Privacy Policy

NITORI INDIA PRIVATE LIMITED

 We, as a member of the Nitori Group, recognize that it is our social responsibility to handle personal data collected from customers and the other parties with care and rigor, and observe the matters stipulating in the "Personal data Protection Policy".

We will also make efforts to continually improve the handling of personal data.

NITORI INDIA PRIVATE LIMITED

 

Compliance with Relevant Laws and Guidelines

We pledge to comply with the applicable laws of India and relevant cabinet or ministerial orders regarding the acquisition or utilization of personal data and another handling of personal data.

 

1. Definitions

“Company” shall mean NITORI INDIA PRIVATE LIMITED having its registered office at Unit No. 304, 3rd Floor, DLF South Court , Saket, South Delhi, New Delhi, Delhi, India, 110017, and in terms of this Policy and it shall include the words “We”, “Us”, “Our”, which are used interchangeably in this Policy.

“Data” means a representation of information, facts, concepts, opinions or instructions in a manner suitable for communication, interpretation or processing by human beings or by automated means;

“Personal Data/Information” means any data that allows a User to be identified directly or indirectly and shall include “Sensitive personal data or information”;

“Processing” or “Utilization” in relation to personal data, means a wholly or partly automated operation or set of operations performed on personal data, and includes operations such as collection, recording, organisation, structuring, storage, adaptation, retrieval, use, alignment or combination, indexing, sharing, disclosure by transmission, dissemination or otherwise making available, restriction, erasure or destruction;

“Sensitive personal data or information” means such personal information which consists of information relating to;—

(i) password;

(ii) financial information such as Bank account or credit card or debit card or other payment instrument details;

(iii) physical, physiological and mental health condition;

(iv) sexual orientation;

(v) medical records and history;

(vi) Biometric information;

(vii) any detail relating to the above clauses as provided to body corporate for providing service; and

(viii) any of the information received under above clauses by body corporate for processing, stored or processed under lawful contract or otherwise: A "Data Subject" in relation to personal data in this Privacy Policy (including relevant rules or procedure referred hereto) means a specific individual identifiable by personal data and it shall include the words such as “you”, “your”, which are used interchangeably in this Policy.

 

2. Utilization Purpose

We specify the purpose of utilizing personal data (herein referred to as “utilization purpose”) and handle personal data within the necessary scope to achieve the specified purpose. of We use personal data collected through direct interactions, automated technologies (e.g., cookies), third parties (e.g., business partners and sponsors), and public sources for the following purposes:

 

• Personal Data of our customers (including users of our websites and apps)

1. Execution of contracts on our products/services, management after contract period, and after-sale service implementation;
2. Provision of products/ services you purchase, request, or have expressed an interest in;
3. Marketing of our product;
4. Registration or withdrawal from membership;
5. Inquiries, correspondence to consultation, inquiries, requests and complaints;
6. Communication about recall or defective products;
7. Announcement of products, service, campaign;
8. Product development, conducting questionnaire or monitor survey and implementing market research;
9. Preventing crime or disaster by security camera or sound recording machine;
10. Processing of payments when you place an order on our Website;
11. As otherwise required or permitted by law.

 

• Personal Data of Business Partners Data (include corporate entity’s individuals e.g: Authorised director, Contact person etc.)

1. Execution of contracts with you or your company
2. Contacting for business meetings
3. Evaluating the transaction with you or your company
4. Managing the information of you or your company
5. Complying with laws and regulation and order of the governmental authorities

 

• Personal data of Employees, Recruitment Applicants, Retirees and their families

1. Concluding contracts between you and the Company, such as employment contracts and work rules
2. Business communication, business control, facility management
3. Human Resources and Labor management
4. Personnel management such as hiring or assignment decision, attendance management, etc.
5. Payment of salaries, welfare benefits, offer, etc.
6. Expense reimbursement
7. Health management
8. Administer tax or social insurance
9. Emergency communication
10. Performance evaluations
11. Reimbursing expenses
12. Recruiting new employees
13. Facility management and security
14. Submission and Reporting to Government Offices
15. Any other purposes to ensure the compliance of the applicable laws

 

3. Altering of Utilization Purpose

We may alter the utilization purpose in the preceding article within the reasonable scope relevant to the pre-altered utilization purpose. In this case, we shall disclose to the public the post-altered utilization purpose on our website and other platforms.

 

4. Utilizing within the scope of utilization purpose

We handle personal data within the necessary scope to achieve the utilization purpose. In cases beyond the said scope herein, we shall obtain Data subject’s consent in advance, except based on applicable laws.

 

5. Personal Data Collected/Used

Personal data that is collected by the Company may include some or all of the following information depending upon the nature of service being imparted to the Data Subject:

1. Name;
2. Nationality;
3. Marital status;
4. Date of birth;
5. Gender;
6. Contact information such as email addresses and telephone numbers;
7. Demographic information such as address, postal code, preferences and interests;
8. Thumbprint;
9. Signature;
10. Photographs, audio/video recordings and digital images.
11. Automatic information such as cookies, location or any unique identifier for your device.;
12. Financial information such as bank account or credit card or debit card or other payment instrument details;
13. Information related to workplace (Workplace’s Name, Address, Telephone Number, Position);
14. Information necessary to process job application, employee onboarding and comply with applicable laws including labour laws, including PAN and AADHAAR No.;
15. Any detail relating to the above clauses as provided to us for providing service;
16. Any such additional information that you may voluntarily disclose to us.  

 

We do not collect or share any information except for the purpose consented to or which is incidental to or connected with such purpose as disclosed in this privacy policy for which consent is taken from the customers.

 

 

6. Legal basis for the processing

The legal basis for the processing is as follows;

1. When the processing is necessary for the performance of contractual obligations to you.
2. When processing is required for the pursuit of legitimate interests.
3. When processing is required for compliance with our legal obligations to complie with applicable laws.
4. When your explicit consent is obtained in advance. You have the right to withdraw your consent at any time by the method separately designated by us. However, your withdrawal of consent will not affect the legality of processing conducted based on your consent before its withdrawal.

 

Please note that your consent for processing of your personal data may not be always required depending upon the basis of such processing however, any such processing shall always be done in accordance with the applicable laws.

  

7. Processing Without Consent

If we collect personal data including sensitive personal data, we obtain Data Subject’s consent in advance or at the time of collection, use, or disclosure. However, we may collect personal data and process it without consent in the following cases:

1. for the specified purpose for which you have voluntarily provided your personal data to us, and in respect of which you have not indicated to us that you do not consent to the use of your personal data;
2. to fulfill any obligation under any law for the time being in force in India to disclose information to government authorities;
3. to respond to a medical emergency involving a threat to the life or immediate threat to the health of You or any other individual;
4. to provide medical treatment or health services during an epidemic or public health emergency;
5. for the purposes of employment or those related to safeguarding the employer from loss or liability, such as prevention of corporate espionage, maintenance of confidentiality of trade secrets, intellectual property, classified information or provision of any service or benefit sought by You who is an employee.

 We may also process your personal data as required by applicable laws and regulations.

  

8. Data Accuracy

We keep personal data accurate and up to date within the necessary scope to achieve a utilization purpose. We will retain your personal data for as long as necessary to fulfill the aforementioned purposes for obtaining and processing your personal data. Specific retention periods are decided based on the following considerations, the purpose for obtaining and processing the personal data; the nature of the personal data; and the necessity of retaining the personal data for legal or business reasons. We will delete personal data after the storage period has concluded.

 

9. Security Control

We take necessary and appropriate technical and organisational measures to protect personal data against unauthorized access, falsification, leakage, loss, or damage, including measures based on IS/ISO/IEC 27001 on "Information Technology – Security Techniques – Information Security Management System – Requirements".

 

 In the event that we have credible grounds to believe that a personal data breach has occurred, we will take reasonable and prompt steps in accordance with the applicable law and make reasonable efforts to notify you regarding the breach.

 

10. Supervision over employees

We exercise necessary and appropriate supervision over our employees and perform necessary training and education so as to seek the security control of the personal data.

 

11. Supervision over third parties

We entrust whole or part of the handling of personal data to a third party in regards to delivery, maintenance, or repair services in the scope of the utilization purpose. In this case, we select a third party who can handle personal data properly, set proper security control, keeps everything confidential, terms, conditions and other matters regarding handling personal data as the data protection addendum in an entrust contract, comprehend the situation of said third party, and exercise necessary and appropriate supervision over said third party.

 

12. Third Party Provision

By agreeing to this privacy policy, you consent to the sharing and disclosure of your personal data with the following third parties in accordance with the applicable laws for the purposes stated in this privacy policy.

1. Parent Company
2. Affiliate Company
3. Group Company
4. Insurance Company
5. Contractors (including the delivery companies, maintenance and repair contractor, data service provider, accounting firms and the law firms, etc.)
6. Government and Regulatory Authorities or any Organizations to which the Company is under an obligation to make disclosures under the requirements of any law and regulations.

We confirm and keep records appropriately pursuant to applicable laws and guidelines when exchanging personal data with a third party.

  

13. Foreign Transfer

• As a result of the aforementioned sharing and disclosure, we may transfer your personal data to the following third countries outside India in accordance with the laws applicable in India and best practices. However, in accordance with applicable laws, your personal data will also be retained within India for the legally prescribed period.

14. Data subject’s right

Data Subject has rights regarding personal data in accordance with the applicable law, including but not limited to,

• The right to withdraw consent at any time, with the process being as simple as giving consent.
• The right to access a grievance redressal mechanism for addressing issues related to personal data, with the option to escalate unresolved issues to the appropriate authority.

 

If Data Subject intends to exercise any of the aforementioned rights, please inquire using the contact details at the end of this privacy policy.

 

15. Processing of personal data of Children

The Company shall, before processing any personal data of a child (under the age of 18 years) or a person with disability who has a lawful guardian, obtain verifiable consent of the parent of such Child or the lawful guardian, as the case may be.

 

16. Amendment

This Privacy Policy may be altered to the extent to not be contrary to laws and guidelines. Hence, we advise you to check regularly for updated information on the handling of your personal data. In this case, We may contact Data Subject through this website and by e-mail if necessary.

 

17. Contact Information

For any questions or concerns about your personal data, please contact us at: NITORI INDIA PRIVATE LIMITED Address: Unit No. 304, 3rd Floor, DLF South Court , Saket, South Delhi, New Delhi, Delhi, India, 110017

e-mail: eccs@nitori.co.in

tel:+91 90 0404 4369

 

Last Updated: November 19, 2024