Your Privacy is Important for Us
DeskXpand is committed to ensure that we serve you and your requirements in the most efficient manner. And while doing so, we ensure that your privacy is well-protected. In order to ensure that we deliver our commitment, we keep transparent processes about the data we collect about you, how it is used and it is never shared with any third parties with or without our conscious efforts.
Our users (“Members”) share details such as their name, email address, country, phone number, exchange knowledge and the nature of their requirements with us. This content and data is only viewable to our employees (“Team Members”).
We use the term “Listed Countries” to refer to countries in the European Union (EU), European Economic Area (EEA), and Switzerland.
Data Controllers and Contracting Parties
If you are a resident from any of the “Listed Countries” or anywhere across the globe, DeskXpand- a registered domain of Biztech IT Consultancy Private Limited will be the controller of your personal data provided to, or collected by or for, or processed in connection with our Services; you are entering into the User Agreement with Biztech IT Consultancy Private Limited.
1. Data We Collect
1.1 Data You Provide to Us
You provide data when you (i) sign-up, (ii) share a query using any of the forms for our products or services, (iii) purchase any of our products or services, and/or (iv) purchase one of our subscription based products where the 'usage data' of your end customers gets stored on one of our servers.
1.2 Single Click Sign-in
You can login to DeskXpand’s tool using sign-in services with Google, Instagram, and Facebook. They will authenticate your identity and provide you with an option to share your data like name, email address, and such.
This Data Includes:
For activities (i) and (ii) listed above you share data including your name, email address, mobile number, password, country and domain or website name. For (iii), if you are buying any of our products or services, you share all these details and also share your address of communication, billing information (e.g. credit card), and your store admin details for backend access. We never save your credit/debit card details. For (iv), DeskXpand is the controller of the 'usage data'; while you continue using our product, it is essential to keep this data on our servers; in the event of cancellation of your subscription to our product, DeskXpand would no longer be storing this data from the 31st day of the date of cancellation.
Cookies consist of portions of code installed in the browser that assist the Owner in providing the Service according to the purposes described. Some of the purposes for which Cookies are installed may also require the User's consent.
Where the installation of Cookies is based on consent, such consent can be freely withdrawn at any time following the instructions provided in this document.
The services contained in this section enable the Owner to monitor and analyze web traffic and can be used to keep track of User behavior.
Analytics collected directly (This Application)
This Application uses an internal analytics system that does not involve third parties.
Personal Data collected: Cookies and Usage Data.
2. How We Use Your Data
We use your data through activity (i) and (iii) to fulfill your requirement through interacting with you to ensure your query is handled in the most efficient manner. Through activity (ii) we aim to provide products or services you ordered, provide support, personalize and develop our services to serve you better.
We never share your data with any third parties. In the event of having a local copy of your store for development purposes, we clean the data at regular intervals. In these specific instances we act as “Processors” for your end customers’ data.
Once you are registered at our site, you will have the option at any stage to inform us that you no longer wish to receive future services, e-mails and you may “Unsubscribe”, “Opt-Out” or by sending an Unsubscribe Request through our support ticket.
Further, as per Rule 5(7) of the Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011 of Information Technology Act, 2000 amended through Information Technology Amendment Act, 2008, you have an option to withdraw your consent for use of your sensitive personal data given earlier to us. Such withdrawal of consent shall be sent in writing to our registered address.
4. Reasonable Security Practices As per I.T.Act, 2000 and its Rules
We have implemented reasonable security practices as per Rule 8 of the Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011 of Information Technology Act, 2000 amended through Information Technology Amendment Act, 2008.
We have implemented stringent, internationally acceptable standards of technology, managerial security, technical security, operational security and physical security in order to protect your personally identifiable information from loss, misuse, disclosure, alteration or destruction. The data resides behind a firewall, with access restricted to our authorized personnel only.
We have implemented “Reasonable Security Practices” as required by the Information Technology Act, 2000 rules including any amendment in the said Act and its rules. By complying with such provisions, We assure you proper care and control over our I.T. and Security operations as required under relevant sections mainly section 43, 43A, 45, 66,72A & 85 of I.T.Act, 2000 and I.T.A.A, 2008 including related rules and therefore you agree that we shall not be held responsible for any fraudulent/criminal activity with regards to your sensitive personal information stored in our website.
By using this website, you agree that we shall not be held responsible for any uncontrollable security attacks and in such cases, you agree that we shall not be held responsible for any type of financial losses, loss of opportunity, legal cost, attorney’s fees, business losses, reputation loss, direct and indirect losses that may occur to you as per the Provisions of Section 43, 43A and 45 of Information Technology Act, 2000 including any amendments in the said Act and any other laws of India for the time being in force.
You further agree that our management shall not be held responsible directly or indirectly for any cyber crime related criminal liabilities under I.T.Act,2000 relating to your information as you have agreed and acknowledged that our management complies with due diligence (care & controls) requirements of I.T.Act,2000 including its rules and amendments.Our Reasonable Security Controls Include, But Not Limited to the Following:
- Software firewall
- HTTPS (SHA 256 bit encryption)
- Cyber Law & Security Compliance intimation letters to our team
- Cyber Law & Security Awareness for our team
Further, you also agree and acknowledge that our management shall never be held responsible regarding privacy of your sensitive personal data in case of sharing your sensitive personal data to any authorized cyber investigation agency of appropriate government authorities as required under sections 67C, 69, 69A, 69B, 70B, 79 and 80 of I.T.Act, 2000 including its amendments and rules.
GOOGLE API DISCLOSURE
DeskXpand has the functionality that allows its customers to connect their Gmail mailbox with our products. Connecting your Gmail mailbox to your DeskXpand account allows us to associate your account with your personal information on Google. It helps us see your personal information, to view your email address and access your emails in order to create them as a ticket in our products. The connection will allow you to respond to your emails directly from our product and to delete them once they are fetched into our product.
DeskXpand’s use and transfer to any other app of information received from Google APIs will adhere to Google API Services User Data Policy's App's, including the Limited Use requirement.
If you have any questions or grievances regarding the privacy statement, practices of the site, or any other transaction issue, please contact our support officer by submitting a ticket through support ticket.
We have appointed our support officer as per Rule 5 (9) of the Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011 of Information Technology Act, 2000 amended through.
Information Technology Amendment Act, 2008 and you can contact us on the above given email address.
Applicable Laws & Jurisdiction
ISO/IEC 27001:2013(E) Standards
Kindly note that we have applied for the ISO 27001 standards of compliance, and at present we are maintaining the standards stipulated. In case you have any specific requirements beside the ones listed in the ISO/IEC 27001:2013(E) Standards, kindly notify us in advance.