1. INTRODUCTION

It is the Website Privacy Policy for all the data collected/processed/stored through website of IOTA Analytics.

2. PURPOSE

Confidentiality and privacy of user data is of utmost priority to IOTA, also referred to as “We” or “Us”. This Privacy Policy, also referred to as “Privacy Statement”, has been created to demonstrate our privacy commitment to users.

This privacy statement applies to IOTA website: https://www.iotaanalytics.com.

IOTA’s websites are not intended for children under 18 years of age. IOTA does not knowingly solicit data online from, or market online to, children under 18 years of age.

3. NATURE AND CATEGORIES OF PERSONAL DATA BEING COLLECTED

IOTA may collect the following categories of personal data and sensitive personal data in providing our services:

• Website usage and similar data collected via automated means, such as cookies, IP address etc.

• Job applications, CV, and related data when you visit the Careers section

• Contact & location information when you raise a query/request/complain or schedule a call back

• Business contact data when you are one of our business partners, affiliates or third parties

4. MODES OF COLLECTION OF DATA

IOTA collects personal data for the products and services availed by you. IOTA obtains your data:

• When you contact us via one of our channels i.e., SMS, email, call, social media, etc.

• Via Cookies (please refer to cookie policy for more details: Privacy-policy )

• Via Service Providers or Third-Party Ad-Servers appointed by us.

• Via the device you use to browse our websites.

• Via ads or online content from us and our Partners.

• Via data publicly available through public and third-party platforms (such as social media), through online repositories, databases and/or directories, or that is otherwise legitimately obtained

Provision of Personal Information in some of these instances may be necessary to enable IOTA to provide you relevant services. Whereas failure to provide Personal Information may cause some services to become unavailable. Other services may be available to you without any change.

In case you prefer that we do not collect information about You, you may ‘opt-out’ by clicking on the check box provided.

IOTA may provide you with a notice as soon as —

• IOTA requests the data subject to provide his personal data

• IOTA first collects the personal data of the data subject

• In case where IOTA:

(i) uses the personal data of the data subject for a purpose other than the purpose for which the personal data was collected; and

(ii) discloses the personal data to a third party.

5. PURPOSES FOR WHICH THE PERSONAL DATA IS PROCESSED

IOTA uses your personal data to provide the services availed by you and to conduct business. Most commonly, IOTA will use your personal data for the following:

• Provide and communicate with you about services offered by IOTA, partners, affiliates and third parties.

• Developing new product and services.

• Protect against and prevent fraud, and other legal or information security risks.

• Provide connectivity and dispute resolution services as part of our services.

• Provide you with personalized services and recommendations.

• Operate, evaluate and improve our business, including anonymization and analytics.

• Process your job application.

• Serve a legal obligation.

• Serve other purposes for which we provide specific notice at the time of collection, and as otherwise authorized or required by law.

• Respond to queries and complaints received from you regarding our services and products

• Where you have given explicit consent to do so e.g., marketing communications, promotions, etc.

5.1. CHANGE OF PURPOSE

IOTA will only use your data for the purposes for which it was collected, unless it is required to be used for another reason that is compatible with the original purpose.

Please note that IOTA may process your personal data without knowledge or consent, in compliance with the above rules, where it is required or permitted by law.

6. RIGHTS OF DATA SUBJECTS

The rights that are available to you are as follows:

• Right to confirmation

• Right to access

• Right to data portability

• Right to correct/rectify

• Right to deletion

• Right to be forgotten (Right to erasure)

• Right to lodge a complaint with the Supervisory Authority

• Right to not be subject to automated individual decision-making including profiling

• Right to object

In addition to the above-mentioned rights, for personal data processed on the basis of consent, you also have the right to withdraw your consent and the right to be informed before Personal Data is disclosed for the first time to third parties or used on their behalf for the purposes of direct marketing.

You can exercise your rights by submitting a request to IOTA at info@iotaanalytics.com.

Upon receiving the request from you, IOTA will conduct a verification check to validate your identity and accordingly process the request.

Where any request made is refused by IOTA, you will be provided the reasons in writing for such refusal and have the right to file a complaint with the Authority against the refusal.

7. TELEMARKETING

IOTA will adhere to do not call registry as maintained by the nation and opted by the data subjects.

8. PERSONAL DATA SHARING AND DISCLOSURE

IOTA does not share the personal data with anyone except as described below. IOTA may share personal data as required or as permitted by law, such as:

• with regulatory authorities, courts, and governmental agencies to comply with legal orders, legal or regulatory requirements, and government requests

• with our partners, regulatory authorities, and governmental agencies to detect and prevent fraud or criminal activity, and to protect the rights of IOTA or others

• with our partners, affiliates and third parties who perform services for us, collaborate with us and/or help us operate our business.

9. DATA RETENTION

IOTA will only retain your data for as long as necessary as per mandatory retention periods provided by applicable laws, to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

We will destroy the personal data in a secure manner post retention period as per the organization retention policy and schedule.

10. REASONABLE SECURITY PRACTICES AND PROCEDURES

IOTA maintains appropriate security safeguards to protect your personal data and only retain it for a limited period. IOTA is committed to protecting the data we collect. IOTA maintains reasonable

administrative, technical, and physical safeguards designed to protect the personal data you provide, or we collect against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure or use.

11. KEY CONTACTS

•CFAO

For any additional queries related to processing of personal data or reporting of an incident/breach etc. please write to us at DPO@iotaanalytics.com

12. KEY DEFINITIONS

•"Data" includes a representation of information, facts, concepts, opinions or instructions in a manner suitable for communication, interpretation or processing by humans or by automated means.

•"Personal data" means data about or relating to a natural person who is directly or indirectly identifiable, having regard to any characteristic, trait, attribute or any other feature of the identity of such natural person, whether online or offline, or any combination of such features with any other information, and shall include any inference drawn from such data for the purpose of profiling.

•"Data controller/fiduciary" means any person, including the State, a company, any juristic entity or any individual who alone or in conjunction with others determines the purpose and means of processing of personal data.

•"Data subject/principal" means the natural person to whom the personal data relates.

•"Data processor" means any person, including the State, a company, any juristic entity or any individual, who processes personal data on behalf of a data controller.

•"Processing" in relation to personal data, means an operation or set of operations performed on personal data, and may include operations such as collection, recording, organisation, structuring, storage, adaptation, alteration, retrieval, use, alignment or combination, indexing, disclosure by transmission, dissemination or otherwise making available, restriction, erasure or destruction.

•"Sensitive personal data" means such personal data, which may, reveal, be related to, or constitute—

financial data

health data

official identifier

sex life

sexual orientation

biometric data

genetic data

transgender status

intersex status

caste or tribe

religious or political belief or affiliation or

any other data categorized as sensitive personal data under section 15 of PDPB

•"Child" means a person who has not completed eighteen years of age

•"Personal data breach" means any unauthorised or accidental disclosure, acquisition, sharing, use, alteration, destruction of or loss of access to, personal data that compromises the confidentiality, integrity or availability of personal data to a data principal.

13. CHANGES TO THIS POLICY

The policy is subject to modification from time to time. If we make any changes to this policy, we will post those changes at the top of this page or notify you by other means such as email, etc.

14. CONTACT US

If you have questions, requests, or concerns regarding your privacy and rights, please let us know how we can help.

CFAO

NAME: Vijaykumar Muthiah

EMAIL: DPO@iotaanalytics.com

Last updated on: 19 July 2024