personal Information to us. For example, you cannot register. If we become aware that we have inadvertently received Personal Information from a visitor who is a Child, we will attempt to delete such Personal Information from our records. If you believe that we might have any Personal Information of a Child, please inform us by sending an email to the email id provided in the “Contact Us” section below.
15. Customer Comments and Content
If you post any comments or content on our Platform, you should be aware that any information including Personal Information you choose to provide there may be read, collected, or used by the third parties. We are not responsible for the information you choose to submit, and we cannot guarantee that third parties have not made copies of or will not use such information in any way.
16. Changes to Policy
We may update the Policy from time to time. The revised and most current version of the Policy will be updated and posted on the Platform directly. You are advised to review this Policy periodically for any changes. Changes to the Policy are effective when they are posted on the Platform. Any changes to the processing of Personal Information as described in this Policy affecting you will be communicated to you through an appropriate channel, depending on how we normally communicate with you. Your continued use of the Platform and Services after we make changes is deemed to be acceptance of those changes, so please check the Policy periodically for updates.
17. Contact Us
If you have any questions or comments about this Policy, the ways in which we collect and use your Personal Information, your choices and rights regarding such use, or wish to exercise your rights under law, please do not hesitate to contact us at:
Postal Address: 90B, 91springboard Business Hub Private Limited, Delhi Gurgaon Expressway, Sector 18, Gurugram, Gurugram, Haryana, 122015
Attn: Anurag Chowdary Ravi
18. Complaints and Grievance Redressal
For Users located in India, any complaints, or concerns with regards to content or comment or breach of these terms/ Policy may be informed to the designated Grievance Officer as mentioned below in writing or through email: Anurag Chowdary Ravi. Email: email@example.com, address: Xindus Trade Network Private Limited, 90B, 91 Springboard Business Hub Pvt Ltd, Delhi Gurgaon Expressway, Sector 18, Gurugram, Gurugram, Haryana, 122015.
[The Grievance Officer is identified above pursuant to the provisions of applicable laws including but not limited to the Information Technology Act, 2000 and the Consumer Protection Act, 2019, and the rules enacted under those laws.]
For Users located outside India, any complaints, or concerns with regards to content or comment or breach of these terms/ Policy may be informed to the designated Grievance Officer as mentioned below in writing or through email: : firstname.lastname@example.org, address: Xindus Trade Network Private Limited, 90B, 91 Springboard Business Hub Pvt Ltd, Delhi Gurgaon Expressway, Sector 18, Gurugram, Gurugram, Haryana, 122015.
Users in US
NOTICE FOR CALIFORNIA USERS
This PRIVACY Notice FOR CALIFORNIA RESIDENTS (“California Notice”) supplements the information contained in the general Policy and applies solely to visitors, users, and others who reside in the State of California. We have adopted this Policy in compliance with the California Consumer Privacy Act of 2018 (“CCPA”) and other California privacy laws. Any capitalized terms not otherwise defined herein shall have the meanings ascribed to them in the CCPA.
1. Categories of Personal Information collected
1.1 The Personal Information that the Company collects, or has collected from the Users in the 12 (twelve) months prior to the effective date of this Disclosure, fall into the following categories established by the CCPA, depending on which Service is used:
(a) Identifiers: such as your name, alias, address, phone numbers, IP address, your Xindus account log-in information, or a government-issued identifier (e.g. social security number, which may be required for tax purposes);
(b) Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)): such as a credit card number, debit card number or other payment information;
(c) Protected Classifications: information that may reveal age, gender, race, sexual orientation, or other protected classifications;
(d) Commercial information: such as purchase and logistic activity and other purchasing or consuming histories or tendencies;
(e) Internet or other electronic network activity information: including browsing history, search history, information on a consumer's interaction with a website, application, or advertisement. and the content of email and text messages;
(f) Geolocation data: such as the location of your device or computer, which may in some cases constitute precise geolocation information;
(g) Audio or visual information: such as if a service provider reviews recordings of customer service phone calls for quality assurance purposes, or if we use a service provider to fulfill your order;
(h) Professional information: for example data you may provide about your business; and
(i) Inference data: such as information about your activity on the Platform.
1.2 Personal information does not include:
(a) Publicly available information from government records.
(b) De-identified or aggregated consumer information.
(c) Information excluded from the CCPA's scope, such as: (i) health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA); and (ii) personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver's Privacy Protection Act of 1994.
2. Disclosure of Personal Information
We disclose your Personal Information for a business purpose to the following categories of third parties:
(a) Our affiliates;
(b) Service providers; and
(c) Third parties to whom you or your agents authorize us to disclose your personal information in connection with products or services we provide to you.
For more information on the use and disclosure of personal information, please consult our general Policy.
In the preceding twelve (12) months, we have not sold any Personal Information.
3. Your Data Rights:
3.1 You may have certain data rights under the CCPA. This section describes your rights and explains how to exercise those rights. Such rights include:
(a) Right to know: You have right to request the following information: (i) categories of the Personal Information that we have collected from you over the past 12 (twelve) months and the specific pieces of Personal Information, we have collected from you; (ii) categories of the sources from which Personal Information was collected; (iii) business or commercial purpose for which the Personal Information was collected; (iv) categories of the Personal Information that was disclosed for a business purpose or sold during the past 12 (twelve) months (v) categories of third parties to whom the Personal Information was disclosed or sold;
(b) Right to access your Personal Information in a portable format;
(c) Right to correct or delete your Personal Information. However, we might not delete Your Personal Information in certain events including (i) to detect security incidents; (ii) to debug to identify and repair errors; (iii) exercise free speech; (iv) to comply with CaliforniaElectronic Communications Privacy Act; (v) to engage in public, peer-reviewed, historical or statistical research; (vi) to comply with legal obligations;
(d) Right to opt out of the sharing of your Personal Information for cross-context behavioral advertising, as defined by the California Privacy Rights Act;
(e) Right to appeal the denial of any of these rights by submitting a form that will be provided to you if we deny a data request. However, depending on your data choices, certain services may be limited or unavailable; and
(f) Right to non-discrimination You have the right to not be discriminated against for exercising Your privacy rights under the CCPA.
3.2 No sale of personal information. In the 12 (twelve) months prior to the effective date of this Disclosure, Xindus has not sold any personal information of consumers, as those terms are defined under the California Privacy Rights Act.
3.3 California Privacy Rights Act Sensitive Personal Information Disclosure. The categories of data that Xindus collects and discloses for a business purpose include "sensitive personal information" as defined under the California Privacy Rights Act. Xindus does not use or disclose sensitive personal information for any purpose not expressly permitted by the California Privacy Rights Act.
3.4 California Privacy Rights Act Retention Disclosure. We keep your Personal Information to enable your continued use of the Platform and the Services, for as long as it is required in order to fulfill the relevant purposes described in the Policy, as permitted or as may be required by law, or as otherwise communicated to you. For example, we retain your transaction history so that you can review past purchases (and repeat orders if desired) and what addresses you have shipped orders to, and to improve the relevance of products and content we recommend.
3.5 California Privacy Rights Act Non-discrimination Statement. Xindus will not discriminate against any User for exercising their rights under the CCPA.
3.6 We might request certain additional information in order to verify your identity in relation to your request for exercising the rights mentioned above. You must also specify the rights you wish to exercise. We will verify your request and respond to you within 45 (forty-five) days.
3.7 You may designate another person or entity (“Authorized Agent”) to act on your behalf in connection with Your request for rights that are guaranteed by the CCPA. An Authorized Agent is a natural person or business entity registered with the Secretary of State to conduct business in California that you have authorized to act on Your or to make a request to know or to delete. You Authorized Agent can submit a request by sending an email to the email id provided in the California Notice attaching the signed permission. Please note that we may deny a request from an Authorized Agent that does not submit proof that they have authorized by you. Under the CCPA, your Authorized Agent is responsible for implementing and maintaining reasonable security procedures and practices to protect and use your Personal Information only for the purpose of fulfilling your request.
Employee Privacy Notice
In the course of conducting our business and complying with central/ federal, state, and local government regulations governing such matters as employment, tax, insurance, etc., we must collect Personal Information from you. The nature of the information collected varies somewhat for each employee, depending on your employment responsibilities, your citizenship, the location of the facility where you work, and other factors. We collect Personal Information from you solely for business purposes, including those related directly to your employment with the Company, and those required by governmental agencies.
Data collected may include, without limitation, such things as:
● Your name● User ID(s)
● Phone numbers
● Email address(es)
● Mailing addresses
● Banking and other financial data
● Family-related data, e.g., marital status,
● Personal and health -related data for you and your family
● Trade union data
● Government identification numbers, e.g., Aadhaar/ Social Security number, driver’s license number
● Date of birth
● Gender, race, and ethnicity
● Health and disability data
Anyone who sends unsolicited information to the Company by any means, e.g., mail, email, message, expressly consents to the storage, destruction, processing, or disclosure of the data, as well as any other reasonable business-related use by the Company or any government agency of the unsolicited data.
We do monitor employee use of the internet in order to detect access to inappropriate websites or other misuse of the Company’s computer network. We also use email filters to block spam and computer viruses. These filters may from time to time block legitimate email messages.
The Company will not knowingly collect or use Personal Information in any manner not consistent with this Policy, as it may be amended from time to time, and applicable laws.