Privacy Policy

1. Privacy policy statement

1.1 Privacy polic

NeuRetail is a leading professional services firm providing identity assurance solutions to a broad range of customers. Under the broad umbrella of NeuRetail, we refer to the following entities who may work as part of our organization NeuRetail Innovation Technologies Pvt Ltd.,

The organization (including our related bodies corporate are) is committed to protecting your privacy. This commitment reflects the value we place on earning and keeping the trust of our employees, customers, clients, business partners and others who share their personal information with us.

What kinds of personal information do we collect and hold? The information we collect may include

Where we collect personal information, we will ensure that it is necessary and is done,

as per the client requirements and necessary authorization and consent will be done by client.

Do we collect information about and from children?

Under any circumstances, we DO NOT collect information about and from children.

How do we collect personal information?

The information is collected from the business applications provided to obtain the information. Some technical information (e.g., access logs, access location) may be collected during your visit to our website.

Why do we collect your information?

We collect, use, hold and disclose personal information to provide you the services related to KYC.

This may include:

Automatic collection

In some instances, we automatically collect certain types of information when you visit our websites and through e-mails that we may exchange. Automated technologies may include the use of web server logs to collect IP addresses, “cookies” and web beacons. Further information about our use of cookies can be found in our Cookie policy.

Cookie policy

We use cookies on our websites and apps to provide a better user experience and tailor the content for you. More details can be found in the cookie policy cookie-policy.docx

Access to and ability to correct the personal information?

Our business applications and processes are designed to collect your information for verification only. This will not allow you to modify the existing data

Other rights regarding your information.

Subject to certain exemptions, the laws in the jurisdiction in which you live, and in some cases the processing activity we undertake, you may have certain rights in relation to your personal information. We have listed some of the common rights that may be applicable. When you exercise these rights, we may need to ask you for additional information to confirm your identity, before disclosing information to you or responding to your request. We will not charge a fee unless your request is excessive, unfounded and/or we are permitted by law to levy such charges. You can exercise your rights by contacting us. Subject to legal and other permissible considerations, we will make every reasonable effort to honor your request promptly or inform you if we require further information in order to fulfill your request. We may not always be able to fully address your request, for example if it would impact the duty of confidentiality we owe to others, or if we are legally entitled to deal with the request in a different way. If we cannot fully address your request, we will contact you to let you know and explain the reason why your request was denied.

Right to Access: Not applicable.

Right to Correction: Not applicable

Right to be Forgotten (Right to Erasure): Not applicable

Right to Restrict Processing: You have the right under certain circumstances to request the restriction of your personal information from further use, e.g., where the accuracy of the information is disputed, and you request that the information not be used until its accuracy is confirmed.

Right to Data Portability: You have the right under certain circumstances to data portability, which requires us to provide personal information to you or another controller in a commonly used, machine readable format, but only where the processing of that information is based on consent or the performance of a contract to which you are a party.

Right to Object to Processing: You have the right to object the processing of your personal information at any time, but only where that processing is based our legitimate interests as its legal basis. If you raise an objection, we have an opportunity to demonstrate that we have compelling legitimate interests which override your rights and freedoms.

Right to Object to Direct Marketing: Where your personal information is processed for direct marketing purposes, you shall have the right to object at any time to processing of personal data concerning him or her for such marketing. We will provide specific information on how to opt-out from our marketing initiatives through the medium we communicate with you.

Who do we disclose personal information to and why?

We DO NOT disclose or sell your information to any external entity. We do not share your information with any external entity unless it is required by law or to perform any designated work under contract.

Do we store and share your information overseas?

We may store the information in cloud-based storage tenancies to host information storage and business applications Microsoft Azure & Google Cloud (India regions) or based on the client data storage policies.

EU Data protection

The General Data Protection Regulation (GDPR) regulates the processing of personal information under European Union (EU) law. The GDPR aims to protect the information relating to individuals in the EU and harmonise data protection laws across EU Member States.

If you are interacting with us in Europe, or we are offering products or services to you when you are located in the EU or we are monitoring your behavior while you are located in the EU, our collection, use, disclosure and processing of your personal information is regulated by the GDPR. This privacy policy provides adequate framework on how we manage your information in accordance with the GDPR.

How long do we retain personal information?

The duration of retention of personal information depends on the purpose for which it was obtained and its nature. We will keep personal information for the period necessary to fulfil the purposes described in this statement unless a longer retention period is permitted or required by law and in accordance with our Records Retention Policy. Personal information will be securely destroyed when it is no longer required.

How do we secure information?

The security of the personal information is important to us. We have implemented reasonable physical, technical, and administrative security standards in an effort to protect personal information from loss, unauthorized access, misuse, alteration or destruction and to ensure that such information is processed in accordance with applicable data privacy laws. Our security processes and controls adopt industry standards like ISO 27001 and technical standards including NIST and OWASP.

Changes to this statement?

We may update this privacy statement from time to time. When we do, we will post the current version and we will revise the version date located at the bottom of this page. We encourage you to periodically review this privacy statement so that you will be aware of our privacy practices. This privacy statement was last updated on 17-Nov-2023.

Contact us

We have a Data Protection Officer (DPO) that oversees our compliance with the GDPR. Please contact the location that is best placed to assist with your inquiry using the contact details below email and postal address.