THIS PRIVACY POLICY ("PRIVACY POLICY") HAS BEEN DRAFTED AND PUBLISHED IN ACCORDANCE WITH THE INFORMATION TECHNOLOGY ACT 2000, THE INFORMATION TECHNOLOGY (AMENDMENT) ACT 2008, AND THE INFORMATION TECHNOLOGY (REASONABLE SECURITY PRACTICES AND PROCEDURES AND SENSITIVE PERSONAL DATA OR INFORMATION) RULES, 2011. THIS PRIVACY POLICY CONSTITUTES A LEGAL AGREEMENT BETWEEN YOU, AS A USER OF THE PLATFORM AND US, AS THE OWNER OF THE PLATFORM. YOU MUST BE A NATURAL PERSON WHO IS AT LEAST 18 YEARS OF AGE.

Taisho Ventures Private Limited, a company incorporated under the laws of India having registered office at B-101, Bldg.No.3, Paradigm Twinstar, Mahavir Nagar, P.K. Road, Mira Road (E), Thane - 401107, Maharashtra ("Company" or "we" or "us" or "our"), provides Services (as defined in the Terms of Service) through its website available at www.khyaal.com and mobile application "Khyaal" available at Google Play Store/Apple Play Store (collectively referred to as "Platform") to the users of the Platform (hereinafter referred to as "you", "your" or "User").

1. Introduction and applicability of the Privacy Policy



1.1 We are strongly committed to respecting your online privacy and recognize the need for appropriate protection and management of any personal information collected and/or collated by us.




1.2 The purpose of this Privacy Policy is to ensure that there is an intact charter to collect, use and protect any personal and/or sensitive data collected by us. This Privacy Policy defines our procedure for collection, usage, processing, disclosure and protection of any information obtained by us through the Platform.




1.3 Any reference made to Privacy Policy in this document shall mean and refer to the latest version of the Privacy Policy.




During the course of your association with us, you may be required to execute certain other agreements and such other agreements shall be deemed to form a part of the ‘Terms of Service’ which is made available at https://khyaal.com/terms-of-service , unless explicitly specified to the contrary.



2. Disclaimer



2.1 Please be advised that any Information (as defined herein below) procured by us, shall be:




a. processed fairly and lawfully for rendering the Services (as defined in Terms of Service);

b. obtained only for specified and lawful purposes, and not be used in any manner which is against the law or policy in force in India ("Applicable Law");

c. adequate, relevant and not excessive in relation to the purpose for which it is required;

d. able to be reviewed by the User, from time to time and updated-if need arises; and

e. not kept longer than for the time which it is required or the purpose for which it is required or as required by the Applicable Law.




2.2 WE SHALL NOT BE LIABLE FOR ANY LOSS OR DAMAGE SUSTAINED BY REASON OF ANY DISCLOSURE (INADVERTENT OR OTHERWISE) OF ANY DATA, IF THE SAME IS EITHER (A) REQUIRED FOR SHARING YOUR INFORMATION FOR LEGITIMATE PURPOSES; OR (B) WAS AFFECTED THROUGH NO FAULT, ACT, OR OMISSION OF THE COMPANY.




2.3 BY USING THE SERVICES, YOU EXPLICITLY ACCEPT, WITHOUT LIMITATION OR QUALIFICATION, THE COLLECTION, USE AND TRANSFER OF THE DATA IN THE MANNER DESCRIBED HEREIN.




2.4 PLEASE READ THIS PRIVACY POLICY CAREFULLY AS IT AFFECTS YOUR RIGHTS AND LIABILITIES UNDER LAW.



3. Your consent



3.1 Please note that by providing the Information (as enumerated upon herein below) or by consenting to the provision of the Information by your authorised Representative, you provide your consent and authorize us to collect, use or disclose Information for the Legitimate Purposes (as defined below) and as stated in this Privacy Policy, the Terms of Service and as permitted or required by Applicable Law. Moreover, you understand and hereby consent that this Information may be transferred to any third-party user for the purpose of providing Services through the Platform or to any third-party providers for rendering Services (as defined in the Terms of Service), any jointly developed or marketed services, payment processing, order fulfilment, customer services, data analysis, information technology services and such other services which enable us to provide Services through the Platform.




3.2 This Privacy Policy shall be enforceable against you in the same manner as any other written agreement. By visiting or accessing the Platform and voluntarily providing us with Information (including Personal Data (as defined below)), you are consenting to our use of the Information, in accordance with this Privacy Policy. If you do not agree with this Privacy Policy, you may refuse or withdraw your consent any time, or alternatively choose to not provide us with any Personal Data or Sensitive Personal Information (as defined below). Under such circumstance, your access to the Services we provide may be limited or we may be unable to render Services




Please note that if you accept a request from any entity to access and monitor your transaction, then it amounts to consent and You will not hold us responsible for any misuse of data or otherwise.




3.3 Such an intimation to withdraw your consent can be sent to support@khyaal.com



4. Types of information collected by us:



4.1 "Personal Data" means and includes any information that relates to a natural person through which, directly or indirectly, an individual is capable of being identified, such as the name, date of birth, educational information and related data, contact details, email address, gender, age, insurance data or any other relevant material provided by a User, including but not limited to, information gathered through availing Services. User, as part of onboarding process, may be required to provide name, mobile number of two individuals, family doctor, speciality doctor ("Contact Personnel"). User represents and warrants that it shall obtain prior consent of Contact Personnel before sharing any personal data of Contact Personnel with the Company. Contact Personnel’s personally identifiable information shall also be construed to be Personal Data. Consumer data, including without limitation, consumer number of electricity connection bill, water connection bill, gas connection bill, property tax related information, DTH account details, OTT account details, building maintenance details, internet bill, copies of utility bill etc. shall also be construed to be Personal Data.




4.2 "Sensitive Personal Information" shall mean personal information, which consists of information relating to any to the following of an individual:




i. physical, physiological and mental health condition;

ii. sexual orientation;

iii. insurance data;

iv. important dates and events;

v. personal interests;

vi. medical records and history;

vii. banking and finance related documents (excluding passwords, pins etc.);

viii. legal documents, agreements;

ix. vehicle registration documents;

x. health data;

xi. biometric information.




4.3 "Technical Information" means and includes any information gathered through various technologies that may employ cookies, web beacons, or similar technologies to automatically record certain information from your device through which you use the Platform. This technical information may include your internet protocol (IP) address, device or browser type, internet service provider (ISP), referring or exit pages, clickstream data, operating system, hardware model, operating system version, unique device identifiers, and mobile network. This data includes usage and log information and user statistics.




4.4 "Locational Information" shall mean and include the geo-information obtained through GPS or other means, such as the geographical location of the User and sensor data from the device on which you access the Services.




4.5 "Partner Information" We partner with certain third-party vendors to offer You some services, and We may receive certain information directly from those third parties.




4.6 "Non-Personal Information"




"Information through use of our Service" means and includes information which is shared with us to avail our Services. b. "Non-Personal Information" means and includes any information that does not reveal your specific identity, such as, browser information, information collected through Cookies (as defined below), pixel tags and other technologies, demographic information, crash reports, system activity, device state information etc. As is true with most websites and mobile applications, Company gathers some information automatically when you visit the Platform. When you use the Platform, we may collect certain information about your computer or mobile to facilitate, evaluate and verify your use of the Platform. For example, we may store environmental variables, such as browser type, operating system, speed of the central processing unit (CPU), referring or exit web pages, click patterns and the internet protocol (IP) address of your computer. This information is generally collected in aggregate form, without identifying any user individually.




(The Personal Data, Sensitive Personal Information, Technical Information, Locational Information, Partner Information and Non-Personal Information are collectively referred to as "Information").



5. Purpose of Collection and Usage of this Information:



5.1 The Information collected by us shall be used for availing our Services and utilised for other functions including but not limited to:




a. to render Services (as defined in the Terms of Service);

b. for maintaining the Platform;

c. to evaluate the quality and competence of our personnel;

d. to resolve any complaints, you may have and ensure that you receive the highest quality of Services;

e. notifying you about changes to our Platform;

f. allowing you to participate in interactive features of our Platform when you choose to do so;

g. providing analysis or valuable information so that we can improve the Platform;

h. monitoring the usage of the Platform;

i. detecting, preventing and addressing technical issues;

j. to conduct crash analytics in the event the Platform and/or Service crashes;

k. analyse usage patterns and user preferences;

l. improve user experience;

m. notify you about new products and features.




5.2 Business or Research Purposes: The Information saved and except Personal Data, is used for business or research purposes, including improving and customizing the Platform for ease of use and the products and services offered by us. We may archive this information to use it for future communications for providing updates and/or surveys.




5.3 Aggregating Information / Anonymized data: We may aggregate Information and analyse it in a manner to further accentuate the level of services that we offer to our customers. This Information includes average number of Users of the Platform, the average clicks of the services/, the features used, the response rate, etc. and other such statistics regarding groups or individuals. In doing so, we shall not be making disclosures of any Personal Data as defined above.




(Collectively referred to as "Legitimate Purposes")



6. Disclosure and Sharing of Information:



6.1 We do not rent, sell or disclose or share any Information that we collect from you, with third parties, save and except in order to provide you with the Services or for the Legitimate Purposes as specified above. Any such disclosure, if made, shall be in accordance to this Privacy Policy and as per the procedure prescribed by law and in compliance with our legal obligations. Additionally, we may share your Information in circumstances and for the purposes as specified hereunder:




a. We shall share the information to the third-party service providers/ vendors, to provide you with the Services and to effectuate any activities that fall under the Legitimate Purpose for which such Information has been collected. We shall endeavor to ensure that the third parties receiving sensitive personal data or information from us shall not disclose it further.

b. When compelled by law: We may disclose any Information provided by you on the Platform as may be deemed to be necessary or appropriate:




i. under Applicable law, including laws outside your country of residence;

ii. to comply with legal process;

iii. to respond to requests from public and government authorities including public and government authorities including public and government authorities outside your country of residence;

iv. to protect our operations or those of any of our affiliates;

v. to protect our rights, privacy, safety or property, and/that of our affiliates, you or others;

vi. to allow us to pursue available remedies or limit the damages that we may sustain;

vii. to protect against legal liability;

viii. to protect the personal safety of Users of the Platform;

ix. to prevent or investigate possible wrongdoing in connection with the Platform.

c. Merger or Acquisition: We may share Information upon merger or acquisition of Company with another company. We shall transmit and transfer the Information upon acquisition or merger of Company with another company;

d. With our service providers: We may share Information with other service providers on a need-to-know basis, subject to obligations of confidentiality for provision of Services. We hereby clarify that the Company works with institutions, vendors, partners, advertisers, and other service providers, including (but not limited) to those who provide products or services such as contact Information verification, website hosting, data analysis, providing infrastructure, information technology services, auditing services and other similar services, in different industries and categories of business by virtue of lawful contracts instituted between such third parties and Company to improve our product and services. Accordingly, we may share your Information with such service provider in order to provide you with Services;

e. Employees /Agents of Company: We follow a strict confidentiality policy with regard to disclosure of confidential information to our employees or other personnel. There may be situations, where we may disclose the confidential information only to those of our employees and other personnel on a need-to-know basis. Any breach of confidential information by the employees, personnel within the Company is dealt with stringently by us.




6.2 Except for the Information disclosed pursuant to sub-clause (a), (b), (c), (d) and (e) of Clause 6.1 above, Company may share Information, if you authorize us to do so.



7. Transfer of Information



7.1 Your information may be transferred to, and maintained on, computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ from those from your jurisdiction.




7.2 If you are located outside India and choose to provide information to us, please note that we may transfer the data to any other body corporate or a person in India to process the Information.




7.3 Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.




7.4 We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy, and no transfer of your data will take place to an organization or a country unless there are adequate controls in place including the security of your data.



8. Your Rights



You can always choose not to provide the requested information to us, it may however result in you not availing certain features of, or the entire, of our Services.




You retain several rights in relation to your Personal Data as provided under Applicable Law. These may include the rights to:




a. access, confirm, and review Personal Data you may have provided;

b. correct Personal Data that may be inaccurate or irrelevant;

c. delete and erase your Personal Data from the publicly available pages of the Platform;

d. receive Personal Data we hold about you in a portable format;

e. object to or restrict any form of processing you may not be comfortable with.




In order to exercise these rights, please contact us on the email address provided in Clause 3.3 above.




If you want to withdraw your consent or raise any objection to the use of your information for receiving any direct marketing information to which you previously opted-in, you can do so by contacting our customer support at above mentioned addresses. If you withdraw your consent or object to the use of your information, our use of the information provided by you before your withdrawal/objection shall still be lawful.



9. Children’s Privacy



Our Platform and Services are not meant for use by children and we knowingly do not collect Information of/from children. For the purposes of this clause, “children” means a person who has not completed the age of 18 years. If it comes to our notice that we have collected Information from/of children, we shall take steps to remove such Information from our servers. If you believe that we might have any Information that may have been collected from a child or has been provided by a child, please write to us at the email id provided in Clause 3.3.



10. Control the collection or use of the Information



If you have any reservations, constraints or apprehensions regarding the access to, collection, storage, or any other use of the Information which you have provided to us, you may withdraw your consent in the manner as set out in Clause 3.3 above.



11. Retention of Information



All Information provided by you, save and except upon withdrawal or termination, shall be retained in locations outside the direct control of Company (for instance, on servers or databases co-locates with hosting providers). We will delete Information based on a request received from you within a reasonable period and latest within thirty (30) days of receiving a deletion request. However, we may retain such portion of Information and for such periods as may be required under Applicable Law. Notwithstanding anything contained herein, Company may retain data after account deletion for reasons including but limited to the following purposes: If there is an unresolved issue relating to your account, or an unresolved claim or dispute; If we are required to by Applicable Law, and/or in aggregated and/or anonymized form, or Company may also retain certain information if necessary, for its legitimate business interests, such as fraud prevention and enhancing Users' safety and security.



12. Cookies and other Tracking Technologies



12.1 Our Platform may utilize “cookies” and other Technical Information. "Cookies" are a small text file consisting of alphanumeric numbers used to collect the Information about Platform activity. The Technical Information helps us analyse web traffic and helps you by customizing the Platform to your preferences. Cookies in no way give us access to your computer or mobile device. In relation to Cookies, you can deny access to the installation of the Cookies by modifying the settings on your web browser, however, this may prevent you from taking full advantage of the Platform.

12.2 Our use of Cookies and Technical Information allows us to improve Platform and your experience of Platform and Services. We may also analyse Technical Information that does not contain Personal Data or Sensitive Personal Information for trends and statistics.



13. Third Party Services



We may use your Information to send you promotional information about third parties which, we think you may find interesting, if you tell us that you wish this to happen. We shall not be responsible for any disclosure of Information due to unauthorized third-party access or other acts of third parties or acts or omissions beyond our reasonable control and you agree that you will not hold us responsible for any breach of security unless such breach has been caused as a direct result of our negligence or wilful default.




Once you leave the Platform, we are not liable for any use/ storage/ processing/ collection of your information obtained by any third-party websites or payment facilitators or provided by you to these third-parties or payment facilitators. Such entities and their respective websites/platforms may be governed by their own “Privacy Policy” and “Terms of Service”, which are beyond our control.



14. Data Security



You agree and accept that your Information may be stored in third-party cloud service infrastructure providers. While all reasonable attempts have been taken from our end to ensure the safe and secure storage of your data, we shall not be liable for any data breach on the part of the third-party cloud service infrastructure provider that was beyond our control. In addition to the security measures put in place by the third-party cloud service infrastructure provider for safe and secure storage of your Information, we use certain physical, managerial, technical or operational safeguards as per industry standards and established best practices to protect the Information we collect. We use reasonable security practices and procedures and use secure servers as mandated under Applicable Laws for the protection of your Information. We review our Information collection, storage, and processing practices, including physical security measures to guard against unauthorized access to systems. However, as effective as these measures are, no security system is impenetrable. We cannot guarantee the security of our database, nor can we guarantee that the Information you supply will not be intercepted while being transmitted to us over the internet. You accept the inherent security implications of data transmission over the internet and the internet cannot always be guaranteed as completely secure. Therefore, your use of the Platform will be at your own risk. If you have any concerns, please feel free to contact us at the details given in Clause 3.3 above.



15. Changes and updates to Policy



We may modify or revise the Privacy Policy from time to time and accordingly update the revised Privacy Policy on the Platform with an updated date of revision. However it shall be Your responsibility to keep yourself updated on any changes to the Privacy Policy. We shall endeavour to review, revise, update, modify, amend or correct the Privacy Policy on a regular and routine basis, especially whenever a significant update is made to the technology employed by us. You must periodically review the Privacy Policy for the latest information on our privacy practices. In the event you continue to use the Platform and our services after any update in the Privacy Policy, your use of the Platform shall be subject to such updated privacy policy. Your continued usage of Services, post any amendment would deem to mean that you accept and understand the revised Privacy Policy. Further, we retain the right at any time to deny or suspend access to all, or any part of, the Service and/or access to the Platform to anyone who we reasonably believe has violated any provision of this Privacy Policy.



16. Discrepancies and Grievances with Company



In case of any discrepancy or grievance with respect to all or any Information shared with Company, please feel free to contact our Grievance Officer:

Attention: Hemanshu Jain




Email ID: care@khyaal.com




Address: B-101, building no.3, Paradigm Twinstar, Mahavir Nagar, P.K. Road, Mira Road East, Thane, Maharashtra, India 401107.




16.2 We assure you that we shall put our best efforts to redress the grievances of the User expeditiously within one (1) month from the date of receipt of the grievance.




16.3 In accordance with the IT Act, You may, in writing, to the Grievance Officer




(i) request access to Your Sensitive Personal Data or Information,

(ii) report any grievances in relation to Your Sensitive Personal Data or Information,

(ii) report any grievances in relation to Your Sensitive Personal Data or Information,




16.4 The following information needs to be provided in the complaint to Our Grievance Officer to work on the same:




(i) A physical copy of the signature or electronic signature of the person authorized to act on behalf of the User for the purposes of the complaint if the complainant is not the User.

(ii) Details of the work for which infringement of copyright is claimed by the User or on behalf of the User.

(iii) The contact details of the complainant, including the address, telephone number, and/or email address.

(iv) A statement that the complaining party has good faith and belief that the use of the material in the manner complained of is not authorized by the copyright owner, its agent, or the law.




A declaration that the information in the complaint is accurate, and that the complaining party is authorized to act on behalf of the owner of the right that is allegedly infringed.



17. Miscellaneous



THE INVALIDITY OR UNENFORCEABILITY OF ANY PART OF THIS PRIVACY POLICY SHALL NOT PREJUDICE OR AFFECT THE VALIDITY OR ENFORCEABILITY OF THE REMAINDER OF THIS PRIVACY POLICY. THIS PRIVACY POLICY DOES NOT APPLY TO ANY INFORMATION OTHER THAN THE INFORMATION COLLECTED BY US THROUGH THE PLATFORM. THIS PRIVACY POLICY SHALL BE INAPPLICABLE TO ANY UNSOLICITED INFORMATION YOU PROVIDE US THROUGH THE PLATFORM OR THROUGH ANY OTHER MEANS. ALL UNSOLICITED INFORMATION SHALL BE DEEMED TO BE NON-CONFIDENTIAL AND WE SHALL BE FREE TO USE AND/ OR DISCLOSE SUCH UNSOLICITED INFORMATION WITHOUT ANY LIMITATIONS. THE RIGHTS AND REMEDIES AVAILABLE UNDER THIS POLICY MAY BE EXERCISED AS OFTEN AS NECESSARY AND ARE CUMULATIVE AND NOT EXCLUSIVE OF RIGHTS OR REMEDIES PROVIDED BY LAW. RIGHTS UNDER THIS POLICY MAY BE WAIVED ONLY IN WRITING. DELAY IN EXERCISING OR NON-EXERCISE OF ANY SUCH RIGHT OR REMEDY DOES NOT CONSTITUTE A WAIVER OF THAT RIGHT OR REMEDY, OR ANY OTHER RIGHT OR REMEDY.



18. Governing Laws and Jurisdiction



This Privacy Policy and the use of it is governed by the laws of India and subject to arbitration below, the courts in Mumbai, India shall have exclusive jurisdiction over any disputes connected to our Platform or the Services.




Any adverse action, dispute or difference arising under or relating to this Policy (“Dispute”) shall at the first instance be resolved through good faith negotiations between the parties hereto, which negotiations shall begin promptly, within 15 (fifteen) days after a party has delivered to the other party a written request for such negotiations. If the parties are unable to resolve the Dispute in question within 15 (fifteen) days of the commencement of such negotiations, the Dispute shall be referred to and finally resolved by arbitration in accordance with the Arbitration and Conciliation Act, 1996, as amended from time to time and rules prescribed thereunder. When any Dispute is under arbitration, except for the matters under dispute, We and You shall continue to exercise the remaining respective rights and fulfil the remaining respective obligations under this Policy. The arbitration shall be conducted by a sole arbitrator appointed by Us and the seat and venue of arbitration shall be Mumbai, India. The language of the arbitration proceedings and of all written decisions and correspondence relating to the arbitration shall be English.



19. Indemnity



19.1 You agree to indemnify and hold Us harmless from:




(i) any actions, claims, demands, suits, damages, losses, penalties, interest and other charges and expenses (including legal fees and other dispute resolution costs) made by any third party due to or arising out of any violation of the terms of this Policy.

(ii) any acts or deeds, including for any non-compliance or violation, of any applicable law, rules, regulations on Your part.

(iii) for fraud committed by You.



20. YOUR ACCEPTANCE OF THE PRIVACY POLICY



BY USING OR VISITING THE PLATFORM, YOU SIGNIFY YOUR AGREEMENT OF THIS PRIVACY POLICY. IF YOU DO NOT AGREE TO ANY OF THESE TERMS, PLEASE DO NOT USE THIS PLATFORM OR SERVICES.



This policy is effective as of 30th August 2022.
Any contract to provide any service by Us and or Our affiliates is not complete until complete consideration towards the product and/or service is received by Us or Our affiliates (as the case may be) from You. We reserve the right, in our sole discretion, to terminate the access to the Platform at any time, without notice to You, for general maintenance or for any reason whatsoever. We shall not be responsible for confirming transactions including whether the transactions are legal and valid as per the applicable laws. We, at our sole discretion, reserve the right to not to accept Your request without assigning any reason thereof.




You agree that You can enter into a legally binding contract as stipulated under the Indian Contract Act, 1872. You expressly undertake to provide to Us, where applicable, information which is true, accurate and valid, and acknowledge that any default or deficiency would inter alia render the provision of the product or services by Us, inapplicable. You shall be responsible for ensuring compliance with the terms and any of Our other rules including the terms governing the service fees, or other rules. If You do not agree with any part of such terms, You must not avail of any of the services.