This legal document is an electronic record in terms of India’s Information Technology Act, 2000, and rules there under as applicable and the amended provisions pertaining to electronic records in various statutes as amended by the Information Technology Act, 2000. This electronic record is generated by a computer system and does not require any physical or digital signatures.
References in these Terms to "we" or "us" or “website” or “company” are references to www.sandcupstudio.com and “you” as subscriber/user of a website.
While providing information for various web development services, the issue of online privacy is extremely crucial for SandCup, which is committed for safeguarding the information provided by its users. We are dedicated to create a reasonably secured environment for our users.
Information we may collect about you
Information you give us: During the process of Contact us/get in touch, you will be requested to complete a registration form asking for basic online contact information about yourself or provide us with your details over the phone, for example when you request for a quote on specific development service, register to attend one of our events (whether as a delegate, exhibitor or attendee) or subscribe to our mailing list. This information might include your name, address, email address, phone number and other relevant information. You agree and acknowledge that when we receive e-mails from you, we may retain the content of any e-mail messages sent to us, as well as details of your e-mail address. You further agree and acknowledge that we shall use your email ID and mobile number information for sending promotional/informational messages.
Information we collect about you: We will collect any information contained in any correspondence between you and us via contact forms on websites, and emails or telephone calls.
We may collect, for the purposes of service & solutions promotions and any events that we exhibit or participate, information about your location in and engagement with the event.
We use third party analytics services for more detailed analytics purposes. It is important for us to inform you that we will have limited control over these Analytics and therefore you clearly agree and acknowledge that we shall not be held responsible for privacy issues relating to the same.
Information we receive from third parties: We may collect information about you from third parties that we work closely with for the purposes of delivering to you the services rendered by us. Third party entities may collect information directly from your websites or your digital presence. We may also receive information about you from third parties where you have consented to such third party sharing your information.
How we use information about you
We use personal data to:
The purpose of this is:
The applicable legal basis:
Provide you with information that you have requested from us, in relation to development services and other services we provide (for example online webinars, news and promotional materials).
We will need to use your contact details to keep you updated about the products or services you have indicated you are interested in.
By specifically requesting information from us, you are consenting to us using your personal data for the purposes of communicating such information to you.
To invite you to meet us at the events and exhibitions.
We will need to use your details for planning of business meeting.
Where you have registered to attend or meet at an event, we need to use your personal data in this way to perform our business ties and meetings.
Analyse user traffic to measure use of our websites and improve their content.
We may use information such as your IP address for analytical purposes of our pages, this could also include improving the content of our websites and services.
We have identified web analytics as a legitimate interest of our business, and allow us to better meet your needs as a customer.
To comply with or abide by legal obligations or requirements.
We may need to use or process your personal data to comply with some legal requirements.
Where we need to process your data for these reasons, the legal basis will be compliance with a legal obligation.
You can find out more information on the privacy notice provided at the time you submit your data to us or in your contract with us (if applicable).
Who we might share your data with
In certain circumstances we may share your personal information with:
Government authorities for legal compliances and processes.
Third party vendors that could help you in your projects and business, with your consent.
Website users through testimonials and portfolio, with your consent.
Event organizer’s portal that ask for specific information to send meeting invitations.
Internal references and contacts that could help you in your business, with mutual consent of the both parties.
New customers that ask for region-specific references, with your consent.
AWS if you have opted for Cloud services.
Any other third parties where necessary to enable us to enforce our legal rights, or to protect the rights, property or safety of our employees or where such disclosure may be permitted or required by law.
Third Party Content, Sites, and Contributions
How we look after your data and how long we keep it for
We use a variety of technological and operational security measures to protect your information against any unauthorized access to, unlawful use of and modification and destruction of any personal data we store.
Transmission of information over the internet can be insecure, and although we employ measures to protect your information from unauthorized access, we cannot always guarantee the security of information sent over the internet.
Where we store your information
Where you are interacting with a SandCup, our local High-end IBM cluster servers & IBM Storage servers are secured with Sonic wall firewall and online servers are on secured cloud platforms and on top of that SandCup has configured some extra layer of data protection and security requirement.
SandCup has a systematic and ongoing approach for managing information security that affect the confidentiality, integrity, and availability of company and customer information.
Your rights in relation to your Personal Data
You have the right to:
Request a copy of the personal data that we keep about you, by making a request in writing to the Data Protection Officer. You can ask us to provide the data in a commonly used machine readable format.
Contact the Data Protection Officer if you are concerned that any of the information we hold on you is incorrect, to have that data corrected.
Contact the Data Protection Officer to ask us to stop processing your data, or withdraw consent where we are relying on consent as the legal basis for any processing of your data.
Contact the Data Protection Officer to request that we delete your personal data.
Once you are registered at the our site, you will have the option at any stage to inform us that you no longer wish to receive future services, e-mails and you may “unsubscribe” by sending unsubscribe request. Further, as per Rule 5(7) of the India’s Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011 of Information Technology Act, 2000 amended through Information Technology Amendment Act, 2008, you have an option to withdraw your consent for use of your sensitive personal data given earlier to us. Such withdrawal of consent shall be sent in writing to our registered address.
Reasonable Security Practices As per I.T.Act, 2000 and its Rules We have implemented reasonable security practices as per Rule 8 of the India’s Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011 of Information Technology Act, 2000 amended through Information Technology Amendment Act, 2008.
We have implemented stringent, internationally acceptable standards of technology, managerial security, technical security, operational security and physical security in order to protect your personally identifiable information from loss, misuse, disclosure, alteration or destruction. The data resides behind a firewall, with access restricted to our authorized personnel’s only.
We have implemented “Reasonable Security Practices” as required by the India’s Information Technology Act, 2000 rules including any amendment in the said Act and its rules. By complying with such provisions, We assure you proper care and control over our I.T. and Security operations as required under relevant sections mainly section 43, 43A, 45, 66,72A & 85 of I.T.Act, 2000 and I.T.A.A, 2008 including related rules and therefore you agree that we shall not be held responsible for any fraudulent/criminal activity with regards to your sensitive personal information stored in our website.
By using this website you agree that we shall not be held responsible for any uncontrollable security attacks and in such cases you agree that we shall not be held responsible for any type of financial losses, loss of opportunity, legal cost, attorney’s fees, business losses, reputation loss, direct and indirect losses that may occur to you as per the Provisions of Section 43, 43A and 45 of Information Technology Act, 2000 including any amendments in the said Act and any other laws of India for the time being in force.
You further agree that our management shall not be held responsible directly or indirectly for any cyber-crime related criminal liabilities under I.T.Act,2000 relating to your information as you have agreed and acknowledged that our management complies with due diligence (care & controls) requirements of I.T.Act,2000 including its rules and amendments.
Our reasonable security controls include but not limited to following:
HTTPS Connection Encrypted (TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 256 bit keys, TLS1.2)
Cyber Law & Security Compliance intimation letters to our team
Cyber Law & Security Awareness for our team by professional cyber lawyers and information security consultant’s firm
Further, you also agree and acknowledge that our management shall never be held responsible regarding privacy of your sensitive personal data in case of sharing your sensitive personal data to any authorized cyber investigation agency of appropriate government authorities as required under sections 67C, 69, 69A, 69B, 70B, 79 and 80 of I.T.Act,2000 including its amendments and rules.
If you have any questions or grievances regarding the privacy statement, practices of the site, or any other transaction issue, please contact our grievance officer on firstname.lastname@example.org
We have appointed our grievance officer as per Rule 5 (9) of the Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011 of Information Technology Act, 2000 amended through Information Technology Amendment Act, 2008.
Amendments to these Policies
We reserve the right to amend these policies from time to time. When we make a change we will update this page of the Website. We recommend that you revisit this page from time to time so as to ensure that you are aware of any changes that we have made to these Policies.
Applicable Laws & Jurisdiction