Taisho Ventures Private Limited, a company incorporated under the laws of India having registered office at B-101, Bldg.No.3, Paradigm Twinstar, Mahavir Nagar, P.K. Road, Mira Road (E), Thane - 401107, Maharashtra ("Company" or "we" or "us" or "our"), provides Services (as defined in the Terms of Service) through its website available at www.khyaal.com and mobile application "Khyaal" available at Google Play Store/Apple Play Store (collectively referred to as "Platform") to the users of the Platform (hereinafter referred to as "you", "your" or "User").
1.1 We are strongly committed to respecting your online privacy and recognize the need for appropriate protection and management of any personal information collected and/or collated by us.
During the course of your association with us, you may be required to execute certain other agreements and such other agreements shall be deemed to form a part of the 'Terms of Service' which is made available at https://khyaal.com/terms-of-service , unless explicitly specified to the contrary.
2.1 Please be advised that any Information (as defined herein below) procured by us, shall be:
a. processed fairly and lawfully for rendering the Services (as defined in Terms of Service);
b. obtained only for specified and lawful purposes, and not be used in any manner which is against the law or policy in force in India ("Applicable Law");
c. adequate, relevant and not excessive in relation to the purpose for which it is required;
d. able to be reviewed by the User, from time to time and updated-if need arises; and
e. not kept longer than for the time which it is required or the purpose for which it is required or as required by the Applicable Law.
2.2 WE SHALL NOT BE LIABLE FOR ANY LOSS OR DAMAGE SUSTAINED BY REASON OF ANY DISCLOSURE (INADVERTENT OR OTHERWISE) OF ANY DATA, IF THE SAME IS EITHER (A) REQUIRED FOR SHARING YOUR INFORMATION FOR LEGITIMATE PURPOSES; OR (B) WAS AFFECTED THROUGH NO FAULT, ACT, OR OMISSION OF THE COMPANY.
2.3 BY USING THE SERVICES, YOU EXPLICITLY ACCEPT, WITHOUT LIMITATION OR QUALIFICATION, THE COLLECTION, USE AND TRANSFER OF THE DATA IN THE MANNER DESCRIBED HEREIN.
Please note that if you accept a request from any entity to access and monitor your transaction, then it amounts to consent and You will not hold us responsible for any misuse of data or otherwise.
3.3 Such an intimation to withdraw your consent can be sent to email@example.com
4.1 "Personal Data/Personal Information" means and includes any information that relates to a natural person through which, directly or indirectly, an individual is capable of being identified, such as the name, date of birth, educational information and related data, contact details, email address, gender, age, insurance data or any other relevant material provided by a User, including but not limited to, information gathered through availing Services. User, as part of onboarding process, may be required to provide name, mobile number of two individuals, family doctor, speciality doctor ("Contact Personnel"). User represents and warrants that it shall obtain prior consent of Contact Personnel before sharing any personal data of Contact Personnel with the Company. Contact Personnel's personally identifiable information shall also be construed to be Personal Data. Consumer data, including without limitation, consumer number of electricity connection bill, water connection bill, gas connection bill, property tax related information, DTH account details, OTT account details, building maintenance details, internet bill, copies of utility bill etc. shall also be construed to be Personal Data.
4.2 "Sensitive Personal Information" shall mean personal information, which consists of information relating to any to the following of an individual:
i. physical, physiological and mental health condition;
ii. sexual orientation;
iii. insurance data;
iv. important dates and events;
v. personal interests;
vi. medical records and history;
vii. banking and finance related documents (excluding passwords, pins etc.);
viii. health data;
ix. biometric information.
4.3 "Technical Information" means and includes any information gathered through various technologies that may employ cookies, web beacons, or similar technologies to automatically record certain information from your device through which you use the Platform. This technical information may include your internet protocol (IP) address, device or browser type, internet service provider (ISP), referring or exit pages, clickstream data, operating system, hardware model, operating system version, unique device identifiers, and mobile network. This data includes usage and log information and user statistics.
4.4 "Locational Information" shall mean and include the geo-information obtained through GPS or other means, such as the geographical location of the User and sensor data from the device on which you access the Services.
4.5 "Partner Information" We partner with certain third-party vendors to offer You some services, and We may receive certain information directly from those third parties.
4.6 "Non-Personal Information" "Information through use of our Service" means and includes information which is shared with us to avail our Services. b. "Non-Personal Information" means and includes any information that does not reveal your specific identity, such as, browser information, information collected through Cookies (as defined below), pixel tags and other technologies, demographic information, crash reports, system activity, device state information etc. As is true with most websites and mobile applications, Company gathers some information automatically when you visit the Platform. When you use the Platform, we may collect certain information about your computer or mobile to facilitate, evaluate and verify your use of the Platform. For example, we may store environmental variables, such as browser type, operating system, speed of the central processing unit (CPU), referring or exit web pages, click patterns and the internet protocol (IP) address of your computer. This information is generally collected in aggregate form, without identifying any user individually.
(The Personal Data, Sensitive Personal Information, Technical Information, Locational Information, Partner Information and Non-Personal Information are collectively referred to as "Information").
5.1 The Information collected by us shall be used for availing our Services and utilised for other functions including but not limited to:
a. to render Services (as defined in the Terms of Service);
b. for maintaining the Platform;
c. to evaluate the quality and competence of our personnel;
d. to resolve any complaints, you may have and ensure that you receive the highest quality of Services;
e. notifying you about changes to our Platform;
f. allowing you to participate in interactive features of our Platform when you choose to do so;
g. providing analysis or valuable information so that we can improve the Platform;
h. monitoring the usage of the Platform;
i. detecting, preventing and addressing technical issues;
j. to conduct crash analytics in the event the Platform and/or Service crashes;
k.analyse usage patterns and user preferences;
l. improve user experience;
m. notify you about new products and features; and
n. Verification of users’ identity and to perform checks to prevent frauds.
5.2 Business or Research Purposes: The Information saved and except Personal Data, is used for business or research purposes, including improving and customizing the Platform for ease of use and the products and services offered by us. We may archive this information to use it for future communications for providing updates and/or surveys.
5.3 Aggregating Information / Anonymized data: We may aggregate Information and analyse it in a manner to further accentuate the level of services that we offer to our customers. This Information includes average number of Users of the Platform, the average clicks of the services/, the features used, the response rate, etc. and other such statistics regarding groups or individuals. In doing so, we shall not be making disclosures of any Personal Data as defined above. (Collectively referred to as "Legitimate Purposes"
a. We shall share the information to the third-party service providers/ vendors, to provide you with the Services and to effectuate any activities that fall under the Legitimate Purpose for which such Information has been collected. We shall endeavor to ensure that the third parties receiving sensitive personal data or information from us shall not disclose it further.
b. When compelled by law: We may disclose any Information provided by you on the Platform as may be deemed to be necessary or appropriate:
i. under Applicable law, including laws outside your country of residence;
ii. to comply with legal process;
iii. to respond to requests from public and government authorities including public and government authorities including public and government authorities outside your country of residence;
iv. to protect our operations or those of any of our affiliates;
v. to protect our rights, privacy, safety or property, and/that of our affiliates, you or others;
vi. to allow us to pursue available remedies or limit the damages that we may sustain;
vii. to protect against legal liability;
viii. to protect the personal safety of Users of the Platform;
ix. to prevent or investigate possible wrongdoing in connection with the Platform.
c. Merger or Acquisition: We may share Information upon merger or acquisition of Company with another company. We shall transmit and transfer the Information upon acquisition or merger of Company with another company;
d. With our service providers: We may share Information with other service providers on a need-to- know basis, subject to obligations of confidentiality for provision of Services. We hereby clarify that the Company works with institutions, vendors, partners, advertisers, and other service providers, including (but not limited) to those who provide products or services such as contact Information verification, website hosting, data analysis, providing infrastructure, information technology services, auditing services and other similar services, in different industries and categories of business by virtue of lawful contracts instituted between such third parties and Company to improve our product and services. Accordingly, we may share your Information with such service provider in order to provide you with Services;
Transactional data - This includes Information required for processing payments on the Platform and other information regarding payments you make available to us and other details of products and Services you have accessed or used through the Platform. We do not store card/other payment related details on our servers. Credit card, debit card and other sources of payments are processed by third party service providers engaged by us, including payment aggregators or gateways on their secure payment server and all card/payment details are fully encrypted and stored by them.
e. Employees /Agents of Company: We follow a strict confidentiality policy with regard to disclosure of confidential information to our employees or other personnel. There may be situations, where we may disclose the confidential information only to those of our employees and other personnel on a need-to-know basis. Any breach of confidential information by the employees, personnel within the Company is dealt with stringently by us.
6.2 Except for the Information disclosed pursuant to sub-clause (a), (b), (c), (d) and (e) of Clause 6.1 above, Company may share Information, if you authorize us to do so.
We take reasonable measures to protect Information provided by you against unauthorized access, disclosure, use, loss, or alteration. This includes:
i. Using industry-standard security measures such as encryption, firewalls, and secure servers to protect your data;
ii. Conducting regular security audits and risk assessments of our data protection and security protocol measures;
iii. Ensuring authorized personnel access only to personal information of users;
iv. Ensuring our employees and contractors are trained on data protection and security protocols.
v. Ensuring data shared to third parties is on a need-to-know basis, subject to obligations of confidentiality.
8.1 Your information may be transferred to, and maintained on, computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ from those from your jurisdiction.
8.2 If you are located outside India and choose to provide information to us, please note that we may transfer the data to any other body corporate or a person in India to process the Information.
You can always choose not to provide the requested information to us, it may however result in you not availing certain features of, or the entire, of our Services.
You retain several rights in relation to your Personal Data as provided under Applicable Law. These may include the rights to:
a. access, confirm, and review Personal Data you may have provided;
b. correct Personal Data that may be inaccurate or irrelevant;
c. delete and erase your Personal Data from the publicly available pages of the Platform;
d. receive Personal Data we hold about you in a portable format;
e. object to or restrict any form of processing you may not be comfortable with.
In order to exercise these rights, please contact us on the email address provided in Clause 3.3 above.
If you want to withdraw your consent or raise any objection to the use of your information for receiving any direct marketing information to which you previously opted-in, you can do so by contacting our customer support at above mentioned addresses. If you withdraw your consent or object to the use of your information, our use of the information provided by you before your withdrawal/objection shall still be lawful.
Our Platform and Services are not meant for use by children and we knowingly do not collect Information of/from children. For the purposes of this clause, "children" means a person who has not completed the age of 18 years. If it comes to our notice that we have collected Information from/of children, we shall take steps to remove such Information from our servers. If you believe that we might have any Information that may have been collected from a child or has been provided by a child, please write to us at the email id provided in Clause 3.3.
If you have any reservations, constraints or apprehensions regarding the access to, collection, storage, or any other use of the Information which you have provided to us, you may withdraw your consent in the manner as set out in Clause 3.3 above.
All Information provided by you, save and except upon withdrawal or termination, shall be retained in locations outside the direct control of Company (for instance, on servers or databases co-locates with hosting providers). We will delete Information based on a request received from you within a reasonable period and latest within thirty (30) days of receiving a deletion request. However, we may retain such portion of Information and for such periods as may be required under Applicable Law. Notwithstanding anything contained herein, Company may retain data after account deletion for reasons including but limited to the following purposes: If there is an unresolved issue relating to your account, or an unresolved claim or dispute; If we are required to by Applicable Law, and/or in aggregated and/or anonymized form, or Company may also retain certain information if necessary, for its legitimate business interests, such as fraud prevention and enhancing Users' safety and security. Company may also retain data of the users for monitoring and analysing usage of our Services through data analysis and research to improve working of our Platform.
We rely upon a number of legal bases to enable our processing of your Personal Data.
a. Contractual and Pre-Contractual Business Relationships: We process Personal Data for the purpose of entering into business relationships with prospective users and to perform the respective contractual obligations that we have with these users. Activities include-
b. Legal Compliance: We process Personal Data to verify the identity of our users in order to comply with fraud monitoring, prevention and detection obligations, laws associated with the identification and reporting of illegal and illicit activity, such as "Anti-Money Laundering ("AML") and Know-Your-Customer ("KYC")" obligations, and financial reporting obligations. For example, we may be required to record and verify a user "s identity for the purpose of compliance with legislation intended to prevent money laundering and financial crimes. These obligations are imposed on us by the operation of law, industry standards, and by our financial partners, and may require us to report our compliance to third parties, and to submit to third party verification audits.
Legitimate Business Interests: Where allowed under applicable law, we rely on our legitimate business interests to process Personal Data about you. The following list sets out the business purposes for which we have a legitimate interest in processing your data:
14.1 Our Platform may utilize “cookies” and other Technical Information. "Cookies" are a small text file consisting of alphanumeric numbers used to collect the Information about Platform activity. The Technical Information helps us analyse web traffic and helps you by customizing the Platform to your preferences. Cookies in no way give us access to your computer or mobile device. In relation to Cookies, you can deny access to the installation of the Cookies by modifying the settings on your web browser, however, this may prevent you from taking full advantage of the Platform.
14.3 Users accept cookies, when visiting Company website for the first time. However, they are not required to turn on cookies in order to have a functioning website. Only after accepting to turn on the cookies, personal data will be processed. A different option is that the user sets his/her browser to warn him/her with a message for each cookie, only the cookies that have been accepted will be processing personal data. Whilst essential cookies are necessary to run Company websites, the rest are not compulsory and require your consent.
We may use your Information to send you promotional information about third parties which, we think you may find interesting, if you tell us that you wish this to happen. We shall not be responsible for any disclosure of Information due to unauthorized third-party access or other acts of third parties or acts or omissions beyond our reasonable control and you agree that you will not hold us responsible for any breach of security unless such breach has been caused as a direct result of our negligence or wilful default.
You agree and accept that your Information may be stored in third-party cloud service infrastructure providers. While all reasonable attempts have been taken from our end to ensure the safe and secure storage of your data, we shall not be liable for any data breach on the part of the third-party cloud service infrastructure provider that was beyond our control. In addition to the security measures put in place by the third-party cloud service infrastructure provider for safe and secure storage of your Information, we use certain physical, managerial, technical or operational safeguards as per industry standards and established best practices to protect the Information we collect. We use reasonable security practices and procedures and use secure servers as mandated under Applicable Laws for the protection of your Information. We review our Information collection, storage, and processing practices, including physical security measures to guard against unauthorized access to systems. However, as effective as these measures are, no security system is impenetrable. We cannot guarantee the security of our database, nor can we guarantee that the Information you supply will not be intercepted while being transmitted to us over the internet. You accept the inherent security implications of data transmission over the internet and the internet cannot always be guaranteed as completely secure. Therefore, your use of the Platform will be at your own risk. If you have any concerns, please feel free to contact us at the details given in Clause 3.3 above.
18.1 In case of any discrepancy or grievance with respect to all or any Information shared with Company, please feel free to contact our Grievance Officer:
Attention: Hemanshu Jain
Email ID: firstname.lastname@example.org
Address: B-101, building no.3, Paradigm Twinstar, Mahavir Nagar, P.K. Road, Mira Road East, Thane, Maharashtra, India 401107.
18.2 We assure you that we shall put our best efforts to redress the grievances of the User expeditiously within one (1) month from the date of receipt of the grievance.
18.3 In accordance with the IT Act, You may, in writing, to the Grievance Officer
(i) request access to Your Sensitive Personal Data or Information,
(ii) report any grievances in relation to Your Sensitive Personal Data or Information,
18.4 The following information needs to be provided in the complaint to Our Grievance Officer to work on the same:
(i) A physical copy of the signature or electronic signature of the person authorized to act on behalf of the User for the purposes of the complaint if the complainant is not the User.
(ii) Details of the work for which infringement of copyright is claimed by the User or on behalf of the User.
(iii) The contact details of the complainant, including the address, telephone number, and/or email address.
(iv) A statement that the complaining party has good faith and belief that the use of the material in the manner complained of is not authorized by the copyright owner, its agent, or the law.
A declaration that the information in the complaint is accurate, and that the complaining party is authorized to act on behalf of the owner of the right that is allegedly infringed.
Any adverse action, dispute or difference arising under or relating to this Policy (“Dispute”) shall at the first instance be resolved through good faith negotiations between the parties hereto, which negotiations shall begin promptly, within 15 (fifteen) days after a party has delivered to the other party a written request for such negotiations. If the parties are unable to resolve the Dispute in question within 15 (fifteen) days of the commencement of such negotiations, the Dispute shall be referred to and finally resolved by arbitration in accordance with the Arbitration and Conciliation Act, 1996, as amended from time to time and rules prescribed thereunder. When any Dispute is under arbitration, except for the matters under dispute, We and You shall continue to exercise the remaining respective rights and fulfil the remaining respective obligations under this Policy. The arbitration shall be conducted by a sole arbitrator appointed by Us and the seat and venue of arbitration shall be Mumbai, India. The language of the arbitration proceedings and of all written decisions and correspondence relating to the arbitration shall be English.
21.1 You agree to indemnify and hold Us harmless from:
(i) any actions, claims, demands, suits, damages, losses, penalties, interest and other charges and expenses (including legal fees and other dispute resolution costs) made by any third party due to or arising out of any violation of the terms of this Policy.
(ii) any acts or deeds, including for any non-compliance or violation, of any applicable law, rules, regulations on Your part.
(iii) for fraud committed by You.
This policy is effective as of 30th August 2022.
Any contract to provide any service by Us and or Our affiliates is not complete until complete consideration towards the product and/or service is received by Us or Our affiliates (as the case may be) from You. We reserve the right, in our sole discretion, to terminate the access to the Platform at any time, without notice to You, for general maintenance or for any reason whatsoever. We shall not be responsible for confirming transactions including whether the transactions are legal and valid as per the applicable laws. We, at our sole discretion, reserve the right to not to accept Your request without assigning any reason thereof.
You agree that You can enter into a legally binding contract as stipulated under the Indian Contract Act, 1872. You expressly undertake to provide to Us, where applicable, information which is true, accurate and valid, and acknowledge that any default or deficiency would inter alia render the provision of the product or services by Us, inapplicable. You shall be responsible for ensuring compliance with the terms and any of Our other rules including the terms governing the service fees, or other rules. If You do not agree with any part of such terms, You must not avail of any of the services.
Customer Grievance and Liability Policy
© 2023 Taisho Ventures Pvt. Ltd.