Scope of Policy

This Privacy Policy applies to:

1. Visitors to our website and platforms;
2. Clients or users of our services;
3. Prospective customers, vendors, or partners who interact with us;
4. Employees and contractors (to the extent applicable under law).

It governs all personal data we collect in physical, digital, or hybrid formats.

Information Collected from User

1. When User registers with Inventurs or uses the Services, Inventurs may ask the User to provide information such as: (1) personally identifiable information, which includes any information about the User that could reasonably be used to identify him/her in person, such as the User’s name, address, email address, or phone number (“Personal Information”), (2) Employment or professional information and (3) Device/ browser data, usage logs, or activity metrics (“Non-Personal Information”) and (4) information relating to any communication that the User may have with Inventurs or any other User using any of the Services offered on the Platforms (“Communication Information”).

2. In addition to any Personal Information that User chooses to submit via forms, consultations, or support interactions to Inventurs. Inventurs and its third-party service providers may use a variety of technologies that automatically (or passively) collect certain information, including but not limited to usernames, passwords, and other security-related information in relation to the usage of the Platforms, whenever User visits or utilizes the Services (“Usage Information”). Inventurs automatically receives and records information that the User’s browser sends whenever the User visits the Website. Further, these server logs may include information such as User’s IP address or a unique identifier (“Device Identifier”), browser type, browser language, the date and time of User’s request, and one or more cookies that may uniquely identify User’s browser from his/her computer or other device used to access the Services (“Device”). A Device Identifier is a number that is automatically assigned to User’s Device used to access the Services, and Inventurs’s computers identify User’s Device by its Device Identifier.

3. Cookies (refer Clause 7) may be used for many purposes, including, without limitation, remembering User and User’s preferences and tracking User’s visits to the Website. Inventurs uses temporary and permanent cookies when the User signs in, to identify him/her and keep track of his/her session. All such information is securely stored, and no Personal Information is stored on the User’s cookie.

4. Inventurs uses aggregate data collected in log files and cookies to enhance or otherwise improve the Services, ascertain User’s preference, to customize the advertising and content User sees, retrieval of information already provided by the User on the Website and the Application, improve the Services, develop new services, conduct research, etc. These cookies and log files do not store Users’ Personal Information, but they are tied to User’s Personal Information in Inventurs’ system.

5. Inventurs uses session ID cookies to make it easier for User to navigate through the Website and the Application. Session ID cookies expire upon one week of inactivity or when User closes his/her browser, whichever is shorter. Inventurs also uses a persistent cookie that remains on the User’s hard drive for an extended period, so that Inventurs can recognize such User when he/she returns to the Website or the Application.

6. Small graphic images or other web programming code called web beacons (also known as “1x1GIFs” or “clearGIFs”) may be present on the Website and the Application. Web beacons may be invisible to the User, but any electronic image or other web programming code inserted into the Website and the Application can act as a web beacon. Web beacons or similar technologies may be used for a number of purposes, including, without limitation, to count Users of the Services, to monitor how Users navigate the Services, to count how many sent e-mails were actually opened or to count how many particular articles or links were actually viewed. In contrast to cookies, which are stored on a User’s computer hard drive, clear GIFs are embedded invisibly on the Website and the Application. Inventurs does not tie web beacons to Personal Information.

7. Further, a programming code that is designed to collect information about User’s interactions with the Services (“Embedded Script”) is temporarily downloaded onto User’s Device from Inventurs’ web server. However, such Embedded Script is active only while User is connected to the Services, and is deactivated or deleted thereafter.

Use of such Information Collected

1. Inventurs collects and uses Personal Information, Communication Information, and Usage Data to provide and improve its services. This includes fulfilling user requests submitted via the website, mobile applications, or official social media platforms (including Meta, X, Pinterest, and others). The data may be used for including but not limited to:

   1. Delivering IT, web, and cybersecurity services requested by users;
   2. Responding to inquiries, scheduling demos, or providing technical assistance;
   3. Managing user accounts, transactions, and support requests;
   4. Enhancing and personalizing website functionality and user experience;
   5. Improving service offerings through usage analytics and customer feedback;
   6. Conducting targeted marketing, newsletters, and promotional campaigns, where consent is provided;
   7. Performing demographic profiling and online surveys for internal analysis;
   8. Communicating platform updates, new services, or changes in policies;
   9. Processing recruitment data for hiring, payroll, and employment law compliance;
   10. Complying with legal, regulatory, or contractual obligations;
   11. Resolving disputes, troubleshooting technical issues, and enforcing Inventurs’ Terms of Use and policies;
   12. Cooperating with legal authorities and responding to lawful requests.

2. User communications (e.g., emails, feedback, or testimonials) may be used in anonymized form for marketing or promotional purposes, only with appropriate consent and without revealing sensitive personal details.

User’s Rights

As a user of our services, whether through our website, mobile applications, SaaS platforms, or project-based solutions you are entitled to the following rights under applicable laws, including the Digital Personal Data Protection Act, 2023 and other data protection standards we follow:

1. Right to Access

   You have the right to request access to the personal data that we hold about you. This includes the right to know what personal information is being collected, understand the purposes for which it is being used, and obtain a copy of such data in a clear and structured format.

2. Right to Correction and Updating

   You may request correction or updating of any inaccurate, incomplete, or outdated personal information maintained by us. Upon verification, we will promptly update the records.

3. Right to Withdraw Consent

   Where the processing of your data is based on consent, you have the right to withdraw such consent at any time. Please note, however, that the withdrawal of consent will not affect the lawfulness of processing based on prior consent.

4. Right to Erasure

   You may request the deletion or deactivation of your personal data in the following scenarios:

   • If the data is no longer necessary for the purposes for which it was collected.
   • If consent is withdrawn and there is no other legal ground for processing.
   • If the data has been unlawfully processed.

   Note: Certain legal or regulatory obligations may require us to retain your information for specified periods.

5. Right to Restrict or Object to Processing

   In certain cases, you may request us to restrict or object to the processing of your personal data, particularly where the processing is; (i) for marketing purposes, (ii) based on our legitimate interests and you believe such interests are overridden by your privacy rights.

6. Right to Lodge a Grievance

   In case you believe that we have not handled your personal data in accordance with applicable data protection laws, you have the right to file a grievance with our designated Grievance Officer, who will respond to your complaint within the prescribed time limits set under law. You may also escalate the issue to the Data Protection Board of India or other competent regulatory authority if your grievance is not satisfactorily addressed.

7. Right to be Informed

   You will be informed at the time of data collection about the type of data being collected, the purpose and duration of processing, third parties with whom your data may be shared, and your rights as a data principal under law.

8. Right to Nominate

   You have the right to nominate another individual to exercise your data rights in the event of your incapacity or death. You may designate a nominee who can request correction, deletion, or access to your personal data and lodge a grievance on your behalf.

Disclosure of Personal Information

1. Inventurs does not rent, sell, or share Personal Information it collects about User to or with third parties unless consent of the Users has been obtained in this regard, and Personal Information collected from User is only used to provide him/her with the Services and to comply with any requirements of law.

2. We may share personal data with the following categories of recipients:

   1. Trusted Service Providers: Such as cloud storage platforms, analytics tools, website hosting providers, marketing technology vendors, or customer support platforms, strictly for operational purposes.
   2. Internal Teams: Access is limited to personnel who require it to perform their official duties, under role-based access and confidentiality obligations.
   3. Business Partners or Consultants: Who assist us in service delivery, business development, or compliance, under binding confidentiality agreements.
   4. Affiliates and Corporate Entities: To prevent fraud, enforce internal controls, or facilitate coordinated service delivery across group entities.

3. Inventurs may disclose Personal Information if required to do so by law or in good faith belief that such disclosure is reasonably necessary to respond to summons, court orders, or other legal process. Inventurs may disclose User’s Personal Information to law enforcement offices, third party rights owners, or others in the good faith belief that such disclosure is reasonably necessary to enforce Inventurs ’s Terms or this Policy, respond to claims of violation of the rights of a third party about any advertisement, posting or other content, or protect the rights, property or personal safety of Users or the public at large.

4. In the event of a merger, acquisition, sale of assets, reorganization, or bankruptcy, personal data may be transferred or disclosed to the acquiring or successor entity, subject to the continued protection of such data in accordance with this Policy.

Security of Information Collected from Users

1. Inventurs is committed to maintaining the confidentiality, integrity, and availability of the Personal Information it collects and processes. We employ industry-standard technical, administrative, and physical safeguards to protect user data from unauthorized access, misuse, loss, or alteration. These include, but are not limited to SSL/TLS encryption for secure data transmission, role-based access control, endpoint protection with regularly updated antivirus tools, and secure data storage with encrypted backups. Regular audits, system monitoring, and vulnerability testing are conducted to assess and strengthen security measures. Employees receive mandatory training on data security protocols.

2. All employees, contractors, and service providers are required to comply with our data protection policies and receive training on information security, phishing prevention, and data handling protocols. Any breach of data security policies by employees or contractors may result in disciplinary action, including termination and legal consequences in accordance with applicable laws and internal policy.

3. In the event of a data breach, Inventurs has implemented a Data Breach Response Plan, which includes:

   1. Immediate containment and investigation of the breach.
   2. Notification to affected users and relevant data protection authorities within the statutory timelines, as applicable.
   3. Measures to mitigate further risk, including revocation of compromised access and patching of system vulnerabilities.
   4. Affected users may receive advisory guidance or credit monitoring, depending on the severity of the breach.

4. Notwithstanding anything contained in this Policy, Inventurs shall not be liable for any unauthorized access, data compromise, or misuse arising directly or indirectly from the User’s failure to secure their credentials, use of weak passwords, sharing of login details, or negligence in safeguarding personal account information.

Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance user experience, analyze website performance, personalize content, and support security measures. Cookies are small text files stored on your device when you visit our website. By continuing to use our website, you consent to the placement and use of cookies as outlined in this policy.
Users are informed of our use of cookies via a cookie banner or pop-up upon visiting the site. You can manage or withdraw your cookie consent at any time through your browser settings or cookie preference tools provided on our website. Disabling certain cookies may affect site functionality.

1. Types of cookies we use

   1. Strictly Necessary Cookies: Essential for site functionality and secure login. These cannot be disabled.
   2. Performance & Analytics Cookies: Help us understand how users interact with our site (e.g., Google Analytics), enabling us to improve performance and usability.
   3. Functionality Cookies: Store user preferences (language, layout) and provide a personalized experience.
   4. Marketing Cookies: Used to deliver relevant ads or retarget users based on their browsing behavior (subject to prior consent). You can manage or block cookies through your browser settings.

2. Third-Party Cookies

   We may allow selected third-party partners to place and read cookies for advertising, analytics, and social media integration. These third parties operate under their privacy policies and may collect information about your browsing behavior across websites.

3. Data Retention

   1. Cookie data is retained only for the duration necessary to fulfill its purpose. For paid customers, all account-related data shall be retained for a period of thirty (30) days from the date of the last successful login. After the expiration of this period, the data shall be flagged for deletion and may be permanently removed from our systems, unless:

      • Continued retention is required under any contractual obligations;
      • The customer formally requests an extension of the data retention period before deletion;
      • Retention is mandated by applicable laws or regulations.

   2. Once data is deleted, it will no longer be recoverable. It is the customer’s responsibility to ensure timely backup or export of any required data prior to deletion.

Links to Other Websites

1. The Website or Application links to other websites external websites, platforms, or applications operated by third parties (“Third-Party Sites”) that are not owned, controlled, or managed by Inventurs.
2. These Third-Party Sites may collect, process, or store Personal Information, browsing data, cookies, or user activity independent of Inventurs. We do not endorse, monitor, or accept responsibility for the content, data practices, terms of use, or privacy policies of any such Third-Party Sites. Accessing such sites is done at your own risk, and we strongly encourage Users to review the respective privacy policies and terms of service before interacting with them.
3. By clicking on any such external links, you acknowledge that you are leaving Inventurs’ controlled environment and entering a website with its own privacy standards, which may not align with our policies or practices.
4. If you believe a third-party link on our website or services is malicious, misleading, or violates your privacy, notify us immediately at sales@inventurs.com .

Children’s Privacy

Our services are not directed to individuals under the age of 16 years. We do not knowingly collect personal data from children. If discovered, such data will be deleted promptly. Notwithstanding anything contained herein, we shall always presume that every User has adequate consent and free will to access Services and to enter into a legally enforceable contract with us.

International Transfers

Any User accessing or using the Website from any other region with laws or regulations governing personal data collection, use, protection and disclosure, that differ from Indian laws, understands and accepts that through his/her continued use of the Services, he/she is transferring his/her personal information to India and he/she consents to that transfer in compliance with the legal provisions on the subject matter as applicable in India, in addition to the Terms of Use and this Policy.

Grievance Officer

1. In accordance with the ‘Digital Personal Data Protection Act, 2023’, the ‘Information Technology Act, 2000’, and the ‘Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011’, Inventurs Cube LLP has designated a Grievance Officer to address data protection-related complaints and grievances.

2. Any data principal who has questions, concerns, complaints, or requests related to their personal data, including alleged misuse or unauthorized disclosure, may reach out to the Grievance Officer using the contact details provided below:

   Name: Inventurs

   Mailing Address: Workie Tech Park, Lower ground floor, Vijay Nagar, Indore, Madhya Pradesh (452001)

   Phone Number: +91 9425758111

   Email Address: sales@inventurs.com

   Working Hours: Monday to Friday, 10:00 AM to 7:00 PM (IST)

3. The Grievance Officer shall acknowledge receipt of the grievance within 24 hours and redress the issue within 7 days from the date of receipt, as per the obligations under the DPDP Act, 2023.
4. If the grievance remains unresolved within the stipulated period or the response is unsatisfactory, the data principal may escalate the matter to the ‘Data Protection Board of India’, as per provisions of the DPDP Act.

Communication

If the User has any questions or concerns regarding privacy, please send Inventurs a detailed message at sales@inventurs.com.