Privacy Policy

Published on 12-December-2015
Last Updated: 22nd April 2021 – V.4
This privacy policy has been designed to help you (a user, whether an individual, organisation or corporation, accessing our Services and/or a visitor of our Services) understand what Personal Data we collect through our on premise modeller SaaS model (Software as a Service), our SaaS platform XVigil, our web platform known by its proprietary name BeVigil (“BeVigil”) that allows you to verify and scan apps, our website (“Website“) and other services (“Collectively referred to as “Services”) owned and operated by CloudSek Information Security Private Limited (“we”, “CloudSEK” or the “Company”), how we use such Personal Data,  how it may be shared, and what choices you have. You can be assured that any Personal Data that you disclose to us will be treated only in the manner described in this privacy policy. For the purpose of this privacy policy, Personal Data shall mean any information that you provide to us which either directly or indirectly, whether true or not, about you or any other individual who can be identified from that data or in combination with other information we have or are likely to have access to. We conduct our business in compliance with applicable laws and shall collect, use and process data only in accordance with the regulations and guidelines on data privacy protection and data security. Please read this privacy policy carefully to understand our policies and practices regarding your Personal Data and how we treat it. If you do not agree with our policies and practices, you may choose not to use our Services. By visiting, accessing or using the Services or by otherwise voluntarily giving us your information, you agree to this privacy policy. You hereby expressly consent to our collection, use, sharing and disclosure of your Personal Data as described in this privacy policy. If you are a corporate entity or an organisation, references to the terms “you” and “your” shall include your employees, representatives and agents. You agree that you are the owner of or otherwise authorised by the owner of any Personal Data that you provide to us. You further acknowledge and confirm that this privacy policy shall apply to you as well as to any organization or company that accesses or uses the Software through you (each a “Customer”).

Information We Collect About Clients and How We Collect It

We collect information that you provide us directly or automatically when you use the Services. The collection of your Personal Data shall be strictly restricted to what is necessary for the purpose of fulfilling the purposes identified here in below. The information collected by us from you may include but is not limited to;
  1. The information that you voluntarily provide when you register for an account to access or use one or more of our Services and which shall include but shall not be limited to your name, email address, Customer details, or any other information provided by you during the use of our Services which you may enter into our system voluntarily.
  2. If you decide to avail any of our Services, and make payment for the same, we may collect your billing name, billing address and payment method. We do not store your credit card or debit card number, card expiry date or other details pertaining to your credit/ debit card on our Services. We use Razorpay for processing financial transactions on our behalf, all such third parties with whom we share your personal data for processing financial transactions on our behalf shall be bound by confidentiality.
  3. Any information entered by you when you interact with CloudSEK’s personnel for any purpose, including but not limited to reporting a problem with or difficulty using our Services or for providing feedback.
  4. Any information that we ask for and may collect from various sources, which may include but are not limited to, the information you voluntarily provide us at any events, seminars, conferences, talks, promotions, surveys organised by us, and/or information we collect when you submit web forms on our Website or if you use interactive features of the Website.
  5. When you use or visit our Services, we may collect information regarding your use of the Services, including but not limited to statistics and logins, search queries and open posts,  your Internet Protocol (IP) address, web browser type, web browser version, internet service provider, site trends, location, referring URL, timestamp information, app packages, app names, urls, email address, poll inputs and the operating system that your computer or device is running.
  6. We use such third-party services to optimise the functionality of our Services and to make our Services user friendly. We treat such data in the same manner as we treat Personal Data voluntarily provided by you, under this privacy policy.
  7. Cookies and other Tracking Technologies: We may collect Personal Data with the help of tracking tools like browser cookies. The term “cookies” refers to small pieces of information stored on the hard drive of your computer or computer while you view a site. The primary objective of cookies is recordkeeping and uniquely identifying your browser. We use cookies to improve the quality of our Services. Cookies help us to tailor our Services to best suit your preferences and provide you with ease and convenience while accessing our Services. Not all data collected from cookies is Personal data, such information is collected for creating a better user experience. Neither we nor any other Third Parties performing services on our behalf shall use cookies to automatically retrieve any Personal Data from your computer. We shall If you do not wish to receive cookies, you may configure your browser either to notify you when you receive a cookie or to disable cookies. It is pertinent you understand that should you choose to disable cookies, some functions of Services may not work properly or may not work at all.

How We Use your Information

We use the Personal Data  that is collected from you or that you provide to us or that we collect through other sources for the purpose of fulfillment of our obligations under our agreement with you and/or to comply with our statutory legal obligations.   Without prejudice to the above, enumerated hereunder is a non-exhaustive list of the purposes for which your Personal Data may be used/processed;
  1. To provide you with information that may be requested by you from time to time.
  2. To manage and regulate our Services and to provide information regarding management of your account.
  3. Create our own internal statistical for in-house analytical purposes;
  4. Collect and store it as part of the registration and in order to monitor your use of the Services;
  5. Contact you to ensure that the information we have in our records is accurate or when in need of additional information to complete your profile;
  6. Prevent activity we determine to be potentially illegal; Enforce this privacy policy and/or our Terms of Use/ Subscription Agreement or any other purpose referenced herein or therein.
  7. To facilitate communication and improve our business relationship with you and to respond to your queries, requests or complaints and/or resolve any issues and disputes which may arise in connection with any dealings with us.
  8. To control and monitor and ensure compliance with security arrangements and policies adopted by us, and also to ensure their compliance with the law and other regulatory obligations.
  9. To comply with any request or direction or lawfully disclose information required by any applicable law, regulation, direction, court order, bylaw, guidance, circular or code applicable to us
  10. To conduct research and development operations in relation to our Services, to improve our Services and for strategic business planning and development.
  11. To customize our Services to best suit your interests and enhance your experience while accessing our Services.
  12. To monitor and identify areas of our Services in which improvement may be needed.
  13. To investigate, detect and prevent any fraudulent transaction, unauthorised access to the services and prohibited or illegal activity or omission or misconduct.
  14. To conduct security investigations and risk management.
  15. We may use the information for the security of our company, customers, employees and/or our Services.
We shall not use your Personal Data for any purpose, then for what it is collected. We may use your Personal Data for purposes not stated hereinabove but only with your express or implied prior consent for such use.  

Sharing your Information

  1. We shall not sell, rent, share, disclose or transfer any of your Personal Data to any third party without your consent and without notifying you of the purpose for such transfer or sharing.
  2. We may share your Personal Data with third parties who undertake the performance of services on our behalf, with third party services who host, manage and maintain our website, develop applications for us, carry on analytics, provide financial services and store and backup data, these third parties shall use, retain or store information only for processing transactions and providing services on our behalf.
  3. We may upon your express consent disclose aggregate information in relation to user behaviour with actual or prospective business relationships such as advertisers and content distributors.
  4. We may disclose information if requested by a governmental or investigatory authority. We may also disclose information required to be disclosed by any applicable law, regulation, direction, court order, bylaw, guidance, circular or code applicable to us.
  5. With any third party involved in any proposed or actual sale of business, sale or transfer of our assets or stocks, merger, joint venture, assignment, reorganisation.
  6. We may with your prior and expressed consent share personal data for reasons not described in this privacy policy with third parties.

Transfer of your Personal Data

The information collected by us may be sent to servers located in the US and/or other countries around the world. By interacting with and/or using the Services you understand that your Personal Data will be transferred to such countries and you consent to such transfer. We do not transfer your Personal Data with third parties unless it is necessary to fulfil our obligations to you and as permitted by law. We shall make appropriate arrangements to ensure that your data is processed in a secure manner and in compliance with applicable data protection laws.  

Our Security Policy for your Personal Data

  We have made reasonable security arrangements to prevent unauthorised access, collection, use, disclosure, modification, loss, damage, disposal or similar risks of your Personal Data. We have adopted technical, physical, electronic, procedural administrative and organisational security measures in accordance with applicable laws and regulations and industry standards to protect your Personal Data. Although we have used our best efforts to ensure the security of your Personal Data, we cannot guarantee you that your Personal Data will never be disclosed in a manner that is inconsistent with this privacy policy. All our employees and intermediaries, who have access to and process your Personal Data, are trained in handling Personal Data and are required to respect the confidentiality of your Personal Data. You, therefore, agree that any security breaches beyond our reasonable control are at your sole risk and discretion, we cannot and do not accept responsibility for the same. If you have any questions about our security arrangements please contact us at the contact details provided herein under.


Data Retention

We will retain your Personal Data for as long as required to perform the purpose specified under this privacy policy. Upon termination of your account by cancellation or suspension, your Personal Data is destroyed or anonymised from our records and system. We may retain your Personal Data for the purposes authorized under this privacy policy, under our own internal data management policies, or in the event of a legal or other statutory requirement. Such information shall be retained for a minimum of 1 year.

Data Deletion

After a period of 1 year, we will either delete or anonymize your information or, if this is not possible (for example, because the information has been stored in backup archives), then we will securely store your information and isolate it from any further use until deletion is possible. If the data needs to be deleted in under one year after your contract ends, we could do that if explicitly asked for, and mentioned in the agreement at the beginning of your license period.

Personal Data of Minors

  We do not consciously collect Personal Data from minors (i.e individuals under 13 years of age) and respect the privacy of minors who may inadvertently use our Services and provide us with Personal Data. If you are a parent or a guardian we strongly recommend you to supervise the online activity of your minor children and ensure that your children do not disclose any Personal Data. If you believe that we may have unknowingly collected Personal Data from minors without parental consent, kindly contact us at the contact details provided hereinbelow, so that we may adopt appropriate measures to address the issue promptly and remove the information.

Links to other sites

  Our Services may contain links to other third party websites. This privacy policy does not apply to the privacy practices of those websites. We do not control and assume no responsibility for the content, security or privacy policies and practices on those websites. We request you to read the privacy policies of those sites to determine how they collect, process, use, disclose and protect your personal data.


Privacy Policy Updates

  We reserve the right to modify, revise and/or amend this privacy policy from time to time so as to reflect our current privacy practices. We may change the privacy policy without sending a prior notice of the same. We will post an updated copy/ new version on our Services. Any changes to this notice will come into effect on posting to this page. You are requested to check our site periodically for such updates. If you access our Services after a notice of change has been published on our page, you hereby provide us with your consent to the changed terms.


Privacy Policy Contacts

  If you have any questions regarding this privacy policy or about our privacy practices, you may contact our Data Protection Officer (DPO) appointed by us. We will make all efforts to ensure that any request, concerns, questions and grievances that you may have are resolved quickly and promptly.  Feel free to contact our DPO at; CloudSek Information Security Private Limited Attn: Data Protection Officer

Table of Contents