LAST UPDATED ON 29th MARCH 2023

Privacy Policy

IDQ Innovation Private Limited (“IDQPL” or “Inferless” or “we”) takes the privacy of your information seriously. This Privacy Notice describes the Data we collect from you through our website, including sub-domains microsites, and mobile applications (“Platforms”). It also describes the purposes for which we collect that personal information, the other parties with whom we may share it and the measures we take to protect the security of your data. It also tells you about your rights and choices with respect to your personal information, and how you can contact us about our privacy practices.

This Privacy Notice & Privacy Policy (“Policy”) is published in accordance with Rule 4 of the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Information or Data) Rules, 2011 read with Rule 3(1) of the provisions of Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021.

You are advised to carefully read this Privacy Notice before using or availing any of the products and/or services offered on our Platforms.

  1. DEFINITIONS

    In this Privacy Notice, the following definitions are used:
  1. Cookies
    a small file placed on your device by our Platforms when you either visit or use certain features of our Platforms. A cookie generally allows a website to remember your actions or preference for a certain period of time.

  1. Data
    includes non-personal information, personal information and sensitive personal information about you, which either directly or indirectly in combination with other information, could allow you to be identified when you visit our Platforms.

  1. Data Protection Laws
    any applicable law for the time being in force relating to the processing of Data.

  1. Partners
    select third parties with whom we have contracts for the businesses described in this Privacy Notice.

  1. Service Providers
    includes entities to whom we may disclose your Data in order to process information for a specific purpose pursuant to written contract.

  1. User or you
    the natural person who accesses our Platforms.

  1. WHAT DATA DO WE COLLECT ABOUT YOU


Inferless collects Data for various purposes set out in this Privacy Notice. This Data may include, without limitation, the following categories:

  1. Contact information: first and last name, email address, postal address, country, employer, phone number and other similar contact data.
  2. Financial information: payment instrument information, transactions, transaction history, preferences, method, mode and manner of payment, spending pattern or trends, and other similar data.
  3. Technical information: website, device and mobile app usage, Internet Protocol (IP) address and similar information collected via automated means, such as cookies, pixels and similar technologies.
  4. Transaction information: the date of the transaction, total amount, transaction history and preferences and related details.
  5. Product and service information: Your account membership number, registration and payment information, and program-specific information, when you request products and/or services directly from us, or participate in marketing programs.
  6. Personal information: Age, sex, date of birth, marital status, nationality, details of government identification documents provided, thumb impression, occupation,  or any other personal information provided in product reviews or responses to surveys or questionnaires.
  7. Your reviews, feedback and opinions about our products, programmes and services.
  8. Loyalty programme information: your loyalty membership information, account details, profile or password details and any frequent flyer or travel partner programme affiliation.

  1. HOW WE COLLECT DATA

    We collect Data in the following ways:
  1. Information You Give Us: We receive and store any information you enter on our Platforms or give us in any other way (e.g., emails). Please see the section titled “Data Shared by You” for more information.
  2. Automatic Information We Collect: We use “cookies”, pixels and similar technologies to receive and store certain types of information whenever you interact with us. Please see the section below, titled “Data that is Collected Automatically” for more information.
  3. E-mail Communications: To help us make e-mails more relevant and interesting, we often receive a confirmation (if your device supports such capabilities) when you open e-mail from us or click on a link in the e-mail. You can choose not to receive marketing emails from us by clicking on the unsubscribe link in any marketing email.
  4. Automatic Information We Collect from Other Websites:  We receive and store certain types of information when you interact with third-party websites that use our technology or with whom we have a specific agreement. Because we process this information on behalf of the applicable website operators, collection, processing, and use of such information is subject to the applicable website operators’ specific privacy policies and is not covered by our Privacy Notice.
  5. Information from Other Sources: We may obtain information from other sources. An example of this is when you authorize a third-party website, to interact directly with our Platforms to provide or receive Data about you. In that case, we might receive such Data used by that third-party website to identify your account with that website.

You can make choices about our collection and use of your Data. For example, you may want to access, edit or remove your Data on our Platforms. When you are asked to provide Data, you may decline.

  1. DATA SHARED BY YOU

    Inferless may collect your Data in several ways from your use of our Platforms. For instance:

  1. when you register with us to purchase products and / or services;
  2. when you conduct a transaction with us or attempt a transaction at on our Platforms;
  3. when you complete surveys conducted by or for us;
  4. when you elect to receive any communications (including promotional offers) from us;
  5. from the information gathered by your visit to our Platforms;

If you provide Data on behalf of any corporation, company, institution, association or other entity, you represent that you are providing the same under authority from such corporation, company, institution, association or other entity.

  1. DATA THAT IS COLLECTED AUTOMATICALLY

  1. We automatically collect some information when you visit our Platforms. This information helps us to make improvements to our content and navigation. The information collected automatically includes your IP address.
  2. Our web servers or affiliates who provide analytics and performance enhancement services collect IP addresses, operating system details, browsing details, device details and language settings. This information is aggregated to measure the number of visits, average time spent on the site, pages viewed and similar information. Inferless uses this information to measure the site usage, improve content and to ensure safety and security, as well enhance performance of our Platforms.
  3. We may collect your Data automatically via Cookies, pixels and similar technologies in line with settings on your browser. For more information about Cookies, please see the section below, titled “Cookies”.
  1. OUR USE OF DATA

    Any or all the above Data may be required by us from time to time to provide information relating to Inferless and to work on the experience when using our Platforms. Specifically, Data may be used by us for the following reasons:

  1. carry out our obligations arising from any contract entered into with Inferless;
  2. provide products and/or services and communicate with you about products and/or services offered on our Platforms;
  3. enable Inferless and Partners to offer their products and/or services and communicate with you about such products and/or services;
  4. processing, disclosing, transmitting, and/or sharing the data/information with third parties which have business or contractual dealings with us;
  5. provide you with offers (including for financial products and/or services), personalized services and recommendations and improve your experience on our Platforms;
  6. operate, evaluate and improve our business and our Platforms;
  7. generate aggregated data to prepare insights to enable us to understand customer behaviour, patterns and trends with a view to learning more about your preferences or other characteristics;
  8. provide privileges and benefits to you, marketing and promotional campaigns based on your profile;
  9. in connection with loyalty programs owned and operated by us;
  10. communicate with you (including to respond to your requests, questions, feedback, claims or disputes) and to customize and improve our services;
  11. enforce the terms of use of our Platforms;
  12. protect against and prevent fraud, illegal activity, harm, financial loss and other legal or information security risks; and
  13. serve other purposes for which we provide specific notice at the time of collection, and as otherwise authorized or required by applicable law.

We treat these inferences as personal information (or sensitive personal information, as the case may be), where required under applicable law. Some of the above grounds for processing will overlap and there may be several grounds which justify our use of your personal information.

Where required under applicable law, we will only use your personal information with your consent; as necessary to provide you with products and/or services; to comply with a legal obligation; or when there is a legitimate interest that necessitates the use.

  1. MINORS

    Our Platforms do not offer products or services for use by minors. If you are under 18, you may use our Platforms only with the involvement of a parent or guardian.

  1. SHARING OF DATA

We may share your Data with/ for:

  1. Partners: We may make available to you services, products, or applications provided by Partners for use on or through our Platforms. If you choose to use such service, customer information related to those transactions may be shared with such Partner. Such Partners will be required to respect the security of your Data and to treat it in accordance with this privacy policy and applicable law.


  1. Service Providers:  We may share your Data with Service Providers. Examples include storing and analyzing Data, protecting and securing our systems, providing search results and links, providing customer service, credit analysis, processing your information for profiling, user analysis and payment processing. These Service Providers will be required to only process Data in accordance with express instructions and as necessary to perform services for purposes set forth in this Privacy Notice. The Service Providers will also be required to safeguard the security and confidentiality of the Data they process by implementing appropriate technical and organizational security measures and confidentiality obligations binding employees accessing Data.

  1. Protecting Inferless: We may release Data when we believe release is appropriate to comply with applicable law or legal process, enforce or apply the Terms of Use of our Platform and other agreements, protect Inferless against harm or financial loss, when we believe disclosure is necessary to protect individuals’ vital interests, or in connection with an investigation of suspected or actual fraudulent or illegal activity. This may include exchanging information with other companies and organizations for fraud protection, risk management and dispute resolution.  This does not include selling or otherwise disclosing personally identifiable information from users for commercial purposes in violation of this Privacy Notice.

  1. Business Transfers: As we continue to develop our business, we might sell or buy subsidiaries or business units. Your Data (including in relation to loyalty programs) may be transferred as part of such transaction.

  1. Third Parties:  We may also share your Data with other third parties where:

  1. You request or authorize us to do so;
  2. We need to comply with applicable law or respond to valid legal process; or
  3. We need to operate and maintain the security of our Platforms, including to prevent or stop an attack on our computer systems or networks.

We require these third parties by contract to only process sensitive personal data in accordance with our instructions and as necessary to perform services on our behalf or in compliance with applicable law. We also require them to safeguard the security and confidentiality of the sensitive personal data they process on our behalf by implementing appropriate confidentiality, technical and organizational security measures.

  1. KEEPING DATA SECURE


We will use technical and organisational measures to safeguard your Data and we store your Data on secure servers. Technical and organisational measures include measures to deal with any suspected data breach.  If you suspect any misuse or loss or unauthorised access to your Data, please let us know immediately by contacting us by e-mail.


  • RETENTION OF DATA

    Inferless retains Data for as long as necessary for the use of our Platforms or to provide access to and use of our Platforms, or for other essential purposes such as complying with our legal obligations, resolving disputes, enforcing our agreements and as long as processing and retaining your Data is necessary for our legitimate interests. Because these needs can vary for different data types and purposes, actual retention periods can vary significantly. Even if we delete your Data, including on account of exercise of your right under Clause 11 below, it may persist on backup or archival media for audit, legal, tax or regulatory purposes.


  1. YOUR RIGHTS AND CHOICES


  1. When we process Data about you, we do so with your consent and/or as necessary to operate our business, meet our contractual and legal obligations, protect the security of our systems and our customers, or fulfil other legitimate interests of Inferless as described in this Privacy Notice.
  2. We may transfer Data we collect about you to recipients in India, where we are headquartered.  India may not have the same Data Protection Laws as the country in which you initially provided the information. When we transfer your Data to India, we will protect that information as described in this Privacy Notice, as disclosed to you at the time of data collection or as described in our program-specific privacy notice. For processing your Data under this Policy we may transfer your Data to Partners outside India. Such transfer shall be in accordance with Data Protection Laws of India.
  3. Depending on which Data Protection Laws are applicable to you, you may have the right or choice to:
  1. opt out of some collection or uses of your Data, including the use of cookies, pixels and similar technologies and the use of your Data for marketing purposes.
  2. access your Data, rectify it, restrict or object to its processing, or request its deletion or anonymization.
  3. change or edit information submitted to us.
  4. receive the Data you provided to us to transmit it to another company.
  5. withdraw any consent provided or alter your preferences.
  6. where applicable, lodge a complaint with your supervisory authority.
  1. You may submit a request as described in the contact us section below. We will not charge you for any request. Where we are legally permitted to do so, we may refuse your request.  If we refuse your request, we will tell you the reasons why.
  2. You may write to us for the following rights in relation to your Data:
  1. Right to Correction - the right to have your Data rectified if it is inaccurate or incomplete.
  2. Right to request deletion- the right to request that we delete or remove your Data from our systems.
  3. Right to Withdraw Consent – the right to withdraw your consent provided earlier.
  1. For information about managing your Data and promotional communications, please connect with us by emailing to [email protected]
  2. It is important that the Data we hold about you is accurate and current. Please keep us informed if your personal information changes during the period for which we hold it.


  1. WHERE WE STORE DATA
    Data collected under this Privacy Notice is hosted on servers located in USA.


  1. PROCESSING YOUR DATA
    We take steps to ensure that the Data we collect under this Privacy is processed according to the provisions of this Policy and the requirements of applicable law.

    To ensure that your Data receives an adequate level of protection, we have put in place appropriate written contracts with Partners and Service Providers that we share your Data with. This ensures your Data is treated by such parties in a way that is consistent with applicable law.

  1. COOKIES, PIXELS AND SIMILAR TECHNOLOGIES

  1. Our website and mobile application may place and access certain Cookies on your device. Cookies are unique identifiers that we transfer to your device to enable our systems to recognize your device.  We also use pixels and similar technologies to analyse traffic on our website and mobile application to improve your experience of using them.
  2. When you first visit our website and mobile application, you will be presented with a pop-up screen informing you of our use of Cookies and asking you to provide your consent for such use. The pop-up screen may not reappear for all your subsequent visits to our website and mobile application, but you may adjust your web browser software if you do not wish to receive Cookies or web beacons, but this may prevent you from taking advantage of some of the features of our website and mobile application.

  1. SECURITY

    Inferless implements standard measures to protect against unauthorized access to and unlawful interception of Data. However, no internet site can fully eliminate security risks. Inferless endeavors to take all measures to protect the security, integrity and confidentiality of the Data against unauthorized breach and hacking. For the purpose of checking possible vulnerabilities and attacks, Inferless may conduct periodical internal review of data and security measures on the Platforms. However the internet is not absolutely a secure environment, and the Platforms cannot ensure or warrant a 100% security of the Platforms.
    If you are provided with any identification code, password or any other piece of information as part of the Website’s security procedure, you should treat such information as confidential and not disclose it to any third party including to other users. You are solely responsible for the activities that occur under your account including the confidentiality of the your password and Inferless is not responsible for the same.

    Notwithstanding anything contained in this Policy or elsewhere, Inferless shall not be held responsible for any loss, damage or misuse of the Data, if such loss, damage or misuse is attributable to a Force Majeure Event. A "Force Majeure Event" means any event that is beyond the reasonable control of Inferless and includes, without limitation, fire, flood, explosion, acts of God, civil commotion, strikes, lock outs or industrial action of any kind, riots, insurrection, war, acts of government, power failure, sabotage, computer hacking, unauthorised access to computer data and storage device, system failure, virus, attacks, bugs, computer crashes, breach of security and encryption.


  1. SEVERABILITY

    If any court or competent authority finds that any provision of this Policy (or part of any provision) is invalid, illegal or unenforceable, that provision or part-provision will, to the extent required, be deemed to be deleted, and the validity and enforceability of the other provisions of this Policy will not be affected.

  1. CHANGES TO THIS POLICY

    Our business changes constantly and our Policy will change also. We may e-mail periodic reminders of our notices and conditions, unless you have instructed us not to, but you should check our Platforms frequently to see recent changes.  The updated version will be effective as soon as it is accessible. Any changes will be immediately posted on our Platforms and you are deemed to have accepted the terms of the updated Policy on your first use of our Platform or first purchase of the products and/or services following the alterations. We encourage you to review this Policy frequently to be informed of how we are protecting your information.

  1. HOW TO CONTACT US

    To request to review, update, or delete your personal information or to otherwise reach us, please submit a request by e-mailing us at [email protected]. We will respond to your request within 30 days.

GRIEVANCE OFFICER Please see below the details of our grievance officer:

Name:  Aishwarya Goel (CEO)

Email: [email protected]

Term
Definition
Data subject
A data subject who is the subject of personal and sensitive personal data.
Personal data or Personally
Identifiable Information
(PII)
PII is any information about an individual (the data subject) which can
- any information that can be used to distinguish or trace an individual‘s identity;
- any other information that is linked or linkable to an individual
Examples included but not limited to: Name, Address, Date of birth etc.
Sensitive Personal
Information (SPI)
Sensitive personal data means personal data consisting of information but not limited to the following attributes of the data subject:
- password
- financial information such as bank account or credit card or debit card or other payment instrument details;
- physical, physiological and mental health condition;
- sexual orientation;
- medical records and history;
- genetic or biometric information;
- racial and ethical origin;
- political opinions;
- religious or philosophical beliefs;
- trade union membership;
- any detail relating to the above clauses as provided to body corporate for
    providing service; and
- any of the information received under above clauses by body corporate     for processing, stored or processed under lawful contract or otherwise:
Provided that, any information that is freely available or accessible in public domain or furnished under the Right to Information Act, 2005 or any other law for the time being in force shall not be regarded as sensitive personal data or information for the purposes of these rules.
Third Party
All external parties – contractors, interns, summer trainees, vendors – who have access toIDQPL information assets or information systems.
Data protection and
security
Anyone collecting personal and customer information must fairly and lawfully process it, process it only for limited, specifically stated purposes, use the information in a way that is adequate, relevant and not excessive, use the information accurately, keep the information on file no longer than absolutely necessary, process the information in accordance with your legal rights, keep the information secure and never transfer the
information outside the country without adequate protection