Privacy Policy

Privacy Policy

for Soft Elevation Pvt Ltd.

Introduction and Preamble

  • This Privacy Policy (“Policy”) is issued by Soft Elevation Private Limited, a company incorporated under the provisions of the Companies Act, 2013, and having its registered office at Plot No ITC 10, Ground Floor, Sector 67, SAS Nagar, Punjab, PIN 160062 (hereinafter referred to as the “Company”, “we”, “us”, or “our”).
  • The Company is committed to safeguarding the privacy and confidentiality of personal data entrusted to it. This Policy is framed in compliance with the provisions of the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and other applicable laws and regulations governing data protection in India.
  • The purpose of this Policy is to set out, in clear and comprehensive terms, the manner in which the Company collects, uses, processes, stores, discloses, and protects personal data of individuals, and to inform data subjects of their legal rights in relation thereto.

Definitions

For the purposes of this Policy, unless the context otherwise requires:

  1. “Data Subject” shall mean any natural person to whom the personal data relates.
  2. “Personal Data” shall mean any information relating to an identified or identifiable natural person, whether directly or indirectly.
  3. “Sensitive Personal Data” shall mean such categories of personal data as are defined under applicable law, including but not limited to passwords, financial information, health records, sexual orientation, medical records, and biometric information.
  4. “Processing” shall mean any operation or set of operations performed upon personal data, whether or not by automated means, including but not limited to collection, recording, organisation, structuring, storage, adaptation, retrieval, consultation, use, disclosure, dissemination, restriction, erasure, or destruction.

Data Controller

  • The Company shall act as the Data Controller in respect of all personal data collected and processed under this Policy. The details of the Data Controller are as follows:

          –  Entity: Soft Elevation Private Limited
          –  Registered Address: Plot No ITC 10, Ground Floor, Sector 67, SAS Nagar, Punjab, PIN 160062

  • The Data Protection Officer shall be the designated point of contact for all queries, concerns, and requests relating to the processing of personal data.

Categories of Data Collected

1. The Company may collect and process the following categories of personal data:

  • Identity Data, including but not limited to name, title, date of birth, and gender.
  • Contact Data, including postal address, email address, and telephone numbers.
  • Technical Data, including IP address, browser type, device identifiers, and operating system.
  • Usage Data, including website navigation patterns, click-through rates, and time spent on pages.
  • Marketing Data, including preferences regarding receipt of marketing communications.
  • Transaction Data, including payment details, billing information, and purchase history.

2. In addition, the Company may collect Sensitive Personal Data, including but not limited to:

  • Financial information for the purpose of payment processing;
  • Professional credentials and certifications, where relevant to the services provided;
  • Health-related information, where relevant to employment or service delivery.

Legal Basis for Processing

The Company shall process personal data only where such processing is lawful under applicable law. The lawful bases for processing shall include:

  • Consent: Where the Data Subject has provided explicit consent for the processing of personal data.
  • Contractual Necessity: Where processing is necessary for the performance of a contract to which the Data Subject is a party.
  • Legal Obligation: Where processing is required to comply with a statutory or regulatory obligation.
  • Legitimate Interests: Where processing is necessary for the legitimate business interests of the Company, provided that such interests do not override the fundamental rights and freedoms of the Data Subject.

PURPOSE OF PROCESSING

  • Personal data shall be processed strictly for the following purposes:
    1. To provide IT services, including but not limited to software development, IoT solutions, and blockchain development;
    2. To manage customer relationships and provide client support;
    3. To undertake marketing, promotional, and business development activities;
    4. To comply with legal, regulatory, and contractual obligations;
    5. To conduct internal business administration, analytics, and reporting;
    6. To ensure security monitoring, fraud detection, and prevention.
  • Each purpose shall be limited to what is necessary and proportionate, and data shall not be processed in a manner incompatible with the purposes for which it was originally collected.

DISCLOSURE AND TRANSFER OF DATA

  • The Company may disclose personal data to third parties strictly on a need-to-know basis, including but not limited to:
    1. Service providers, vendors, and business partners, subject to confidentiality obligations;
    2. Legal and regulatory authorities, where disclosure is mandated by law or pursuant to a judicial order;
    3. Professional advisers, including legal counsel, auditors, bankers, and insurers;
    4. Governmental or statutory authorities, as required under applicable law.
  • Cross-Border Transfers: Where personal data is transferred outside India, such transfer shall be undertaken in compliance with applicable data protection laws, including the use of Standard Contractual Clauses, adequacy decisions, or other legally recognised safeguards.

DATA RETENTION

  • Personal data shall be retained only for as long as is necessary to fulfil the purposes for which it was collected, or as required under applicable law. Upon expiry of the retention period, personal data shall be securely deleted or anonymised. 
  • The duration of retention shall depend upon:
    1. The nature and category of the data collected;
    2. The purpose of processing;
    3. Legal, regulatory, or contractual requirements;
    4. The Company’s operational and business needs.

RIGHTS OF DATA SUBJECTS

  • Subject to applicable law, Data Subjects shall have the following rights:
    1. The Right of Access, to obtain confirmation as to whether personal data concerning them is being processed, and to receive a copy thereof;
    2. The Right to Rectification, to request correction of inaccurate or incomplete personal data;
    3. The Right to Erasure, to request deletion of personal data, subject to legal or contractual obligations;
    4. The Right to Restrict Processing, to request limitation of processing under certain circumstances;
    5. The Right to Data Portability, to receive personal data in a structured, commonly used, and machine-readable format;
    6. The Right to Object, to object to processing carried out on the basis of legitimate interests;
    7. The Right to Withdraw Consent, to withdraw consent at any time, without affecting the lawfulness of processing prior to such withdrawal.
    8. Requests for the exercise of these rights may be addressed to the Data Protection Officer.

SECURITY MEASURES

  • The Company shall implement appropriate technical and organisational measures to ensure the security of personal data, including but not limited to:
    1. Encryption of data in transit and at rest;
    2. Access control mechanisms and authentication protocols;
    3. Regular security audits and vulnerability assessments;
    4. Employee awareness and training programmes;
    5. Incident detection, reporting, and response procedures.
  • These measures are designed to protect personal data against unauthorised access, alteration, disclosure, or destruction.

COOKIES AND TRACKING TECHNOLOGIES

  • The Company’s website employs cookies and similar tracking technologies to enhance user experience. Cookies may be categorised as follows:
    1. Strictly Necessary Cookies, which are essential for website functionality;
    2. Performance Cookies, which collect information on website usage and performance;
    3. Functional Cookies, which enable enhanced functionality and personalisation;
    4. Marketing Cookies, which track browsing behaviour for targeted advertising.
  • Users may configure their browser settings to refuse or disable cookies; however, certain features of the website may not function properly as a result.

CONTACT INFORMATION

  • For any queries, concerns, or requests relating to this Policy, Data Subjects may contact:
    1. Email: info@softelevation.com
    2. Address: Plot No ITC 10, Ground Floor, Sector 67, SAS Nagar, Punjab, PIN 160062
    3. Phone: +1(725) 228-9548

AMENDMENTS

  • The Company reserves the right to amend, modify, or update this Policy at its sole discretion. Any material changes shall be communicated through the Company’s website or by direct notice to Data Subjects, as appropriate. Continued use of the Company’s services following such amendments shall constitute deemed acceptance of the revised Policy.