Introduction

Your privacy matters to us!

Kramah is dedicated to safeguarding your privacy while you use our website and services. This Kramah Privacy Policy (“Policy”) outlines the requirements to ensure compliance with relevant data privacy laws and regulations concerning the collection, usage, and transmission of Personal Data and Sensitive Personal Data for information gathered by us about you.

This website is managed by [Your Company Name], a Private Limited Company also referred to as “Kramah,” “we,” “us,” or “our.” This privacy policy (“Policy”) explains how we gather, use, and disclose information about our users when you access our mobile application (the “App”), our website (the “Site”), and other online products and services linked to this Policy (collectively, the “Service”). We refer to our users as “User,” “you,” or “your.” We also use terms like “Potential Customers” for those visiting our site or requesting information about our Services, “Customer Company” for our organizational customers, and “Employee User” for individual employees of Customer Companies who use the App, the Site, and the Service through their employer.

By utilizing the Service, you consent to our collection, use, and disclosure of your personal information as described in this Policy. Safeguarding the privacy rights of data subjects and protecting their Personal Data is treated as a fundamental right and a legal obligation in many parts of the world. As a global organization, we respect the privacy of data subjects and are committed to complying with applicable data privacy laws and regulations (including but not limited to the EU General Data Protection Regulation 2016/679, California Consumer Privacy Act/California Privacy Rights Act, The Privacy Act 1988 (Australia), Data Protection Act 2018 (UK), Information Technology Act 2000 read along with the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and other relevant privacy laws) to the extent that they apply to Kramah’s data processing and business operations (the “Data Privacy Laws”).

We take your privacy seriously. If you have any questions about this Policy or privacy at Kramah, please contact us at [Your Contact Email Address].

This privacy policy covers:

Information We Collect and How We Collect It
How We Use and Share This Information
Accessing and Updating Your Information
Your Choices Regarding Information Collection
How We Protect Your Stored Information
Use Restrictions
Third-Party Site Access
Definitions

1. Information We Collect and How We Collect It

a. Information from Customer Companies

When a Customer Company expresses interest in our Service, we collect the following information through our sign-up form: full name, email address, company name, and phone number. This information is collected via a landing page accessible to interested Customer Companies through forms on various directory services detailed in our Third-Party Provider.

b. Personal Data from Employee Users

We gather human resource (“HR”) information and other details about Employee Users from the Customer Company, and at the Customer Company’s discretion, such as full name, email address, phone number, or any other information required from time to time. This data is provided directly or indirectly by the Customer Company’s HR department, or through systems like HRMS and Single Sign-On systems, and is maintained in our system to enable analytics.

c. Employee Opinions

When Employee Users respond to surveys or engage in conversations with peers on the App, Site, or System by voting on surveys or engaging in text conversations between peers, we collect their opinions. Employee User votes or comments are associated with their authors.

d. Tracking Information

When a User visits our Site, we gather certain tracking data (“Tracking Information”). We utilize Google Analytics and Freshdesk for Tracking Information. The following Tracking Information is collected: email address, device ID, and IP address.

e. Payment Information

If a third party is not paying for the service on your behalf, we will collect the billing and financial information needed to process your charges for Kramah services that require payment, including postal and email addresses. Kramah may also receive billing and payment information provided when your purchase is processed by another party, such as PayPal, etc.

f. Technical and Usage Information

When you access our websites or use our Services, we collect technical information about your mobile device or computer system, including IP Address and mobile device ID. We also collect usage statistics about your interactions with the Service. This information is typically collected using server log files, web log files (“Log Files”), mobile device software development kits, and tracking technologies like browser cookies to collect and analyze specific types of technical information.

g. Cookies and Automated Information Collection

When you access the Service, we collect specific technical information to analyze site and service usage, provide a more personalized experience, and manage testimonials. You can configure your web browser to notify you about attempts to place cookies on your computer or limit the type of cookies you allow.

h. Other Sources

We may collect or receive information from other sources, including third-party information providers. This information will be used to supplement your profile, primarily to facilitate connections with your friends.

2. How We Use the Information We Collect

In general, we collect, store, and use your information to provide you with a safe, efficient, and customized experience. For example, we may use the information collected from you for one or more of the following purposes:

Provide, maintain, and improve our Service.
Provide and deliver the Service Customer Company requests and configures, process transactions, and send related information, including confirmations.
Investigate system issues impacting our Service provision.
Send you technical notices, updates, confirmations, security alerts, and support and administrative messages.
Respond to your comments, questions, and requests and provide customer service.
Communicate with you about products, services, offers, promotions, rewards, and events offered by Kramah and others, and provide news and information we think will interest you.
Monitor and analyze trends, usage, and activities in connection with our Service and improve and personalize the Service.
Personalize and improve the Service, content, or features to match user profiles or interests.
Link or combine your information with information we receive from others to understand your needs and provide better service.
Connect you with other users in your Contacts.
We will not sell, rent, or share Personal Data with third parties outside our company without your consent unless required for specific reasons such as law enforcement, internal operations, or protecting our rights.

3. Data Recipients, Transfer, and Disclosure of Personal Information

We do not share your Personal Information with third parties for their direct marketing purposes. However, we may use or disclose your Personal Information when required by law or to protect our rights, your safety, or the safety of others, investigate fraud, or comply with legal processes.

a. Business Transfer

Kramah may sell, transfer, or share some or all of its assets, including your Personal Data, in connection with a merger, acquisition, reorganization, or sale of assets or in the event of bankruptcy. In such cases, we will make reasonable efforts to notify users if their personal information will be disclosed, transferred, or subject to a different privacy policy.

b. Third Parties

We may contract with other companies and individuals to perform functions or services on our behalf, such as software maintenance, data hosting, and sending email messages. We share Personal Data with these third parties as required for them to perform their functions. We take necessary steps to ensure that these parties prioritize your privacy, including entering into Data Processing Addendum(s), EU Model Clauses, and ensuring they have EU-U.S. and Swiss-U.S. Privacy Shield certification where applicable.

4. How Is Your Data Protected?

We have implemented reasonable administrative, technical, and physical security measures to protect your personal information from unauthorized access, destruction, or alteration. These security measures include but are not limited to:

SSL encryption (https) for personal data in transit.
Encryption of Personal Data at rest.
Secure, encrypted servers for data storage.
Restricting staff access to Personal Data, protected by password logs and two-factor authentication.
Non-Disclosure Agreements with vendors.
Regular staff privacy and security training.

5. Retention and Disposal of Personal Data or Personal Information

We retain and dispose of personal data according to the following timeframes:

User Data: 7 years from the termination of the contract.
Employee Data: 8 years per the Indian Companies Act.
Financial Data: 8 years per the Indian Companies Act.
Audit Logs: 1 year.
Other Records: 3 years.

6. Children’s Personal Information

We do not knowingly collect personal information from children under the age of 18. If you are under the age of 18, please do not submit personal information through our Websites or Services. Parents and guardians are encouraged to monitor their children’s Internet usage and instruct them not to provide personal information without permission. If you believe a child under the age of 18 has provided personal information to us, please contact us, and we will make commercially reasonable efforts to delete that information.

7. Your Rights in Relation to Your Information

You have certain rights concerning your information, including:

Access: You have the right to access the personal data we hold about you.
Right to Object: You can object to the processing of your personal data.
Rectification: You can request the correction of inaccurate personal data.
Erasure: To the extent permitted by applicable data protection laws, you can request the erasure of personal data.
Request for Restriction of Processing: You can request the restriction of processing of personal data in certain circumstances.
Portability: You can obtain your personal data to reuse it.
To exercise any of these rights, please email us at [Your Contact Email Address].

8. California Privacy Rights

If you are a California resident, you have specific rights under the California Consumer Privacy Act of 2018/California Privacy Rights Act (CCPA/CPRA). These rights include:

Access: You can request information about the personal data we have collected about you over the past 12 months.
Deletion: You can request the deletion of personal data we have collected from you, subject to certain exceptions.
To exercise these rights, you must send a request that allows us to verify your identity and describes your request in detail. You may also authorize an Authorized Agent to exercise your rights on your behalf.

We will not discriminate against you for exercising your rights under the CCPA/CPRA.

Complaints and Grievances

For complaints or grievances related to our use of Personal Data, Personal Information, or Sensitive Personal Data, and for communications regarding the enforcement of your privacy rights, please contact at:

Attn: CEO/MD
Email ID: rajeev.raghunath@kramah.com

Updates to Our Policy

We may amend or update our Privacy Policy, and we will provide notice of these changes as appropriate. Please review our Privacy Policy periodically.