Welcome to www.futureanalytica.ai (“Platform”). Your usage of the Platform shall be subject to the guidelines, terms and conditions set out herein.
This electronic record is generated by a computer system and does not require any physical or digital signatures.
Section 43A of the Information Technology Act, 2000 (“IT Act”);
Rule 4 of the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (“SPDI Rules”).
The Platform cares how information about you is used and shared and appreciates your trust in the Platform to do that carefully and sensibly.
The activity on the Platform is not intended for use by minors.
If you are a minor i.e. under the age of 18 years, you may use the Platform only with involvement of a parent or guardian. Platform and its affiliates reserve the right to refuse service, terminate accounts, or remove or edit content in their sole discretion.
The use of this Platform is only available to persons who can form a legally binding contract under the Indian Contract Act, 1872.
Collection of Information
The information we learn from users helps us personalise and continually improve your experience on the Platform.
We may collect and use personal information to provide you with products or services, to bill you for products and services you request, to market products and services which we think may be of interest to you, or to communicate with you for other purposes which are evident from the circumstances or about which we inform you when we collect personal information from you.
We store the information collected from the Platform and may use it to:
1. Improve our product;
2. Enhance the end user experience;
3. Provide, maintain and protect services, Platform and our business;
4. Communicate with the you/customers in relation to technical and other administrative matters via emails and other modes of communication;
5. Personalisation of the product and the services;
6. Product development;
7. Relevant offers;
8. Conduct and undertake research in order to develop and provide tools and additional features to service better experience;
9. Allow you to participate in interactive features of the Platform;
10. Carry out data analysis and test the Platform to ensure its stability and security;
11. Ensure that you are old enough to use our Platform (as required by law);
12. Research wherein we investigate and help prevent security issues and abuse of the Platform; and
13. Enable third parties to carry out technical, logistical or other functions, as may be required, to improve your user experience.
Types of information collected
We may store information you enter on the Platform or give us in any other way.
Examples of the information that may be collected, include:
The Internet protocol (IP) address used to connect your computer to the Internet; login; e-mail address; password; computer and connection information such as browser type and version; operating system and platform; user history; the full Uniform Resource Locators (URL) clickstream to, through and from the Platform (including date and time); cookie number; any phone number used to call our customer service etc.
The information that we collect from you depends on how you use the Platform.
In the event you contact us through the Platform, we will collect your name and contact information, including your e-mail address and company’s name.
We may also use browser data such as cookies, Flash cookies (also known as Flash Local Shared Objects), or similar data for fraud prevention and other purposes.
During some visits we may use software tools to measure and collect session information, including page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page.
You can choose not to provide certain information but then you might not be able to take advantage of many of the features provided on the Platform.
We use the information that you provide for purposes such as responding to your requests, customising user experience for you, improving the Platform, and communicating with you.
In addition, we may receive and store certain types of information whenever you interact with us.
It may include information about your location and your mobile device, including a unique identifier for your device. We may use this information for internal analysis and to provide you with location-based services, such as advertising, search results, and other personalized content.
Preventing your browser from accepting cookies
The Help menu on the menu bar of most internet browsers will tell you how to prevent your browser from accepting new cookies, how to have the browser notify you when you receive a new cookie and how to disable cookies altogether.
Additionally, you can disable or delete similar data used by browser add-ons, such as Flash cookies, by changing the add-on's settings or visiting the website of its manufacturer.
If you do leave cookies turned on, be sure to sign off when you finish using a shared computer.
Security of Information
The Platform strives to take all reasonable efforts to protect the security of your information during transmission by using (“Secure Sockets Layer (SSL) software”), which encrypts information you input in addition to maintaining security of your information as per the International Standard IS/ISO/IEC 27001 on "Information Technology Security Techniques Information Security Management System-Requirements" and/or other security measures as provided under Rule 8 of the SPDI Rules.
We strive to maintain physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of personal information (including sensitive personal information).
Our security procedures mean that we may occasionally request proof of identity before we disclose personal information to you.
It is important for you to protect against unauthorised access to your password and to your computer. Be sure to sign off when you finish using a shared computer.
The Platform has carried out balancing tests for all the data processing used by the Platform on the basis of our legitimate interests.
Withdrawing consent or otherwise objecting to direct marketing/profiling
Wherever the Platform relies on the user consent, the user will always be able to withdraw that consent, however, please note, the Platform may have other legal grounds for processing your data for other purposes, such as those set out above. In some cases, we may be able to send you direct marketing without your consent, where we rely on our legitimate interests. You have an absolute right to opt-out of direct marketing, or profiling we carry out for direct marketing, at any time. You can do this by contacting us.
Notices and Revisions
If you have any concern about privacy or grievances at the Platform, please contact us with a thorough description and we will try to resolve the issue for you.
Other than as set out above, you will receive notice when information about you might go to third parties and you will have an opportunity to choose not to share the information.
As discussed above, you can always choose not to provide information, even though it might be needed to avail features on the Platform.
You can add or update certain information on pages where your personal details are stored. When you update information, we usually keep a copy of the previous version for our records.
The user has the right to request a copy of their personal information; to correct, delete or restrict (stop any active) processing of their personal information; and to obtain the personal information you provide to the Platform for a contract or with your consent in a structured, machine readable format, and to request the Platform to share/ port this data to another controller.
In addition, you can object to the processing of your personal information in some circumstances (in particular, where we don’t have to process the data to meet a contractual or other legal requirement, or where we are using the data for direct marketing).
These rights may be limited, for example if fulfilling your request would reveal personal information about another person, where they would infringe the rights of a third party (including our rights) or if you ask us to delete information which we are required by law to keep or have compelling legitimate interests in keeping.
Relevant exemptions are included in applicable data protection laws. We will inform you of relevant exemptions we rely upon when responding to any request you make.
If you have unresolved concerns, you have the right to complain to an applicable data protection authority where you live, work or where you believe a breach may have occurred.
Individuals located in certain countries, including the European Economic Area, have certain statutory rights in relation to their Personal Information. If you are a resident or a citizen of European Union or the European Economic Area, We will collect, store, process and control your information in accordance with our Data Protection Policy (DPP) provided under ‘Annexure A’ hereto. Subject to any exemptions provided by law, you may have the right to request access to information, as well as to seek to update, delete or correct this information. You can contact us for any help regarding the same.
Before we can respond to a request to exercise the rights listed in this section, you may be required to verify your identity or your account details. We shall have duration of 1 month to respond to any or all of such exercising of your rights.
Third-Party Advertisers and Links to other Websites
The Platform may include third-party advertising and links to other Websites.
Sharing of Information
Information about our customers is an important part and we are not in the business of selling it to others.
The Platform may have affiliated businesses and may provide services jointly with or on behalf of these businesses. You can tell when a third party is involved in your transactions and we share customer information related to those transactions with that third party.
Where we process your financial information, ordinarily, the information will be retained for as long as necessary for the purpose/s for which it is collected.
In relation to all your other data including registration data, the Platform will not retain the users data for longer than required under the applicable law, and will delete data if they are no longer necessary for the purposes for which they are collected or otherwise processed, unless they are required to keep the data to comply with applicable legal obligations.
In some cases, we may be required to disclose your personal information to comply with legal requirements and requests from government agencies, if mandated by law or if required for the legal protection of the Platform’s legitimate interests in compliance with applicable laws.
We may also disclose your personal information to our group companies or to third parties:
Who provide us with payment related, data management and profiling, analytics, advertising or other services in order to process your bookings, provide information about tailored and individualized services/offers including on social media, and provide you with any information that you have requested;
Where we consider necessary to in order to comply with any law or regulation, where we suspect that any criminal offence may have been committed, to protect our rights, property or safety or that of others and in any circumstances where we consider that we are permitted to do so by law or regulation;
Where that third party is a professional adviser to us or any of our group companies.
In the event that the business is sold or integrated with another business, your details will be disclosed to our advisers and any prospective purchaser’s adviser and will be passed to the new owners of the business.
We might receive information about you from other sources and add it to our account information.
This Policy contains a list of the categories of personal data we collect, and have collected for the past twelve months. If you are a California resident, you may have additional rights under the California Consumer Privacy Act (“CCPA”) that include the right to ask us to disclose the personal data we collect, and the right to ask us to delete certain personal data that we collect or maintain about you. Please note that we do not sell the personal data that we collect. To exercise your rights, please contact us as provided in the Contact Us section. You will not be discriminated against for exercising your privacy rights under the CCPA. In order to protect your data from unauthorized access or deletion, we may require you to provide additional information for verification. If we can’t verify your identity, we will not provide or delete your data.
Copyright, Trademarks and Licenses
Copyright is applicable to all content included on the Platform, such as text, graphics, logos, button icons, images, audio clips, digital downloads, data compilations, and software, and is the property of the Platform or its affiliates or its content suppliers and protected by jurisdictional laws of India. The compilation of all content on this Platform is the exclusive property of the Platform or its affiliates and protected by the Indian and international copyright laws.
The Platform grants you a limited license to access and make personal use and not to download (other than page caching) or modify it, or any portion of it, except with express written consent of Platform and / or its affiliates, as may be applicable.
This license does not include any resale or commercial use of this Platform or its contents; any derivative use of this Platform or its contents; or any use of data mining, robots, or similar data gathering and extraction tools.
This Platform or any portion of this Platform may not be reproduced, duplicated, copied, sold, resold, visited, or otherwise exploited for any commercial purpose without express written consent of Platform and / or its affiliates.
Disclaimer of warranties and limitation of liabilities
The Platform is provided on an “as is” and “as available” basis. The Platform makes no representations or warranties of any kind, express or implied, as to its operation or the information, content, materials, or products included. You expressly agree that your use of the Platform is at your sole risk. The Platform reserves the right to withdraw or delete any information at any time in its discretion.
To the full extent permissible by applicable law, Platform disclaims all warranties, express or implied, including, but not limited to, implied warranties of fitness for a particular purpose. The Platform does not warrant that its servers, or e-mail sent are free of viruses or other harmful components. The Platform will not be liable for any damages of any kind arising from the use of this Platform, including, but not limited to direct, indirect, incidental, punitive, and consequential damages.
The Platform and its affiliates attempt to keep the content description be as accurate as possible. However, the Platform does not warrant that description of content is accurate, complete, reliable, current, or error-free. Also, your access to the Platform may also be occasionally suspended or restricted to allow for repairs, maintenance, or the introduction of new facilities or at any time without prior notice. We will attempt to limit the frequency and duration of any such suspension or restriction.
The Platform may provide links to other sites over which the Platform has no control and is not responsible for the availability of such external sites or resources and does not endorse and is not responsible or liable for any content, advertising, products or other material on or available from such sites or resources.
Modification and Severability
The Platform reserves the right to make changes to the policies at any time. If any of these conditions shall be deemed invalid, void, or for any reason unenforceable, that condition shall be deemed severable and shall not affect the validity and enforceability of any remaining conditions.
DATA PROTECTION POLICY
This Data Protection Policy (“DPP”) has been framed in compliance with GDPR issued by the European Parliament and Council.
This DPP is applicable on every person that collects data from (“European Union”) EU residents, or processes data on behalf of a data controller, or any person based in the EU and has a contractual relationship with [insert registered name of the Company], a company incorporated under the Companies Act, 2013 having its registered office at  (hereinafter referred to as “Company”/ “We”/ “Us”/ “Our”).
This DPP is incorporated by reference into any and all agreements currently in place between you and the Company and/or your use of the Platform (“Agreement”).
When you enter into any Agreement with the Company, you accept, without limitation or qualification, the DPP set forth below. You hereby represent and warrant that you have the authority to legally bind yourself and all of your personnel, representatives and/or Affiliates operating pursuant to any such Agreement referenced herein.
The Company reserves the right to modify or update this DPP at any time and changes will become effective immediately upon posting.
You are requested to check for updates to the DPP periodically.
You hereby agree to comply with the following provisions with respect to any personal data of one or more Data Subjects located in the European Economic Area Processed in connection with the Agreement.
The purposes of the DPP is to ensure such Processing is conducted in accordance with Data Protection Laws, including GDPR and with due respect for the rights and freedoms of individuals whose Personal Data are Processed. References to the Agreement will be construed as including this DPP. To the extent that the terms of this DPP differ from those in the Agreement, the terms of this DPP shall govern.
In this DPP, the following terms shall have the meanings set out below:
1.1 “Affiliate” means an entity that owns or controls, is owned or controlled by or is or under common control or ownership with a party, where control is defined as the possession, directly or indirectly, of the power to direct or cause the direction of the management and policies of an entity, whether through ownership of voting securities, by contract or otherwise;
1.2 “Contracted Processor” means the duly appointed Data Processor or a Sub-processor;
1.3 “Data Protection Laws” means all privacy and data protection laws and regulations applicable to the Processing of Personal Data under the Agreement, including the GDPR;
1.4 “Data Subject” means the individual to whom the Personal Data relates;
1.5 “GDPR” means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC;
1.6 “Security Breach” has the meaning set forth in Clause 7 of this DPP;
1.7 “Standard Contractual Clauses” means standard contractual clauses for the transfer of Personal Data to third countries approved by the European Commission Decision C (2004) 5271;
1.8 “Sub-processor” means any Processor or sub-processor engaged by the Data Controller for the Processing of Personal Data;
1.9 “Supervisory Authority” has the meaning set forth in Article 51 of the GDPR;
1.10 “Term” has the meaning set forth in Clause 12.1 of this DPP;
1.11 The terms “Controller”, “Personal Data”, “Processor,” “Processed” and “Processing,” have the meanings given to them in applicable Data Protection Laws.
2. PROCESSING OF PERSONAL DATA
2.1 The parties to the Agreement hereby agree that they are independent Controllers with respect to the processing of the Personal Data. To the extent that the data protection legislation of another jurisdiction is applicable to either party’s processing of data, the parties acknowledge and agree that the relevant party will comply with any obligations applicable to it under that legislation with respect to the processing of that data. Both the parties shall keep a record of all Processing activities with respect to Personal Data as required under GDPR.
2.2 Each party will comply with the obligations applicable to it under the Data Protection Laws with respect to the processing of Personal Data, including but not limited to: (i) providing accurate and up-to-date contact details of either party’s data protection officer to the other party; and (ii) providing reasonable information and assistance to the other party: (a) conducting data protection impact assessments as required under the Data Protection Laws; and (b) regarding consultations between that party and a Supervisory Authority.
2.3 The Data Processor shall Process the Personal Data in accordance with the requirements of the Data Protection Laws.
2.4 The Data Processor shall not Process any Personal Data other than with the written instructions of the Data Controller.
2.5 The Data Controller:
2.6 Shall instruct the Data Processor and its Affiliates (and instruct the Data Processor and its Affiliates to instruct each Sub- Processor) to:
(i) Process the Personal Data;
(ii)Particular, transfer the Personal Data to any country or territory, as reasonably necessary and consistent with the Agreement.
2.7 Hereby warrants and represents that it is and will at all relevant times remain duly and effectively authorised to give the instructions set out in clause 2.5.1 above on behalf of its Affiliates.
The information regarding Processing of Personal Data is set out under ‘Annexure B’ of this DPP.
The parties shall incorporate the terms of ‘Annexure B’ as a part of the Agreement and such terms shall form an integral part of this DPP.
3. DATA SUBJECT RIGHTS
Each party is separately responsible for honouring Data Subject access requests under Data Protection Law (including its rights of access, correction, objection, erasure and data portability, as applicable) and responding to correspondence, inquiries and complaints from Data Subjects.
Each party shall provide reasonable and timely assistance to the other party as necessary to help facilitate compliance with this Clause 3.
Both the parties shall take reasonable steps to ensure the reliability of any employee, agent or contractor of any Contracted Processor who may have access to the Personal Data, ensuring in each case that access is strictly limited to those individuals who need to know/ access the relevant Personal Data, as strictly necessary for the purposes of the Agreement, and to comply with Data Protection Laws in the context of that individual's duties to the Contracted Processor, ensuring that all such individuals are subject to confidentiality undertakings or professional or statutory obligations of confidentiality.
5.1 The Data Controller hereby authorises the Data Processor to appoint Sub- processors in accordance with this Clause and any restrictions in the Agreement.
5.2 The Data Processor may continue to use those Sub- processors already engaged by the Data Processor as at the date of the Agreement, subject to the Data Processor as soon as practicable meeting the obligations set out in Clause 5.4 below.
5.3 The Data Processor shall neither appoint, nor disclose any Personal Data to the proposed Sub-processor except with the prior written consent of the Data Controller.
5.4 With respect to each Sub-processor, the Data Processor shall:
5.5 Before the Sub- processor first Processes the Personal Data, carry out adequate due diligence to ensure that the Sub- processor is capable of providing the level of protection for the Personal Data required by the Agreement;
5.6 Ensure that the arrangement between the Data Processor and the Sub- processor is governed by a written contract including terms which offer at least the same level of protection for Personal Data as those set out in this DPP.
6. SECURITY AND AUDIT RIGHTS
6.1 The Data Controller shall maintain administrative, physical and technical safeguards for protection of the security, confidentiality and integrity of Personal Data it Processes under this DPP and the Agreement.
The Data Controller will implement and maintain technical and organizational measures to protect such Personal Data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access.
6.2 Both the parties will (taking into account the nature of the processing of Personal Data under the Agreement) cooperatively and reasonably assist each other in ensuring compliance with any of each other’s respective obligations with respect to the security of Personal Data and Personal Data breaches under this DPP, including (if applicable) any obligations pursuant to Articles 32 to 34 (inclusive) of the GDPR, by: (a) in the case of the Data Controller, implementing and maintaining appropriate security measures; and (b) complying with the terms of Clause 7 of this DPP.
6.3 Each party shall make available to the other party all information necessary to demonstrate compliance with the DPP and each Party may (or if mandated by a Supervisory Authority, will) allow for an audit by a mutually agreeable firm.
To request an audit, the requestor must submit a detailed audit plan at least 4 (Four) weeks in advance of the proposed audit date describing the proposed scope, duration, and start date of the audit.
The auditor must be approved in advance by both the parties (such approval may not be unreasonably withheld) and execute a written confidentiality agreement acceptable to both the parties before conducting the audit.
The audit must be conducted during regular business hours, subject to both the parties’ company policies, and may not unreasonably interfere with either company’s business activities.
Any such audits shall be conducted at the expense of the party making the request for such audit.
Both the parties agree to share information with the other regarding any non-compliance discovered during the course of an audit.
7. SECURITY BREACH MANAGEMENT AND NOTIFICATION
7.1 If either party becomes aware of any accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to any Personal Data transmitted, stored or otherwise Processed on the other party’s equipment or facilities under this DPP (“Security Breach”), such party will promptly notify the other party of the Security Breach.
Notifications made pursuant to this section will take place within a reasonable time and certainly no longer than 3 (Three) business days after discovery and shall describe, to the extent possible, details of the Security Breach, including steps taken to mitigate the potential risks and any recommended steps that either or both parties should take to address the Security Breach.
Each party will promptly investigate the Personal Data Breach if it occurred on its infrastructure or in another area it is responsible for and will assist the other party as reasonably necessary for both parties to meet their obligations under Data Protection Laws.
7.2 Both the parties agree that an unsuccessful Security Breach attempt will not be subject to this Clause 7. An unsuccessful Security Breach attempt is one that results in no unauthorized access to Personal Data processed pursuant to this DPP or to any of either party’s equipment or facilities storing Personal Data, and may include, without limitation, pings and other broadcast attacks on firewalls or edge servers, port scans, unsuccessful log-on attempts, denial of service attacks, or similar incidents.
7.3 Notifications of Security Breaches, if any, will be delivered to one or more of the other party’s business, technical or administrative contacts by any reasonable means, including via email. It is each party’s responsibility to ensure it keeps the other party updated with accurate contact information.
7.4 Any notification of or response to a Security Breach under this Clause 7 will not be construed as an acknowledgement by either party of any fault or liability with respect to the Security Breach.
7.5 The Data Controller shall implement reasonable technical and organizational security measures to provide a level of security appropriate to the risk in respect to the Personal Data. As technical and organisational measures are subject to technological development, either party is entitled to implement alternative measures provided they do not fall short of the level of data protection set out by Data Protection Laws.
8. RETURN AND DELETION OF PERSONAL DATA
8.1 Both the parties will comply with instructions from the other party to delete certain Personal Data as soon as reasonably practicable and within a maximum period of [●] days, unless Data Protection Law (or, in the case the data is not subject to Data Protection Law, applicable law) requires further storage.
8.2 On expiry of the Agreement, both parties hereby instruct the other to delete all Personal Data (including existing copies) from their respective systems and discontinue processing of such Personal Data in accordance with Data Protection Law as soon as reasonably practicable and within a maximum period of 60 (Sixty) days, unless Data Protection Law (or, in the case the data is not subject to Data Protection Law, applicable law) requires further storage.
This requirement shall not apply to the extent that the Personal Data has been archived on back-up systems so long as such Personal Data is isolated and protected from any further processing except to the extent required by applicable law.
9. DATA TRANSFERS
9.1 Neither party shall transfer any Personal Data (nor permit any Personal Data to be transferred) to a territory outside of the European Economic Area (“EEA”) unless it has taken such measures as are necessary to ensure the transfer is in compliance with the Data Protection Laws.
9.2 Except with regard to the Personal Data transferred from one party to the other party in reliance on the appropriate transfer mechanism specified in Clause 9.1 above, the Standard Contractual Clauses shall apply to the recipient's processing of Personal Data in countries outside the EEA that do not provide an adequate level of data protection.
10.1 Both parties agree that their respective liability under this DPP shall be apportioned according to each parties’ respective responsibility for the harm (if any) caused by each respective party as may be determined by the parties mutually.
10.2 Liability Cap Exclusions. Nothing in this Section 10 will affect the remaining terms of the Agreement relating to liability (including any specific exclusions from any limitation of liability).
11. GOVERNING LAW AND JURISDICTION
11.1 The parties shall submit to the choice of jurisdiction stipulated in the Agreement with respect to any disputes or claims howsoever arising under this DPP, including disputes regarding its existence, validity or termination or the consequences of its nullity; and
11.2 This DPP and all non-contractual or other obligations arising out of or in connection with it are governed by the laws of the country or territory stipulated for this purpose in the Agreement.
12.1 This DPP will take effect on the date of execution of the Agreement (the “Effective Date”) and will remain valid until the deletion of all Personal Data under the Agreement by both the parties (“Term”).
12.2 Nothing in this DPP shall impact either party’s intellectual property rights with respect to Personal Data provided by either party under the Agreement except to the extent required by applicable law.
12.3 Nothing in this DPP shall confer any benefits or rights on any person or entity other than the parties to the Agreement.
DETAILS OF PROCESSING OF THE PERSONAL DATA
1. Subject matter and duration of Processing of the Personal Data
The subject matter of the processing under the agreement is the Personal data. The duration of the processing under the agreement is as set forth in this DPP.
2. The types of Personal Data to be Processed
Cookie data, IP addresses, Browser details, name and emails.
3. The categories of Data Subject to whom the Personal Data relates
Data relating to individuals provided to us via our services or by end users.
4. The rights and obligations of the Data Controller
The rights and obligations of the Data Controller and its affiliates shall be as set forth under the Agreement.