This Privacy Policy (“Policy”) explains how Aheesa Digital Innovations (“Aheesa”) collects, uses, shares, and protects personal data obtained through its websites, applications, and related services . It is designed to comply with the Digital Personal Data Protection Act, 2023 (“DPDP Act”), the Information Technology Act, 2000, and applicable amendments, rules, regulations and guidelines enacted thereunder from time to time (“IT Act, 2000”) with specific mention of regulation 4 of the Information Technology (Reasonable Security Practices and Procedures and Sensitive personal information) Rules, 2011, and any other national and state laws which relate to the processing of data and other applicable laws.
Aheesa considers the privacy and security of the personal information of its users a matter of highest importance. Accordingly, this Policy has been designed and implemented to protect user information. This Privacy Policy is an electronic record in terms of the IT Act ( and any other applicable law including Digital Personal Data Protection Act, 2023 and its ensuing rules as and when applicable). This electronic record does not require any physical or digital signatures. Any new features and/or services that are added to the current scope of services offered by Aheesa at any point in the future shall also be subject to the terms set out in this Policy along with any other future relevant legislation to be incorporated as per the laws of the land.
By accessing Aheesa’s website and using its services, the user consents to the practices described in this policy.
This Privacy Policy shall apply to any person who visits, browses, uses, or accesses Aheesa’s Website or uses any Services listed currently and in the future on Aheesa’s Website. All updates to this Policy will be communicated through Aheesa’s website and/or other appropriate channels.
1.Scope of this Policy
This policy applies to:
- Personal data of users collected through Aheesa’s websites and other online platforms.
- Data provided by users, customers, employees, vendors, and business partners.
- Information gathered during recruitment and operational processes.
- Data gathered automatically via digital platforms.
2.Definitions
2.1.Personal Data: Information that identifies or can identify an individual, such as name , contact details, and online identifiers.
2.2.Sensitive Personal Data: Information such as financial data, biometric data, health information, or any other data classified as sensitive under applicable laws.
3.Collection of Personal Data
3.1.User Data: Personal data is collected directly from individual users in the following situations:
- Where a user expresses interest in Aheesa’s product offerings, by providing their name, email ID, and phone number through Aheesa’s website through the contact option.
- Where a user expresses interest in working with Aheesa, by contacting Aheesa to get a quote for the services provided.
- Where a user voluntarily provides feedback on any of Aheesa’s message boards or via email.
3.2.Business and Professional Contacts: Limited data such as names, job titles, and contact details may be collected from business partners and vendors.
3.3.Employee details: Personal data of employees such as name, address, email ID, phone number, date of birth, copies of educational certificates, curriculum vitae, and identity documents may be collected during recruitment and operational
processes.
3.4.Visitors to Premises: Visitors’ names, contact details, and biometric data (e.g., fingerprints) may be collected upon their visit to Aheesa Digital Innovations’ premises. CCTV footage is recorded for security purposes.
3.5.Automatic Collection: Data such as device identifiers, IP addresses, geolocation, and user preferences are collected via cookies and similar technologies. Users may learn more from Aheesa’s Cookie Policy.
3.6.Indirect Collection: Data on users may be received indirectly through leads databases, webinars, podcasts, blogs, forums, and events and tradeshows, among other avenues.
4.Purpose and Use of Personal Data
Aheesa processes personal data for the following purposes:
- Providing information on the services to users who sign up to receive a quote from Aheesa Digital Innovations
- Providing information on the services and related topics to users
- Fulfilling contractual obligations
- Facilitating transactions
- Training staff to provide better service
- Providing information on offers and promotional activities and special offers on other products and services that Aheesa thinks that a user may like
- Complying with legal and regulatory requirements
- Improving website functionality and personalizing user experience
- Marketing and promotional communications with consent
- Recruitment, employment, and operational management
- Conducting analytics and research
The specific purposes and data collected are provided in detail in the table below:
–----------------------|---------------------------------------------------
Purpose | Data Collected
–----------------------|---------------------------------------------------
Waitlist registration | Name, Email ID, Contact Number
–----------------------|---------------------------------------------------
Newsletter registration| Email ID
–----------------------|---------------------------------------------------
Employee recruitment | Name, Email ID, Contact Number, Address, ID Proof,
| Tax IDs, Bank account information, Health
| information
–----------------------|---------------------------------------------------
KYC Compliance | ID Proof, Tax IDs
–----------------------|---------------------------------------------------
Billing and Payments | Billing Address, Bank Account Details, Payment
| screenshots
–----------------------|---------------------------------------------------
Customer Support | Name, Contact Details, Nature of Inquiry
–----------------------|---------------------------------------------------
5.Sharing of Personal Data
Aheesa Digital Innovations shares personal data only in the following circumstances:
- For Regulatory and Legal Compliance: Personal data may be disclosed to regulatory authorities and law enforcement agencies as required by law.
- Partner companies: Personal data may be shared with partner companies so they may offer users their services.
- Credit reference agencies: Aheesa may send user data to, and use the resulting information from credit reference agencies to prevent fraudulent purchases.
- Third-Party Service Providers: Aheesa Digital Innovations shares data with trusted service providers for IT support, payment processing, and marketing services. Contracts ensure that all such data is used only for intended purposes.
- Business Transfers: Personal data may be transferred during mergers, acquisitions, or asset sales.
6.Data Security
6.1.Aheesa stores personal data in GDPR-compliant applications hosted in the cloud.
6.2.Aheesa implements robust measures to protect personal data, including:
- Encryption: AES-256 for sensitive data.
- Access Controls: Restricted access based on role and necessity.
- Audits: Regular security assessments and compliance reviews.
- Incident Response: Procedures to address potential data breaches promptly.
6.3.Aheesa Digital Innovations exercises care while sending mails to its users. In case of any mail other than business mails referring to Aheesa Digital Innovations or aheesa.com seems suspicious, a user should immediately contact Aheesa Digital Innovations and verify the credibility of the mail.
6.4.Aheesa Digital Innovations’ website may contain links to third party websites and other resources which may have their own privacy policies. Aheesa Digital Innovations holds no responsibility for the data entered into third party links and
urges users to go through the respective privacy policies before engaging.
7.Retention of Personal Data
All personal data is retained only as long as necessary to fulfil its purpose or comply with legal obligations. After the retention period, data is securely deleted or anonymized.
Specifically:
- Personal data and access details are stored until the service is terminated.
- Demographics and visitor behavior data are stored for 10 years.
- Employee data are stored until employment is terminated.
8.Children’s Privacy
Our services are not directed at individuals under 18. If a user believes Aheesa Digital Innovations has collected data from a minor, they are advised to contact Aheesa Digital Innovations immediately via privacy@aheesa.com.
9.User Rights
Under the DPDP Act, a user has the following rights:
- Access: Users can request a copy of their personal data as maintained by Aheesa Digital Innovations.
- Rectification: Users can request the correction of inaccuracies in their personal data as maintained by Aheesa Digital Innovations.
- Erasure: Users can request the deletion of their data as maintained by Aheesa Digital Innovations.
- Restriction: Users can limit the processing of their data as maintained by Aheesa Digital Innovations.
- Withdrawal of Consent: Users can revoke consent at any time for the use and processing of their data as maintained by Aheesa Digital Innovations.
- Opting out: Aheesa Digital Innovations may contact users regarding promotions, service/product launches, feedback and surveys. If a user wishes to opt out of these activities, they may email Aheesa Digital Innovations at privacy@aheesa.com.
To exercise any of these rights, a user can contact Aheesa Digital Innovations at privacy@aheesa.com. All requests will be processed within 45 days or as required by law.
10.Changes to the Privacy Policy
This Policy may be updated periodically to reflect legal, regulatory, or operational changes. Updates will be communicated via Aheesa Digital Innovations’ website.
11.Contact Information
For questions or concerns regarding this policy, a user may contact:
Data Privacy Officer
privacy@aheesa.com
Plot No. 772, Sri Ganapathy Nagar Colony, 5th Main Road, Semmencherry, Chennai 600119.