Privacy policy

This privacy policy sets out the information practices we follow including the type of information is collected, how the information is collected, how the information is used and with whom it is shared.

DEFINITIONS

'Force Majeure Event' shall mean any event that is beyond our reasonable control and shall include, without limitation, sabotage, fire, flood, explosion, acts of God, civil commotion, strikes or industrial action or any kind, riots, insurrection, war, acts of government, computer hacking, unauthorized access to your mobile or storage device, crashes, breach of security and encryption.

'Personal Information' refers to any information that identifies or can be used to identify, contact or locate the person, to whom such information pertains including, but not limited to, name, address, phone number, email address, identification number or documents and any other information disclosed by you in relation to the Services.

'Sensitive Information' means sensitive personal data or information of a person means such personal information which consists of information relating to passwords, financial information such as bank account or credit card or debit card or other payment instrument details, biometric information, details of nominees and national identifiers including but not limited to: Aadhaar card, passport number, PAN, etc. For customers enrolled in Services provided by Klub personal information about the transaction is collected. Provided Any information that is freely available or accessible in public domain or furnished under the Right to Information Act, 2005 or any other law for the time being in force shall not be regarded as sensitive personal data or Sensitive Information for the purpose of these T&C.

'Thaposarty'e refers to any person or entity other than you or us.

Personal Information / Sensitive Information that may be collected and manner of its use

Personal Information provided by you in relation to the use of the Website: In order for you to access the Website, we may collect your Personal Information and / or Sensitive Information as may be required for the purposes connected thereto. We endeavour to protect the security of your information during transmission.

COOKIES

Cookies are small pieces of information saved by your browser onto your mobile device. Cookies are used to record various aspects of your visit and assist us to provide you with uninterrupted service. Cookies may be set in your browser by us when you access the Services or may be set in when you visit Third Party websites.

This anonymous information is maintained distinctly and is not linked to the Personal Information that you submit to us. We use cookies collected to:

Authenticate your login information

Enable our security features;

Show you advertising; and

Improve and develop the features of the Website.

Cookies have a specified duration of storage, please feel free to change your browser settings if you do not wish to accept cookies. However, please note that changing your browser setting may affect your experience on the Services.

OTHERS

In addition to the cookies, we may also collect information to enable us to better understand you so that we can improve your user experience; to assist our customer service and technical support personnel; and put processes in place to prevent fraud and unlawful use. In an effort to make the Website affective and improve the Website, certain information may be collected each time you access the Website. Such information may be saved in server logs in an encrypted form which may not identify you personally. Such information or data may include, but shall not limit to, IP address, your server details, duration of your visit, date, time or purpose of your visit. In addition to cookies we use web beacons, ad tags, pixels to advertise as part of the Services. The abovementioned data may be used by us and may be shared with our sponsors, investors, advertisers, developers, strategic business partners or other associates to enhance and grow the user experience in relation to the Website. It's important to note that the collected information is anonymized to ensure your privacy.

PURPOSE AND USAGE

Klub uses the information collected and appropriately notifies you to manage its business and offer an enhanced, personalised online experience on its website. Further, it enables Klub to:

1. Process applications, requests and transactions
2. Maintain internal records as per regulatory guidelines
3. Provide services to customers, including responding to customer requests
4. Comply with all applicable laws and regulations
5. Recognise the customer when he conducts online transactions
6. Understand the needs and provide relevant product and service offers
7. Obtain necessary rankings / ratings from various agencies (including CIBIL)

OTHER USES OF THE INFORMATION PROVIDED

We make all efforts to ensure that we collect only such Personal Information that we believe to be relevant in order to record, support, facilitate your access to the Website.

SHARING INFORMATION WITH THIRD PARTY SERVICE PROVIDERS IN RELATION TO THE SERVICES

To the extent necessary to provide you the Services, we may provide your Personal Information to Third Party contractors who work on behalf of or with us to provide you with such services, to help us communicate with you or to maintain the Services.

COMMUNICATION

We may offer email, short message service (sms), multimedia message service (mms) or other forms of communication to share information with you about certain promotions or features the Services may choose to offer or about our affiliates, subsidiaries, business partners, advertisers and sponsors. You may receive such communication when you have registered as a User.

DISCLOSURE OF INFORMATION

Klub may make disclosures of information diligently which is required pursuant to law or court order or under any legal procedure. We may or may not notify you for the same.

Rest assured, we handle such disclosures diligently, prioritizing your privacy and compliance with legal obligations.

LINK TO THIRD PARTY APPS AND WEBSITES

The Website and any communication sent to you may also contain/display Third Party advertisements and links to other websites or products and services. You agree and acknowledge that these apps and websites are operated by Third Parties and are not controlled by, or affiliated to, or associated with us unless expressly specified. We are not responsible for any form of transmission, whatsoever, received by you from any such Third Party. Accordingly, we do not make any representations concerning the privacy practices or policies of such Third Parties or terms of use of such websites or apps, nor do we control or guarantee the accuracy, integrity, or quality of the information, data, text, software, music, sound, photographs, graphics, videos, messages or other materials available on such websites or apps. The inclusion or exclusion does not imply any endorsement by us of the website, the Third Party, or the information on the website. The information provided by you to such Third Party websites shall be governed in accordance with the privacy policies of such websites and it is recommended that you review the privacy policy on any such websites and apps prior to using such websites.

These Third Party websites and apps and advertisers may use technology to send the advertisements directly to your browser. In such cases, the Third Party websites or advertisers automatically receive your IP address. They may also use cookies, JavaScript, web beacons and other technologies to measure the effectiveness of their advertisements and to personalize advertising content. We do not have access to or control over cookies or other features that such Third Party websites and apps and advertisers may use, and the information practices of these Third Party websites and apps and advertisers are not covered by this Privacy Policy. Please contact them directly for more information about their privacy practices.

SECURITY

We strive to ensure the security, integrity and privacy of your Personal Information and Sensitive Information. To protect your Personal Information / Sensitive Information against unauthorized access or unauthorized alteration, disclosure or destruction.

We are not responsible for any breach of security or for any actions of any Third Parties that receive your Personal Information / Sensitive Information. We are not/shall be not responsible for their privacy policies or practices as it is beyond our control.

Not withstanding anything contained in this Privacy Policy or elsewhere, we shall not be held responsible for any loss, damage or misuse of your Personal Information / Sensitive Information, if such loss, damage or misuse is attributable to a Force Majeure Event.

We prioritize the security, integrity, and privacy of your data. In the rare event of a breach, we conduct immediate investigations, implement containment measures, and adhere to transparency standards. Additionally, your data is retained only for the necessary duration to fulfill identified purposes

RETENTION

Information may be retained for a duration, required by regulatory clauses or as long as required to achieve the identified (and notified) purpose. If you have any questions about this Privacy Policy, please feel free to write to us at info@klubworks.com

In the unlikely event of a data breach, our commitment to your security includes immediate investigation, containment, and transparent communication.

Right to Be Forgotten:

In accordance with data protection regulations, including the General Data Protection Regulation (GDPR), we recognize and respect your right to request the removal of your Personal Information from our records. The right to be forgotten allows you to request the deletion or removal of your personal data when there is no compelling reason for its continued processing. To exercise your right to be forgotten or if you have any questions regarding the retention of your information, please contact us at security@klubworks.com

Timelines for Data Retention:

To provide clarity on the duration for which your information will be retained, we adhere to the following timelines:

1. Personal Information and Sensitive Information: Your Personal Information and Sensitive Information will be retained for a duration as required by regulatory clauses or as long as necessary to achieve the identified (and notified) purpose for which it was collected.
2. Cookies and Website Interaction Data: Information collected through cookies, web beacons, ad tags, pixels, and server logs will be retained for a reasonable duration to enhance and grow the user experience. This data is used to improve the Website's features, prevent fraud, and understand user behavior.
3. Communication Data: Data related to communication, including emails, short message service (sms), multimedia message service (mms), or other forms of communication, will be retained as long as necessary to provide information about promotions, features, or other relevant Services.
4. Third-Party Links: We do not have control over the data retention practices of third-party websites or mobile applications linked to the Website. Users are advised to review the privacy policies of such third parties for information on data retention.
5. For any questions or concerns regarding the retention of your information, including requests for removal or access, please contact us at security@klubworks.com or info@klubworks.com.
6. This addition enhances transparency by outlining specific timelines for the retention of different types of data, providing users with a clear understanding of how long their information will be stored.

SOP FOR POST-DATA DELETION SCREENSHOT

Objective:

To establish a Standard Operating Procedure (SOP) for providing brands with a screenshot post data deletion, ensuring transparency, and maintaining records.

Procedure:

1. Data Deletion Request: Upon receiving a data deletion request from a user or brand, the Data Protection Officer (DPO) or designated personnel will initiate the data deletion process.
2. Data Deletion Process: The DPO will ensure that all Personal Information and Sensitive Information associated with the user or brand is permanently deleted from the system. This process includes removal from databases, backups, and any other storage systems.
3. Generation of Screenshot: After successful data deletion, a screenshot capturing the confirmation of the completed deletion process will be generated. The screenshot will include the timestamp of when the deletion was finalized.
4. Storage of Screenshots: The generated screenshots will be stored securely in a designated folder or system for record-keeping purposes. Access to this folder or system will be restricted to authorized personnel only.
5. Communication with the Brand: The brand that requested the data deletion will be notified of the successful completion of the deletion process. The notification will include a reference to the stored screenshot for their records.
6. Record Maintenance: The stored screenshots will be maintained for a specified duration in compliance with regulatory requirements. A log detailing the date and time of each data deletion, along with the corresponding screenshot, will be kept.
7. Internal Audit: Periodic internal audits will be conducted to ensure adherence to the SOP. Any deviations or issues identified during audits will be addressed promptly.
8. Additional Notes: The SOP will be periodically reviewed and updated to align with any changes in data protection regulations or internal processes. Personnel involved in the data deletion process will undergo training to ensure proficiency and compliance with the SOP. This SOP ensures that brands receive tangible proof of data deletion, enhancing transparency and accountability in the handling of user information.

THIRD PARTY CONTENT

We cannot and will not assure that other Users are or will be complying with the foregoing rules or any other provisions of this T&C, and, as between you and us, you hereby assume all risk of harm or injury resulting from any such lack of compliance.

You acknowledge that when you access a link when accessing the Website, the site you will enter into is not controlled by us and different terms of use and privacy policy may apply. By assessing links, you acknowledge that we are not responsible for those sites. We reserve the right to disable links to and / or from third-party sites to the Website, although we are under no obligation to do so. If you have any queries, concerns or complaints about such third-party websites or mobile applications you must direct them to the operator of that third party website or mobile application.

We have no control over and accept no responsibility for the content of any website or mobile application to which a link from the Website exists (unless we are the provider of those linked websites or mobile applications). Such linked websites and mobile applications are provided “as is” for your convenience only with no warranty, express or implied, for the information provided within them.

Users play a vital role in safeguarding their data. When interacting with third-party content, it's crucial to review and understand their privacy policies. We disclaim responsibility for external sites and encourage users to be vigilant, acknowledging the risks associated with third-party links. Users should contact third-party operators directly for privacy concerns, contributing to a secure online environment.

The 8 GDPR Privacy Principles:

1. In alignment with the General Data Protection Regulation (GDPR) requirements, we adhere to the following privacy principles: Lawfulness, Fairness, and Transparency: We ensure that the collection and processing of Personal Information are conducted lawfully, fairly, and transparently, with explicit consent obtained when necessary.
2. Purpose Limitation: The collection of Personal Information is limited to specific, explicit, and legitimate purposes. Any subsequent processing is compatible with these purposes.
3. Data Minimization: We only collect and process the Personal Information that is necessary for the intended purpose. We do not store data that is not relevant to our operations.
4. Accuracy: We strive to keep Personal Information accurate and up-to-date. Users have the right to rectify inaccuracies in their data.
5. Storage Limitation: Personal Information is retained only for as long as necessary to fulfill the purpose for which it was collected. We regularly review and purge unnecessary data.
6. Integrity and Confidentiality: We implement security measures to protect Personal Information from unauthorized access, disclosure, alteration, and destruction.
7. Accountability: We take responsibility for our data processing activities and have mechanisms in place to demonstrate compliance with GDPR principles.
8. User Rights: Users have the right to access, rectify, erase, or restrict the processing of their Personal Information. We respect these rights and provide mechanisms for users to exercise them.

This privacy policy outlines our commitment to GDPR compliance, emphasizing the importance of user privacy, data protection, and the responsible handling of personal data. Users can contact us at security@klubworks.com or info@klubworks.com for any inquiries or to exercise their data protection rights under the GDPR.