When you use our services, you’re trusting us with your information.
We understand this is a big responsibility and work hard to protect your information and put you in control.
1. DATA PROTECTION PRINCIPLES
Pesto has adopted the following principles to govern its collection, use, retention, transfer, disclosure and destruction of personal data: a) Lawfulness, Fairness and Transparency . Personal data shall be processed lawfully, fairly and in a transparent manner in relation to the data subject. This means that Pesto must tell the data subject what processing will occur (transparency), the processing must match the description given to the data subject (fairness), and it must be for one of the purposes specified in the applicable data protection regulation (lawfulness). b) Purpose Limitation . Personal data shall be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes. This means Pesto must specify exactly what the personal data collected will be used for and limit the processing of that personal data to only what is necessary to meet the specified purpose. c) Data Minimisation . Personal data shall be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed. This means Pesto must not store any personal data beyond what is strictly required. d) Accuracy . Personal data shall be accurate and kept up to date. This means Pesto must have processes in place for identifying and addressing out-of-date, incorrect and redundant personal data. e) Storage Limitation . Personal data shall be kept in a form that permits identification of data subjects for no longer than is necessary for the purposes for which the personal data is processed. This means Pesto must, wherever possible, store personal data in a way that limits or prevents identification of the data subject. f) Integrity & Confidentiality . Personal data shall be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing, and against accidental loss, destruction or damage. Pesto must use appropriate technical and organizational measures to ensure the integrity and confidentiality of personal data is maintained at all times. g) Accountability . The Data Controller (Board of Pesto Tech (India) Private Limited) shall be responsible for, and be able to demonstrate compliance. This means Pesto must demonstrate that the six data protection principles (outlined above) are met for all personal data for which it is responsible.
2. COLLECTION OF YOUR PERSONAL INFORMATION
2.1. We collect personal information from the individuals who want to register on our website www.pesto.tech. This information is not accessible to the visitors using Pesto’s website, either directly or by submitting a request. Individuals are required to create an account to be able to access certain portions of our Website, Individuals, if and when they create and use an account with Pesto need to register on the website, they will be required to disclose and provide to Pesto information including personal contact details like name and email address. In some cases, additional details like billing information including name, GST, address, PAN etc. may be required. Such information gathered shall be utilized to ensure greater customer satisfaction and help a customer satiate their needs.
2.3. We also automatically collect certain computer, device and browsing information when you access the website or use Pesto Services. This information is aggregated to provide statistical data about our users’ browsing actions and patterns, and does not personally identify individuals. This information may include:
Computer or mobile device information, including IP address, operating
system, network system, browser type and settings;
Website usage information.
If you want to avoid using cookies altogether, you can disable cookies in your browser. However, disabling cookies might make it impossible for you to use certain features of our website or Services, such as logging in to your Pesto Account or making Transactions. Your use of our website or Service with a browser that is configured to accept cookies constitutes acceptance of our and third-party cookies.
3. HOW PESTO USES THE INFORMATION WE COLLECT
3.1. We collect your personal information and aggregate information about the use of our Website and Services to better understand your needs and to provide you with a better Website experience. Specifically, we may use your personal information for any of the following reasons:
- To provide our Services to you, including registering you for our Services, verifying your identity and authority to use our Services, and to otherwise enable you to use our Website and our Services;
- For customer support and to respond to your inquiries;
- For internal record-keeping purposes;
- To process billing and payment, including sharing with third party payment gateways in connection with Website and/or Pesto’s products and Services;
- To improve and maintain our Website and our Services (for example, we track information entered through the “Search” function; this helps us determine which areas of our Website users like best and areas that we may want to enhance; we also will use for trouble-shooting purposes, where applicable);
- To periodically send promotional emails to the email address you provide regarding new products from Pesto, special offers from Pesto or other information about Pesto that we think you may find interesting;
- To contact you via email, or, where requested, by text message, to deliver certain services or information you have requested;
- For Pesto’s market research purposes, including, but not limited to, the customization of the Website according to your interests;
- We also may compare personal information collected through the Website and Services to verify its accuracy with personal information collected from third parties;
- We may combine aggregate data with the personal information we collect about you.
3.2. We may collect Pesto services usage information in order to improve function or UI, but will only use this information in an aggregated, anonymized fashion, and never in association with your name, email, or other personally identifying information.
4. DATA RETENTION
4.1. To ensure fair processing, personal data will be retained by the Board of Pesto (who shall at all times be considered as the “Data Controller” under this Policy) until a customer has an active account on the website and undertakes transactions therefrom. 4.2. The Board of Pesto shall maintain all records relevant to administering this policy and procedure in electronic form on our computers, servers, cloud storage etc.
4.3. We will retain records of all such information for five years after the account has been closed. 4.4. All personal data should be deleted or destroyed as soon as possible where it has been confirmed that there is no longer a need to retain it.
5. DATA PROTECTION
5.1. We employ procedural and technological security measures, which are reasonably designed to help protect your personal information from unauthorized access or disclosure. Pesto may use encryption, passwords, and physical security measures to help protect your personal information against unauthorized access and disclosure. No security measures, however, are 100% complete. Therefore, we do not promise and cannot guarantee, and thus you should not expect, that your personal information or private communications will not be collected and used by others. 5.2. You should take steps to protect against unauthorized access to your password, phone, and computer by, among other things, signing off after using a shared computer, choosing a robust password that nobody else knows or can easily guess, and keeping your log-in and password are private. Pesto is not responsible for the unauthorized use of your information or for any lost, stolen, compromised passwords, or for any activity on your Account via unauthorized password activity.
6. DATA PROTECTION RIGHTS
We would like you to be completely aware of your data protection rights. Every customer is entitled to the following:
- Information access.
- Objection to processing.
- Objection to automated decision-making and profiling.
- Restriction of processing.
- Data portability.
- Data rectification.
- Data erasure.
If a customer makes a request relating to any of the rights listed above, the Board of Pesto will consider each such request in accordance with all applicable data protection laws and regulations. No administration fee will be charged for considering and/or complying with such a request unless the request is deemed to be unnecessary or excessive in nature. Requests shall be made in writing/email to: email@example.com.
We may share the information that we collect about you, including your
personal information, as follows: a) Information Disclosed to Protect Us
and Others We may disclose your information including Personal Information
(i) Pesto reasonably believes that disclosure is necessary in order to comply with a legal process (such as a court order, search warrant, etc.) or other legal requirement of any governmental authority,
(ii) disclosure would potentially mitigate our liability in an actual or potential lawsuit,
We may send periodic promotional or informational emails to you. You may opt-out of such communications by following the opt-out instructions contained in the email. Please note that it may take up to 10 business days for us to process opt-out requests. If you opt-out of receiving emails about recommendations or other information we think may interest you, we may still send emails on a case to case basis.
9. BREACH REPORTING
Any individual who suspects that a personal data breach has occurred as a result of the theft or exposure of personal data must immediately notify the Board of Pesto immediately at firstname.lastname@example.org by providing a description of what occurred. They will investigate all reported incidents to confirm whether or not a personal data breach has occurred. If a personal data breach is confirmed, Pesto will follow the relevant authorized procedure based on the criticality and quantity of the personal data involved. For severe personal data breaches, Pesto’s senior management will initiate and chair an emergency response team to coordinate and manage the personal data breach response.
THIS POLICY IS CURRENT AS OF THE EFFECTIVE DATE SET FORTH ABOVE. PESTO MAY, IN ITS SOLE AND ABSOLUTE DISCRETION, CHANGE THIS POLICY FROM TIME TO TIME BY UPDATING THIS DOCUMENT. PESTO WILL POST ITS UPDATED POLICY ON THE WEBSITE ON THIS PAGE. PESTO ENCOURAGES YOU TO REVIEW THIS POLICY REGULARLY FOR ANY CHANGES. YOUR CONTINUED USE OF THIS WEBSITE AND/OR CONTINUED PROVISION OF PERSONAL INFORMATION TO US WILL BE SUBJECT TO THE TERMS OF THE THEN-CURRENT POLICY.