The following Privacy Policy governs the online information collection practices of WINTLT TECHNOLOGIES PRIVATE LIMITED (“we”, “us”, “our”). It outlines the types of information that we gather about you while you are using our website https://www.visu.ai and the ways in which we use this information. 

WINTLT TECHNOLOGIES PRIVATE LIMITED is a web-based SaaS model which helps users who have created WINTLT TECHNOLOGIES PRIVATE LIMITED accounts (“User(s)”) to share their content such as information, files and folders (“Content”) and analyse their pre-existing customers, prospective customers and third parties (“Viewer(s)”) on the basis of the content viewed by them. The viewers are the non-registered users of the web-services and product offerings (“Service(s)”) provided by WINTLT TECHNOLOGIES PRIVATE LIMITED. We process your data in accordance with the applicable laws and regulations following industry best practices.

PURPOSE AND SCOPE 

The Privacy Policy applies primarily to information that we collect online; however, it may apply to some of the data that you provide to us offline and/or through other means, as well (for example, via telephone, or through the mail).

The Privacy Policy documents and describes the manner in which our organisation collects information from all our Users/Viewers of our Services. While providing our Services on behalf of our registered users, we collect information related to Viewers. The use of information collected on behalf of our Users is governed primarily by our contract for the engagement with them and the privacy policies governing their organization. We are not accountable for the privacy policies and practices undertaken by our users or any other third parties.

HOW WE COLLECT DATA ABOUT YOU 

We may collect different data from or about you depending on how you use the Sites. 

Data provided by registered users: 

Account creation and loginWhen you create an account or login into your account, we collect personal information such as first name, last name, email address and password. 

Data provided by non-registered users: 
Access pre-existing user’s contentWhen you request to view a pre-existing User’s content the user may ask for personal information such as email address in order to open a WINTLT TECHNOLOGIES PRIVATE LIMITED’ link. WINTLT TECHNOLOGIES PRIVATE LIMITED collects and stores this personal information on behalf of its Users.When you provide this personal information, you do so in accordance with that User’s privacy practices and policies. WINTLT TECHNOLOGIES PRIVATE LIMITED is not responsible for the privacy practices of its Users, and only processes this information in accordance with the applicable agreement it has with each User. For any issues pertaining to processing of such personal information, please contact the User directly.

Data collected through automated means: 
System dataTechnical data about your computer or device, like device type, operation system and the IP address. This data helps us improve the delivery of our web pages and to measure traffic on the Site.The collection of data will also depend on the individual settings of your device and software. It is recommended to refer to the policies of your device manufacturer or software provider to learn about information they might share with us.

User Generated Data: 
Account Creation, Login and Usage as a viewerWe collect information and material (user generated content) provided to us voluntarily by our users or the viewers to publish and process on our platform.The user generated content is inclusive of text, photos & videos associated with the accounts/ emails used to create an account with WINTLT TECHNOLOGIES PRIVATE LIMITED or to access links as viewers.

Data Collected from Third Parties: 
Integration of Third Parties such as Google Drive, OneDrive, Dropbox, BoxWhen you connect your existing cloud storage such as Google Drive, we access your account on your behalf to get information about your files & folders. When you choose to create a Google Drive file link in WINTLT TECHNOLOGIES PRIVATE LIMITED, we download the selected file(s) from your Google Drive and store it in our own storage for reliability purposes.

Data collected during transactions:
Transactional DataOn the basis of types of services requested, WINTLT TECHNOLOGIES PRIVATE LIMITED also collects information such as:type of service that has been requestedorder details for such a requestpayment & transaction information (such as merchant’s name, payment method, chargeable amount for the service)date and time the service was providedFor the purpose of promotion codes, name of the person associated with such a code will also be collected

Some information is collected through the use of cookies, web beacons and tracking technologies. Please refer to the Cookie Policy for more details on the type of cookies being used.   

THE TYPES OF INFORMATION WE COLLECT AND STORE

We may collect personal and sensitive personal information about you and store this information in connection with the provision and fulfilment of our services to you. Personal information may include:

• First name and last name

• Email address 

• Location

• IP Address

  
  

HOW WE USE YOUR PERSONAL INFORMATION

The above personal information may be used for the following purposes:

• To provide you with information about our offerings and/or our periodic newsletters;

• To respond to your requests;

• For creation or development of business intelligence or data analytics in relation to the Offerings provided by us (for this purpose we may share the Personal Information with certain software or tools available online);

• To manage our relationship with you;

• For internal record keeping;

• To provide you with authorization to login and use your user account;

• To verify your identity;

• To maintain correct and up-to-date information about you;

• To identify you as a contracting party;

• To improve our website;

• To enable automated handling of the subscriptions;

• To otherwise be able to provide the services to you and

• To comply with our legal or statutory obligations.

  
  

WHO HAS ACCESS TO YOUR DATA WITHIN OUR ORGANIZATION?

Within our organization, access to your data is limited to those persons who require access in order to provide you with the Products and Services, which you purchase from us, to contact you, and to respond to your inquiries, including requests for refund. Those staff members may be on teams such as: marketing, events, development, executive, customer support. Employees only have access to data that is relevant to their team, on a ‘need to know’ basis.

WHO DO WE SHARE YOUR DATA WITH OUTSIDE OUR ORGANIZATION AND WHY?

Processors

We may use service providers & third parties for operating and improving the Sites, to assist with certain functions, such as payment processing, email transmission, conducting surveys or contests, data hosting, managing our ads, third-party solutions for marketing and analytics, and some aspects of our technical and customer support. We take measures to ensure that these service providers access, process, and store information about you only for the purposes we authorize, through the execution of Data Processing Agreements or Addenda. 

Authorities

We may access, preserve, and disclose information about you to third parties, including the content of messages if we believe disclosure is in accordance with or required by, applicable law, regulation, legal process, or audits. We may also disclose information about you if we believe that your actions are inconsistent with our Terms of Service or related guidelines and policies, or if necessary to protect the rights, property, or safety of, or prevent fraud or abuse of, Company or others.

Transfer of business

If we (or our assets) are acquired, or if we go out of business, enter bankruptcy, or go through some other change of control, personal information could be one of the assets transferred to or acquired by a third party.

WHY AND FOR HOW LONG DO WE STORE INFORMATION WE COLLECT FROM YOU?

We retain certain information collected from you while you are a member on the Site, and in certain cases where you have deleted your account, for the following reasons:

• So that you can use our Sites;

• To ensure that we do not communicate with you if you have asked us not to;

• To provide you with a refund, if entitled;

• To better understand the traffic to our Sites so that we can provide all members with the best possible experience;

• To detect and prevent abuse of our Sites, illegal activities and breaches of our Terms of Service; and

• To comply with applicable legal, tax or accounting requirements. 

We retain user data for as long as necessary for the purposes described above. This means that we retain different categories of data for different periods of time depending on the type of data, the category of user to whom the data relates to, and the purposes for which we collected the data. 

SECURITY

We implement a variety of administrative, managerial, and technical security measures to help protect your personal information. Our Company has various internal control standards which relate specifically to the handling of personal information. These include certain controls to help safeguard the information we collect online. Our employees are trained to understand and comply with these controls and we communicate our Privacy Policy practices and guidelines to our employees. However, while we strive to protect your personal information, you must also take steps to protect your information. We urge you to take every precaution to protect your personal information while you are on the Internet.

YOUR RIGHTS UNDER THE GDPR 

You have certain rights if you are within the EU this includes: 

• Right to access. This right allows you to obtain a copy of your personal data, as well as other supplementary information. 

• Right to restrict processing. You have the right to restrict the processing of your personal data in certain circumstances. 

• Right to rectification. You have the right to have any incomplete or inaccurate information we hold about you corrected.

• Right to object to processing. The right to object allows you to stop or prevent us from processing your personal data. This right exists where we are relying on a legitimate interest as the legal basis for processing your Personal Data. You also have the right to object where we are processing your Personal data for direct marketing purposes.

• Right to erasure. You have the right to ask us to delete or remove Personal data when the personal data is no longer necessary for the purpose which you originally collected or processed. 

To exercise your rights, you can contact us at support@visu.ai

YOUR RIGHTS UNDER THE GDPR

Users who are California residents have certain rights under the General Data Protection Regulation, (“GDPR”) included in these rights are:

• Right to know. You have the right to request to know more about the categories and specific pieces of personal information that we have collected about you and access a copy of your personal information.

• Right to deletion. You have the right to request deletion of personal information that we have collected about you.

• Right to non-discrimination. If you choose to exercise any of your rights under GDPR, we will treat you like all other users. In other words, there is no penalty for exercising your rights under GDPR.

• Right to opt-out. You have the right to opt-out of the sale of your personal information. We do not sell personal information. However, the Service Providers we partner with (for example, our advertising partners) may use technology on the Service that "sells" personal information as defined by the GDPR. If you wish to opt-out of the use of your personal information for interest-based advertising purposes and these potential sales as defined under GDPR law, you may do so by following the instructions below. Please note that any opt out is specific to the browser you use. You may need to opt out on every browser that you use.

To exercise any of these rights under GDPR, please email support@visu.ai. To know more about your rights and how to exercise them visit our Data Subject Request Policy.

OUR POLICY CONCERNING CHILDREN & THEIR DATA

Our Sites are not directed to children under the age of sixteen and we do not knowingly collect personally identifiable information from children or distribute such information to third parties. We screen users who wish to provide personal information in order to prevent children from providing such information. If we become aware that we have inadvertently received personally identifiable information from a child, we will delete such information from our records. If we change our practices in the future, we will obtain prior, verifiable parental consent before collecting any personally identifiable information from children.

LINKS TO OTHER WEBSITES

Our Sites may contain links to other websites that are not operated by us. If you click on a third-party link, you will be directed to that third party's site. We strongly advise you to review the Privacy Policy of every site you visit. 

Third parties are under no obligation to comply with this Privacy Policy with respect to Personal Data that you provide directly to those third parties or that those third parties collect for themselves. We do not control the third-party sites that may be accessible through our Services. Thus, this Privacy Policy does not apply to information you provide to third-party sites or gathered by the third parties that operate them. 

CHANGES TO THIS POLICY

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page. If we make any material change/s to the Policy, we will notify you via email, through a notification posted on the Services, or as required by applicable law. You can see when the Policy was last updated by checking the date at the bottom of this page. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective from when they are posted on this page.

DATA PROTECTION ADDENDUM

This Data Protection Addendum ("Addendum"), dated 1st June 2024, and effective as of the Addendum Effect Date (as defined below), forms part of the Terms of Service ("Terms") between (i) WINTLT TECHNOLOGIES PRIVATE LIMITED ("WINTLT TECHNOLOGIES PRIVATE LIMITED") each being a “Party” and together the “Parties”.

The Parties hereby agree that the terms and conditions set out below shall be added as an Addendum to the Terms and references in this Addendum to the Terms are to the Terms as amended by, and including, this Addendum.

1. Definitions

1.1 In this Addendum, the following terms shall have the meanings set out below and cognate terms shall be construed accordingly:

• (a)"Addendum Effective Date" has the meaning given to it in section 2;

• (b)"Affiliate" means an entity that owns or controls, is owned or controlled by or is or under common control or ownership with either Client or WINTLT TECHNOLOGIES PRIVATE LIMITED (as the context allows), where control is defined as the possession, directly or indirectly, of the power to direct or cause the direction of the management and policies of an entity, whether through ownership of voting securities, by contract or otherwise;

• (c)"Client Personal Data" means any Personal Data Processed by WINTLT TECHNOLOGIES PRIVATE LIMITED (i) on behalf of Client (including for the sake of clarity, any Client Affiliate), or (ii) otherwise Processed by WINTLT TECHNOLOGIES PRIVATE LIMITED, in each case pursuant to or in connection with instructions given by Client in writing, consistent with the Terms;

• (d)"Controller to Processor s" means the Standard Contractual Clauses (processors) for the purposes of Article 26(2) of Directive 95/46/EC set out in Decision 2010/87/EC as the same are revised or updated from time to time by the European Commission;

• (e)"Data Protection Laws" means (i) Directive 95/46/EC and, from May 25, 2018, Regulation (EU) 2016/679 ("GDPR") together with applicable legislation implementing or supplementing the same or otherwise relating to the processing of Personal Data of natural persons, and (ii) to the extent not included in sub-clause (i), the Data Protection Act 1998 of the United Kingdom, as amended from time to time, and including any substantially similar legislation that replaces the DPA 1998;

• (f)"Privacy Shield" means the EU-US Privacy Shield Framework; and

• (g)"Services" means the services to be supplied by WINTLT TECHNOLOGIES PRIVATE LIMITED to Client or Client Affiliates pursuant to the Terms.

  
  

1.2 The terms "Controller", "Data Subject", "Personal Data", "Personal Data Breach", "Process", "Processor" and “Supervisory Authority” have the same meanings as described in applicable Data Protection Laws and cognate terms shall be construed accordingly.

1.3 Capitalized terms not otherwise defined in this Addendum shall have the meanings ascribed to them in the Terms.

2. Formation of this Addendum

This Addendum is deemed agreed by the Parties, and comes into effect, on the “Addendum Effective Date”, being the later of (i) the date that this Addendum is accepted by Client; and (ii) WINTLT TECHNOLOGIES PRIVATE LIMITED.

3. Roles of the Parties
The Parties acknowledge and agree that with regard to the Processing of Client Personal Data, and as more fully described in Annex 1 hereto, Client acts as a Controller and WINTLT TECHNOLOGIES PRIVATE LIMITED acts as a Processor (as defined in section 5.2.4 below).

The Parties expressly agree that Client shall be solely responsible for ensuring timely communications to Client’s Affiliates or the relevant Controller(s) who receive the Services, insofar as such communications may be required or useful in light of applicable Data Protection Laws to enable Client’s Affiliates or the relevant Controller(s) to comply with such Laws.

4. Description of Personal Data Processing

In Annex 1 to this Addendum, the Parties have mutually set out their understanding of the details of the Processing of the Client Personal Data to be Processed by WINTLT TECHNOLOGIES PRIVATE LIMITED pursuant to this Addendum, as required by Article 28(3) of the GDPR. Either Party may make reasonable amendments to Annex 1 by written notice to the other Party and as reasonably necessary to meet those requirements. Annex 1 does not create any obligation or rights for any Party.

5. Data Processing Terms

5.1

Client shall comply with all applicable Data Protection Laws in connection with the performance of this Addendum. As between the Parties, Client shall be solely responsible for compliance with applicable Data Protection Laws regarding the collection of and transfer to WINTLT TECHNOLOGIES PRIVATE LIMITED of Client Personal Data. Client agrees not to provide WINTLT TECHNOLOGIES PRIVATE LIMITED with any data concerning a natural person’s health, religion or any special categories of data as defined in Article 9 of the GDPR.

5.2

WINTLT TECHNOLOGIES PRIVATE LIMITED shall comply with all applicable Data Protection Laws in the Processing of Client Personal Data and WINTLT TECHNOLOGIES PRIVATE LIMITED shall:

5.2.1

process the Client Personal Data relating to the categories of Data Subjects for the purposes of the Terms and for the specific purposes in each case as set out in Annex 1 to this Addendum and otherwise solely on the documented instructions of Client, for the purposes of providing the Services and as otherwise necessary to perform its obligations under the Terms including with regard to transfers of Client Personal Data to a third country outside to an international organization; WINTLT TECHNOLOGIES PRIVATE LIMITED shall immediately inform Client if, in WINTLT TECHNOLOGIES PRIVATE LIMITED’s opinion, an instruction infringes applicable Data Protection Laws;

5.2.2

ensure that persons authorized to process the Client Personal Data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality;

5.2.3

implement and maintain the technical and organizational measures set out in the Terms and, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of Processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, implement any further appropriate technical and organizational measures necessary to ensure a level of security appropriate to the risk of the Processing of Client Personal Data as per following:

(a) pseudonymization and encryption of Client Personal Data;

(b) ensuring ongoing confidentiality, integrity, availability and resilience of processing systems and services that process Client Personal Data;

(c) restoring availability and access to Client Personal Data in a timely manner in the event of a physical or technical incident; and

(d) regularly testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing of the Client Personal Data.

Any amendment to such agreed measures that is necessitated by Client shall be dealt with via an agreed change control process between WINTLT TECHNOLOGIES PRIVATE LIMITED and Client;

5.2.4

Client (on behalf of the relevant Controller(s), as applicable), hereby expressly and specifically authorizes WINTLT TECHNOLOGIES PRIVATE LIMITED to engage another Processor to Process the Client Personal Data ("Other Processor"), and specifically the Other Processors listed in Annex 2 hereto, subject to WINTLT TECHNOLOGIES PRIVATE LIMITED's:

(a)notifying Client of any intended changes to its use of Other Processors listed in Annex 2 by emailing notice of the intended change to Client;

(b)including data protection obligations in its contract with each Other Processor that are materially the same as those set out in this Addendum; and

(c) remaining liable to the Client for any failure by each Other Processor to fulfill its obligations in relation to the Processing of the Client Personal Data.

In relation to any notice received under section 5.2.4 a., the Client shall have a period of 30 (thirty) days from the date of the notice to inform WINTLT TECHNOLOGIES PRIVATE LIMITED in writing of any reasonable objection to the use of that Other Processor. The parties will then, for a period of no more than 30 (thirty) days from the date of the Client's objection, work together in good faith to attempt to find a commercially reasonable solution for the Client which avoids the use of the objected-to Other Processor. Where no such solution can be found, either Party may (notwithstanding anything to the contrary in the Terms) terminate the relevant Services immediately on written notice to the other Party, without damages, penalty or indemnification whatsoever;

5.2.5

to the extent legally permissible, promptly notify Client of any communication from a Data Subject regarding the Processing of Client Personal Data, or any other communication (including from a Supervisory Authority) relating to any obligation under the applicable Data Protection Laws in respect of the Client Personal Data and, taking into account the nature of the Processing, assist Client (or the relevant Controller) by appropriate technical and organizational measures, insofar as this is possible, for the fulfillment of Client’s, Client’s Affiliates’ or the relevant Controller(s)’ obligation to respond to requests for exercising the data subject's rights laid down in Chapter III GDPR; Client agrees to pay WINTLT TECHNOLOGIES PRIVATE LIMITED for time and for out of pocket expenses incurred by WINTLT TECHNOLOGIES PRIVATE LIMITED in connection with the performance of its obligations under this Section 5.2.5;

5.2.6

upon WINTLT TECHNOLOGIES PRIVATE LIMITED’s becoming aware of a Personal Data Breach involving Client Personal Data, notify Client without undue delay, of any Personal Data Breach involving Client Personal Data, such notice to include all information reasonably required by Client (or the relevant Controller) to comply with its obligations under the applicable Data Protection Laws;

5.2.7

to the extent required by the applicable Data Protection Laws, provide reasonable assistance to Client, Client’s Affiliates’ or the relevant Controller(s)’ with its obligations pursuant to Articles 32 to 36 of the GDPR taking into account the nature of the Processing and information available to WINTLT TECHNOLOGIES PRIVATE LIMITED; Client agrees to pay WINTLT TECHNOLOGIES PRIVATE LIMITED for time and for out of pocket expenses incurred by WINTLT TECHNOLOGIES PRIVATE LIMITED in connection with any assistance provided in connection with Articles 35 and 36 of the GDPR;

5.2.8

cease Processing the Client Personal Data upon the termination or expiry of the Terms, and at option of Client, Client’s Affiliates or the relevant Controller(s) either return or delete (including by ensuring such data is in non-readable format) all copies of the Client Personal Data Processed by WINTLT TECHNOLOGIES PRIVATE LIMITED, unless (and solely to the extent and for such period as) Country law requires storage of the Personal Data. Notwithstanding the foregoing or anything to the contrary contained herein, WINTLT TECHNOLOGIES PRIVATE LIMITED may retain Personal Data and shall have no obligation to return Personal Data to the extent required by applicable laws or regulations obligations. Any such Personal Data retained shall remain subject to the obligations of confidentiality set forth in the Terms; and

5.2.9

make available to Client all information necessary to demonstrate compliance with this Addendum and allow for and contribute to audits, including inspections, by Client, or an auditor mandated by Client. For the purposes of demonstrating compliance with this Addendum under this section 5.2.9, the Parties agree that once per year during the term of the Terms, WINTLT TECHNOLOGIES PRIVATE LIMITED will provide to Client, on reasonable notice, responses to cybersecurity and other assessments. Client agrees to pay WINTLT TECHNOLOGIES PRIVATE LIMITED for time and for out of pocket expenses incurred by WINTLT TECHNOLOGIES PRIVATE LIMITED in connection with assistance provided in connection with such audits, responses to cybersecurity and other assessments.

6. Transfers

WINTLT TECHNOLOGIES PRIVATE LIMITED is certified to Information Security Management as per ISO 27001:2013. WINTLT TECHNOLOGIES PRIVATE LIMITED shall notify Client in writing without undue delay if it can no longer comply with its obligations under the Privacy compliance, and, in such a case, WINTLT TECHNOLOGIES PRIVATE LIMITED will have the option of (i) promptly taking reasonable steps to remediate any non-compliance with applicable obligations under this Addendum, or (ii) engaging in a good faith dialogue with Client to determine a new data transfer mechanism to carry out the purposes of the Terms. WINTLT TECHNOLOGIES PRIVATE LIMITED acts as a Processor with respect to Personal Data received pursuant to a data transfer.

In the event the Privacy Compliance is invalidated, Client and each Client Affiliate (on behalf of the relevant Controller(s), as the case may be), if applicable (as "data exporter") and WINTLT TECHNOLOGIES PRIVATE LIMITED (as "data importer"), with effect from the commencement of the relevant transfer, shall enter into the Controller to Processor SCCs (mutatis mutandis, as the case may be) in respect of any transfer (or onward transfer) from Client or Client Affiliate to WINTLT TECHNOLOGIES PRIVATE LIMITED, where such transfer would otherwise be prohibited by applicable Data Protection Laws or by the terms of data transfer agreements put in place to address applicable Data Protection Laws. Appendix 1 to the Controller to Processor SCCs shall be deemed to be prepopulated with the relevant sections of Annex 1 to this Addendum and the processing operations are deemed to be those described in the Terms. Appendix 2 to the Controller to Processor SCCs shall be deemed to be prepopulated with the following "Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood for the rights and freedoms of natural persons, WINTLT TECHNOLOGIES PRIVATE LIMITED shall implement appropriate technical and organizational measures as set forth in the Addendum."

7. Precedence

The provisions of this Addendum are supplemental to the provisions of the Terms. In the event of any inconsistency between the provisions of this Addendum and the provisions of the Terms, the provisions of this Addendum shall prevail.

8. Indemnity

To the extent permissible by law, Client shall indemnify and hold harmless WINTLT TECHNOLOGIES PRIVATE LIMITED against all (i) losses, (ii) third party claims, (iii) administrative fines and (iv) costs and expenses (including, without limitation, reasonable legal, investigatory and consultancy fees and expenses) reasonably incurred in relation to (i), (ii) or iii), suffered by WINTLT TECHNOLOGIES PRIVATE LIMITED and that arise from any breach by Client of this Addendum or of its obligations under applicable Data Protection Laws.

9. Severability

The Parties agree that, if any section or sub-section of this Addendum is held by any court or competent authority to be unlawful or unenforceable, it shall not invalidate or render unenforceable any other section of this Addendum.

9. Others

The organization ensures that the contract to process PII addresses the organization’s role in providing assistance with the customer's obligations.

The Agreement considers following and follows:

a. Privacy by Design and default

b. Achieving Security of Processing

c. Notification of breaches involving PII to a Supervisory authority

d. Notification of breaches involving PII to Customers and PII Principals

e. Conducting Privacy Impact Assessment

f. Assurance of Assistance by the PII Processors if prior consultations with relevant PII Protection authorities are needed.

g. WINTLT TECHNOLOGIES PRIVATE LIMITED shall inform the customer if in its opinion a processing instruction infringes applicable legislation or regulation.

h. The organization does not use PII processed under a contract for the purposes of Marketing and Advertising

i. Coordinate with Clients for helping Audit the systems. The organization provides the customer with the appropriate information so that it can demonstrate compliance with their obligations

j. WINTLT TECHNOLOGIES PRIVATE LIMITED shall use AWS and PIPL as sub processors with Security and Privacy requirements full filled.

k. The organization shall comply with all statutory and regulatory requirements, ISO 27001:2013, ISO 27701:2019 and EU GDPR requirements.

l. The Data shall be deleted or de-identified after the processing is complete (This is after the retention period selected is complete).

m. WINTLT TECHNOLOGIES PRIVATE LIMITED shall inform 24 hours in advance to clients in case of any legally binding requests for disclosure of PII.n. For Access, Correction and/or Erasure of PII of Data subjects can be done by contacting the Data Protection Officer (DPO) below. Also for raising concerns and/or any complaints related with PII that can be done by contacting the Data Protection Officer below:

Name: Balaji P

Email ID: balaji@visu.ai

Contact Number: +91 9880718283 

Name: Anandh M

Email ID: anandh@visu.ai

Contact Number: +91 8870441752

WINTLT TECHNOLOGIES PRIVATE LIMITED Technologies Private LimitedCustomer: Click or tap here to enter text.

By:Print Name:Print Name: Click or tap here to enter text.Title: Data Protection OfficerTitle: Click or tap here to enter text.Date:Date: Click or tap here to enter text.

Annex 1: Description of Processing of Client Personal Data

This Annex includes certain details of the Processing of Client Personal Data as required by Article 28(3) GDPR and, as applicable, Controller to Processor SCC.

Subject matter and duration of the Processing of the Personal Data

The subject matter and duration of the Processing of the Client Personal Data are set out in Section 2 of the Terms.

The nature and purpose of the Processing of the Personal Data

Due diligence and Background Verification of Organization and Individuals.

The categories of Data Subject to whom the Client Personal Data relates

  - Employees and Contractors of Clients.

The types of Client Personal Data to be Processed

Name, Address, Date of Birth, Age, Education, Email, Gender, Image, Job, Language, Phone, Related person, Related URL, User ID, Username

Special categories of data

None

The obligations and rights of Client

The obligations and rights of Client are set out in the Terms and this Addendum.

Data exporter (as applicable)

The data exporter is: Client of WINTLT TECHNOLOGIES PRIVATE LIMITED that uses the Services

Data importer (as applicable)

The data importer is: PIPL, a company that provides services to the client, which requires receiving the Client’s query data

Processing operations (as applicable)

The personal data transferred will be subject to the following basic processing activities: The provision of WINTLT TECHNOLOGIES PRIVATE LIMITED Limited to Client for Due Diligence and Background Verification as per Client requirements.

Annex 2: Authorized Other Processors

Name of Other ProcessorDescription of ProcessingLocation of Other ProcessorAmazon Web ServicesHosting the Production Environment

CONTACT US

If you have any questions about this Privacy Policy, you can contact us at support@visu.ai

Last Updated: 01-December -2024.