Privacy Policy

Last updated: November 25, 2024

 

Welcome to Atlys India Pvt. Ltd (“Atlys”). At Atlys, we are committed to protecting and respecting your privacy.

This Privacy Policy sets outs our policies and procedures on the collection, use, disclosure, and transfer of Your information by Atlys and/or its parent/subsidiary company, group entities and/or Affiliate(s) (collectively referred to as “Company” or “we” or “our” or  “us”) when You use our service (“Services”). This Privacy Policy forms an integral part of the Terms of Use governing the Services. Capitalized terms used but not defined herein shall have the same meaning as assigned  to them in the Terms of Use.

This Privacy Policy is aligned with the requirements of the Digital Personal Data Protection Act, 2023, the Information Technology Act, 2000, and applicable rules and regulations framed thereunder.

By accessing or using the Services, you consent  to the collection, storage, processing and use of the Personal Data that you provide (including any updates or corrections  as provided by you) in accordance with this Privacy Policy and applicable laws.

 

DEFINITIONS

The capitalized terms shall have the meaning as defined under: -

  1. Account means a unique account registered and maintained  by  You for the purposes of  accessing and using the Services or parts thereof in accordance with the Terms of Use.

  2. Affiliate means an entity that controls, is controlled by or is under common control with a party, where "control" means ownership of 50% or more of the shares, equity interest or other securities entitled to vote for election of directors or other managing authority.

  3. Application means Company’s website (“Site”) and/or the software application  provided by the Company under the name Atlys, which may be  accessed, installed or downloaded by You on any electronic device.

  4. Company (referred to as either "the Company", "We", "Us" or "Our" in this Agreement) refers to Atlys India Private Limited.

  5. Country refers to India.

  6. Device means any electronic device that can access the Services including not limited to computers, mobile phones, tablet  or any other digital or internet enabled equipment.

  7. Personal Data is any information that relates to an identified or identifiable individual either directly or indirectly, and includes, without limitation, information such as name, contact details, identification numbers, location data, online identifiers, or factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of such individual.

  8. Services refers to the services, features, functionalities, content, and offerings provided by the Company through the Application and/or any other mode or medium, including any updates, upgrades, or new versions thereof, as may be made available by the Company from time to time.

  9. Service Provider means any natural or legal person who processes the Personal Data on behalf of the Company. This includes third-party companies, vendors, contractors  or individuals engaged  by the Company to facilitate the Services, to provide the Services on behalf of the Company,  perform functions  related to the Services, or to assist the Company in analysing and improving  the Services is used.

  10. Third-party Social Media Service refers to any website or any social network website, platform or application operated by Third Party that enables You  to log in, create an account or otherwise access the Services.

  11. Usage Data refers to information collected automatically, either generated by the use of the Services or from the Service infrastructure itself (for example, the duration of a page visit, pages viewed, features used, IP address, browser type, device identifiers, and other diagnostic data). Usage Data is generally non-identifiable on its own, but may be linked with Personal Data in certain circumstances to enhance or provide the Services.

  12. User means any individual or legal entity who accesses, uses, or interacts with the Services, whether by creating an Account, browsing the Application or Site, or otherwise engaging with the Services.

  13. You mean the individual accessing or using the Services, or the company, organisation or other legal entity on behalf of which such individual accesses or uses the Services, as applicable.


INFORMATION COLLECTED

i)  Personal Data

To avail of our Services, You will be  required to provide certain personally identifiable information during the registration process and for the processing of Your visa. This information may be  used to contact or identify You. Personally identifiable information may include, but is not limited to:

  • Email address

  • First name and last name

  • Sex/gender

  • Age/DOB

  • Bank account, credit card or debit card details

  • Medical records and history

  • Sexual orientation,

  • Biometric information

  • Photo (either uploaded or taken as a selfie via the app/website)

  • Password

  • Phone number

  • Address, State, Province, ZIP/Postal code, City

  • Usage Data

  • Your occupation, interests, and the like etc.

Any personally identifiable information provided by You will not be considered  sensitive if it is freely available and / or accessible in the public domain.

You have the option to not provide certain data or information requested by us.  However, in case You choose to withhold or decline to submit the required Personal data on the Application, we may not be able to provide certain Services to you. We will make reasonable efforts to notify You of such limitations  at the time of registration with us. In any case, we will not be liable and/or responsible for the denial of Services to you arising from Your decision to not provide  the necessary personal information.

ii) Usage Data

Usage Data is collected automatically when You use the Services. This  may include information such as Your Device's Internet Protocol address (e.g., IP address), browser type and  version, the pages of our Services that You visit, the time and date of Your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

When You access the Service by or through a mobile device, we may automatically collect certain information  including, but not limited to, the type of mobile device You use, Your mobile device unique ID, the IP address of Your mobile device, Your mobile operating system, the type of mobile Internet browser You use, unique device identifiers and other diagnostic data.

We may also collect information that Your browser sends whenever You visit our Services or when You access the Services by or through a mobile device.

iii) Information Collected while Using the Application

While using our Application, in order to provide certain features of our Application and to render the Services being availed by You, we may collect, with Your prior permission:

  • Pictures and other information from Your Device's camera and photo library

We use this information to maintain, protect, improve and customize Our Services. Such information may either be uploaded to the Company's servers and/or a Service Provider's server or may remain locally  stored on Your Device.

You can enable or disable access to this information at any time, through Your Device settings.

iv) Children’s Privacy Protection

Our Services are not directed at or intended for children (persons under the age of 18 years). We do not knowingly process the personal data of children without obtaining verifiable parental or lawful guardian consent in accordance with the Digital Personal Data Protection Act, 2023.

We will not undertake any processing of children’s personal data that is likely to cause harm to them, including but not limited to tracking, behavioural monitoring, or targeted advertising.

If we become aware that we have collected or processed personal data of a child without the required parental or guardian consent, we will take immediate steps to delete such data from our records. Parents or guardians may contact us at [[email protected]] to review, update, or request deletion of their child’s data.

COOKIES AND TRACKING TECHNOLOGIES

We use Cookies and similar tracking technologies to monitor activity on our Services and store certain information. Tracking technologies used may include:

  1. Cookies or Browser Cookies: A cookie is a small file placed on Your device. You can instruct Your browser to refuse all Cookies or to indicate when a Cookie is being sent. However, if You do not accept Cookies, some parts of our Service may not function properly.

  2. Web Beacons: Certain sections of our Service and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company to, for example, count users who have visited those pages or opened an email, and for other related website statistics.

  3. Other Tracking Technologies: We may also use tags, scripts, or local storage objects to collect and track information and to improve and analyze our Service.

Cookies can be “Persistent” (remain on Your device when You go offline) or “Session” (deleted once You close Your web browser). We use both session and persistent Cookies for the purposes set out in this Privacy Policy.


USE OF INFORMATION

The Company may use the information provided by You for the following purposes:

  1. To provide and maintain our Services, including to monitor the usage of our Services, ensuring functionality and maintaining security of the Services;

  2. To manage your registration as a user of the Services. The Personal Data provided enables access to different functionalities  available to You as a registered user;

  3. For the performance of a contract and to attend, manage and process the requests made by You to us;

  4. To contact You by email, telephone calls, SMS, or other equivalent forms of electronic communication, ( including application's push notifications) regarding updates, informative communications, product  functionalities,  contracted services or  security updates, where necessary or reasonable for  implementation;

  5. To provide You with news, special offers and general information about other goods, services and events that are similar to those You have already purchased, enquired about or that may otherwise be of interest to you. You may opt-out of receiving any, or all, of these communications by following the unsubscribe link in Our  email or by directly contacting us. We may use trusted Email Marketing Service Providers to manage and send such communications to You;

  6. We may use your information for other purposes, such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns and to evaluate and improve our Services, products, marketing strategies and to enhance overall user experience; and

  7. We may use Your information in connection with  a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Data held by Us about Services users is among the assets transferred.

INFORMATION SHARING

We may share Your personal information with any third party in accordance with applicable law and only on the basis of a valid legal ground (such as Your consent, performance of a contract, compliance with a legal obligation, or our legitimate interests). Specifically, Your Personal Data may be shared without obtaining your prior consent in the following limited circumstances:

  1. We may share Your personal information with Our trusted Service Providers to monitor, analyse and improve the use of our Service however it is usually in the form of aggregated statistics on traffic to various pages within our site;

  2. We may share  such information with Our  group companies, its Affiliates and officers and employees  for internal business, operational and support  purposes, always subject to confidentiality. Certain Service Providers engaged by us may also require access to Your Personal Data to deliver additional services requested by You. These Service Providers  collect, store, use, process and transfer information about Your activity on our Service in accordance with their Privacy Policies. However, we endeavour that these Service Providers  process such information responsibly and in compliance with this Privacy Policy and any other appropriate confidentiality and security measures;

  3. Protection of Biometric  Data: We recognize the sensitive nature of Biometric  data and are committed to its strict protection. The Company does not share, disclose, or otherwise make available any Biometric  data collected from You with third-party entities under any circumstances. Biometric data is stored and processed solely for the purposes explicitly disclosed to You and only within the Company's secure systems, in compliance with applicable data protection regulations. Our commitment to safeguarding Biometric  data includes adhering to stringent security protocols and confidentiality obligations. Access to Biometric  data is limited strictly to authorized personnel within the Company who require it for specific, disclosed purposes and have undergone necessary security and privacy training. Any handling of Biometric  data is conducted exclusively under the terms of this Privacy Policy, and no exceptions will be made to allow third-party access or processing of this data.

  4. In order to process Your visa or  other related  request, we may share Your personal information with the respective government/ diplomatic mission/authorised service provider by that Government. This information includes the personal information supplied by You to support Your visa/ permit or travel document application or other service that we provide. We may also share Your personal information with the government/ diplomatic mission/authorised service provider by that Government whose visa or any other service you applied for, in connection with a complaint, request or data access request, received from you. Once shared, the processing and protection of Your data are governed by the respective government’s or diplomatic authority’s privacy and data protection framework. We have no control over the Privacy Policies being used by such Governmental authorities;

  5. When it is requested or required by law or by any court or governmental agency or authority to disclose, for the purpose of verification of identity, or for the prevention, detection, investigation including cyber incidents, or for prosecution and punishment of offences. These disclosures are made in good faith and belief that such disclosure is reasonably necessary for enforcing these Terms or for complying with the applicable laws and regulations;

  6. When You share personal information or otherwise interact in the public areas with other users, such information may be viewed by all users and may be publicly distributed outside. If You interact with other users or register through a Third-Party Social Media Service, Your contacts on the Third-Party Social Media Service may see Your name, profile, pictures and description of your activity. Similarly, other users will be able to view descriptions of Your activity, communicate with You and view Your profile. Any personal information voluntarily shared in such forums is at Your own discretion and responsibility.

  7. We may disclose Your Personal Data in the good faith belief that such action is necessary to:

  • Protect and defend the rights or property of the Company

  • Prevent or investigate possible wrongdoing in connection with the Service

  • Protect the personal safety of Users of the Service or the public

  • Protect against legal liability

  • Comply with  Google API Services User Data Policy, including the Limited Use requirements

  1. We may disclose Your personal information for any additional  purpose not listed above, but only with Your specific prior consent.

ACCESSING AND UPDATING PERSONAL INFORMATION

When You register with us, we may from time to time request You to  update Your personal information to ensure accuracy and to provide features that we believe may benefit / interest You. You have the right to access, correct, update, and erase your personal information, and to withdraw consent at any time. On receipt of such a request at [email protected], we will take reasonable steps to process the same within a reasonable time, within the timelines prescribed under applicable laws, subject to any lawful retention obligations. . 

To protect Your privacy, we may ask You to verify your identity before processing such requests, and we may decline to process requests that are unreasonably repetitive or systematic, require disproportionate technical effort, jeopardize the privacy of others, or would be extremely impractical. In any case,  we perform this service free of charge, unless such action  would require a disproportionate technical effort.

In the event You want to cancel your registration or withdraw Your consent, You may write to us at [email protected]. Upon receipt of such request, Your personal data shall be deleted or anonymized unless its retention is mandated under applicable law.


RETENTION OF INFORMATION 

Your Personal Data will be collected and processed only for lawful purposes connected with the provision of our services. It shall not be retained beyond the period necessary to fulfil those purposes, unless retention is required by law.

We will retain and use Your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies. Subject to the above, Your Personal Data shall be erased without undue delay once You withdraw Your consent or within a reasonable time thereafter, unless a longer retention period is required by the law.

The Company will also retain Usage Data and other information collected through the Application for internal analysis purposes and service improvement. Such information is generally retained for a shorter period, except when it is necessary to enhance security or to improve the functionality  or comply with  legal obligations requiring longer retention.

 

TRANSFER OF YOUR PERSONAL DATA

Your information, including Personal Data, may be processed at the Company's operating offices and in other locations  where the parties involved in the processing are situated . This means that Your information may be except where restricted by the Government of India, transferred to — and maintained on — computers located outside of Your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction. By consenting to this Privacy Policy and submitting such information, You agree to such transfer. 

The Company will take all steps reasonably necessary to ensure that Your data is treated securely and in accordance with this Privacy Policy. No transfer of your Personal Data will take place to any organization or a country unless adequate safeguards are in place including measures to protect the  security and confidentiality of Your Personal Data. We endeavour that these recipients of such information agree to process it strictly in accordance with our instructions, this Privacy Policy and any applicable  confidentiality and security measures.

  

INFORMATION SECURITY

We implement  appropriate technical and organisational  measures to protect Your Personal Data against  unauthorized access,  alteration, disclosure or destruction. These measures include internal reviews of our data collection, storage and processing practices and security measures, including appropriate encryption and physical security measures to guard against unauthorized access to systems where we store Personal Data. 

All information collected  by the Company is securely stored within the Company controlled databases, which are maintained  on servers protected by a firewall and restricted access protocol.  Access to these servers is password-protected and is strictly limited to authorised personnel only. 

While we strive to use commercially acceptable means to protect Your Personal Data, please note that no method of transmission over the Internet or method of electronic storage is completely secure. Accordingly, we cannot guarantee the absolute security of Your information.

In the event of a data breach that is likely to result in a risk to Your rights and freedoms, we will notify you without undue delay and, where required, inform the relevant regulatory authorities in accordance with applicable laws.


ANALYTICS

We may engage  third-party Service providers to monitor and analyse the use of our Service.

Google Analytics

We use, Google Analytics,  a web analytics service, provided  to collect, monitor, and analyze traffic to our Service Google may use the data collected to track and monitor the usage, combine it with other Google services and use it to contextualize and personalize  advertisements within  its own network. 

By using our Services, You consent to the collection and processing of such data. You may opt-out of certain Google Analytics features, such as advertising and cross device tracking or locations based services through your  device settings  or by following the instructions provided in their Privacy Policy: https://policies.google.com/privacy

Google Places

Our Service uses Google Places, a location-based service provided by Google, which  returns information about places through HTTP requests. The Google Places service may collect information from You and from Your Device for security and service functionality purposes. 

For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://policies.google.com/privacy


PAYMENTS

We may provide paid products and/or services within the Service. In such  cases, we may use third-party services for payment processing (e.g., payment processors). 

We do not store or collect your payment card details. That information is provided directly to our third-party payment processors, whose use of Your personal information is governed by their own Privacy Policies. These payment processors comply with the standards set by Payment Card Industry Data Security Standard (PCI-DSS) as managed by the PCI Security Standards Council - a joint effort of  major brands like Visa, Mastercard, American Express and Discover. 

PCI-DSS requirements help ensure the secure handling of payment information.

 

 

LINKS TO OTHER WEBSITES

Our Service may contain links to third party websites that are not operated or controlled  by us. If You click on a third-party link, You will be directed to that third party's web-site. We strongly recommend that You  review the Privacy Policy of every Web-site that You visit.

We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services.


UPDATES/CHANGES

We may update this  Privacy Policy from time to time. Any changes will be posted on this page, and the “Last Updated” date at the top of the policy will be revised accordingly. 

Where required by law or where the changes are material, we will notify You via email and/or displaying a prominent notice within our Service, prior to the change becoming effective. 

Unless otherwise stated, any updates will become effective as on the date of posting. By continuing to use Our  Services after , the effective date of the Updated Privacy Policy, You  will be deemed to have accepted the changes.

We encourage You  to review this Privacy Policy periodically to stay informed about how we protect your information. 

 

CONTACT US/GRIEVANCE REDRESSAL

If You have any questions/suggestions about this Privacy Policy, You contact us at Email at [email protected]

If You have any grievance relating to the processing of information provided by You, You may contact our Designated Grievance Officer

Grievance Officer – Mr. Meyappan Murugappan

Address – 2nd Floor, #203, Sethi Bhawan, 7 Link Rd, No. 2 Rajendra Place, New Delhi, Central Delhi, Delhi – 110008, India

E-mail: [email protected]

In compliance to the applicable law, the Grievance Officer shall resolve the matter within 15 days of the receipt of the Complaint or such shorter period as applicable.

When submitting the complaint, kindly provide the following: -

  • Identification of the information provided by You

  • Clear statement specifying whether the information is personal or sensitive personal information

  • Your address, telephone number, or e-mail address.

  • A statement that You have a good-faith belief that the information has been processed incorrectly or disclosed without authorization, as the case may be.

  • A declaration , under penalty of perjury, that the information in the notice is accurate and that the information being complained about belongs to You.

If You are not satisfied with our response, or if the grievance remains unaddressed, You may escalate the matter to the Data Protection Board of India for further adjudication in accordance with the applicable laws.