Data Protection and Privacy Policy

This is the data protection and privacy policy (“Policy”) adopted by Canta Consultants LLP (“Canta”) in compliance with the data protection laws of India. Canta is committed to protecting individual privacy and protection of individual personal data. This Policy applies where we are acting as a data controller for the personal data of our website visitors and service users, or individuals covered under our data-sharing arrangements for specified purposes. In other words, where we determine the purposes and means of the processing of personal data, all personal data processing will be in full adherence with the Digital Personal Data Protection (“DPDP”) Act, 2023. If you have any questions or concerns regarding this Policy, please contact us at: [email protected]

 

1. Classification of Information

Personal information is classified as below:

(i) Personal information collected from the users/visitors of www.thehearthadvisors.com (“the Website”). This is further classified as:

(a) Personally identifiable information that is knowingly disclosed. This information is collected on an individual basis.

(b) General user information that does not contain personally identifiable information. This is collected on an aggregate basis.

(ii) Personally identifiable information collected by Canta / shared with Canta under data sharing arrangements for specified purposes. No such sharing of personal data is permissible without the consent of concerned individuals who form the subject matter of such agreements.

 

2. Personally Identifiable Information

We may ask for certain personal information for the purpose of providing content that is requested and for the purpose of future communications. For example, if an individual indicates an interest in receiving a monthly e-newsletter, we may ask for the individual’s name and e-mail address. This information is retained on file for as long as necessary, so that the information requested by the individual can be shared with the individual. The Website requests the name and e-mail address of the user/visitor each time a contact is made by clicking on the “Contact Us” link. A record of these users/visitors may be maintained to respond properly to their questions or concerns and for purposes of future communications. The Website may also request a user/visitor name, title, and email address each time a report or a resource is downloaded from the Website so that related information or communications can be sent to the user/visitor in the future.

 

3. Contact Form

By filling in the contact form on the Website, the user/visitor authorises the use of these details to reply to requests for information, quotes, or any other kind of request as indicated by the form’s header. Personal information collected may include company name, country, email address, first name and last name.

 

4. Mailing List or Newsletter

By registering on the mailing list or for the newsletter, the user/visitor email address will be added to the contact list of those who may receive email messages containing information of a commercial or promotional nature concerning this application. Personal information collected may include email address, first name, and last name.

 

5. Reports & Resources

By clicking to download a report on the Website and filling in the contact form, a user/visitor authorises Canta to use these details to reply to requests for information, or any other kind of request as indicated by the form. Users/visitors may also opt-in to be added to the contact list of those who may receive email messages containing information of commercial or promotional nature concerning the report or the resource downloaded. Personal information collected may include name, job title, and email address.

 

6. Cookies / Web Server Logs

(a) Similar to other commercial websites, the Website may sometime utilise a standard technology called “cookies” and Web server logs to collect information about how the Website is used. Cookies are a feature of Web browser software that allows Web servers to recognise the computer used to access a site. Cookies are small pieces of data that are stored by a user’s Web browser on the user’s hard drive. Information gathered through cookies and Web server logs may include the date and time of visits, the pages viewed, time spent at the Website, and the sites visited just before and just after the Website. This information is collected on an aggregate basis. None of this information is associated with the user/visitor as an individual.

(b) Cookies can be disabled by a user/visitor by indicating this in the preferences or options menus in their browser. However, it is possible that some parts of the Website may not operate correctly upon disabling cookies. Users/visitors should consult with their browser’s provider/manufacturer if they have any questions regarding disabling cookies.

 

7. Use of Information

(a) Personal data is used to provide an individual with the information or content that is requested, and, in some cases, to contact the individual about our programs or reports. If an individual no longer wishes to receive press releases or any other type of information from us, the individual may send an email through our “Contact Us” link on the Website or use our e-mail alert form to change their preferences; or follow the “Unsubscribe” link provided in the e-mail that they receive, or email us at [email protected].

(b) We use non-identifying information collected on the Website in the aggregate to better understand user/visitor use of the Website and to enhance user/visitor experience. For example, we may use the information to improve the design and content of the Website or to analyse the programs and services that we offer.

(c) We may employ other companies and individuals to perform functions on our behalf. Our employees, agents, and contractors who have access to personally identifiable information are required to protect this data in a manner that is consistent with this Policy.

(d) We may provide access to personally identifiable information when legally required to do so, to cooperate with police investigations or other legal proceedings, to protect against misuse or unauthorised use of the Website, to limit our legal liability and protect our rights, to protect the rights and safety of the users/visitors to the Website or the public, or under the provisions of the DPDP. In those instances, the information is provided only for that limited purpose.

(e) We will not share any personally identifiable information in ways unrelated to those described above without providing the user/visitor with an opportunity to opt out of such use or otherwise prohibit such unrelated uses.

 

8. Third-Party Services

(a) Third-party services such as Google Analytics may be used by Canta to assist in providing our services and to help us understand how the Website is used. These services may collect information sent by a browser as part of a web page request, including IP addresses or cookies. If these third-party services collect information, they do so anonymously and in the aggregate to provide information helpful to us such as Website trends, without identifying individual visitors. Please see “Cookies” in the section above for information on how you can control the use of cookies on your computer.

(b) Google Analytics (Google Inc.) Google Analytics is a web analysis service provided by Google Inc. (“Google”). Google utilizes the Data collected to track and examine the use of this Application, to prepare reports on its activities and to share them with other Google services. Google may use the Data collected to contextualise and personalise the ads of its advertising network. Personal information collected may include cookies and usage data.

(c) Google Tag Manager (Google Inc.) Google Tag Manager is an analytics service provided by Google Inc. Personal Data collected may include cookies and usage data.

 

9. Access to Information or Modification of User/Visitor Choices

If a user/visitor volunteers personally identifiable information on the Website, the user/visitor may modify, update, or delete such information by visiting the e-mail alert area where user/visitor preferences regarding receipt of information from us can also be updated. Alternatively, clicking on the “Contact Us” link and sending an e-mail (indicated above in this Policy) can be another mode of updating or modifying user/visitor information access and/or receipt choices. A user/visitor should be aware, however, that it is not always possible to completely remove or modify information in our databases.

 

10. Information Security

Reasonable steps (including physical, technical, and organisational measures) are undertaken to maintain the security of the personally identifiable information collected from individuals and to protect it against accidental, unlawful, or unauthorised destruction, loss, alteration, disclosure, or access, whether it is processed in the local jurisdiction of the individual, India, or elsewhere. However, no data transmission over the Internet can be guaranteed to be completely secure. Accordingly, we cannot ensure or warrant the security of any information that is transmitted to us. Therefore, an individual assumes this risk when transmitting information to us.

 

11. Use of the Website by Children

The Website is not specifically targeted to children. We do not actively solicit information from children, and we do not knowingly collect personal information from children without proper parental consent. If an individual believes that we may have collected personal information from someone under the applicable age of consent without parental consent, please email us at [email protected], and we will promptly address the issue. This protection applies to persons with disabilities acting under lawful guardians.

 

12. Information Collected Under “Career Opportunities”

When a user/visitor provides information in Career Opportunities, this information is used to evaluate their candidacy for employment and to track and evaluate our hiring practices generally. We may disclose this information to recruiters and other third parties who help us review applicants. When uploading a resume, please do not provide us with sensitive information such as national identity card numbers, social security numbers, dates of birth, health, and financial information.

 

13. Links

The Website contains links to third-party sites as well as to other sites owned and/or operated by Canta. Please be aware that Canta is not responsible for the privacy practices of any third-party sites.

 

14. Data Sharing Arrangements

Canta ensures all reasonable care that data processed by it under data sharing arrangements is for specified purposes and follows the DPDP protections. No personal data is processed under any data-sharing arrangement without the due consent of concerned individuals and reasonable care is taken that data processing under any such data-sharing arrangement is compatible with the purposes for which the personal data was initially collected.

 

15. Purposes of Processing and Legal Basis for Processing Personal Information

Processing of personal information is on the following legal bases: (i) with user/visitor consent; (ii) as necessary to perform our agreements with third parties; (iii) as necessary for our legitimate interests in providing services where those interests do not override the user/visitor fundamental rights and freedom related to data privacy; (iv) for any other purpose stipulated under the DPDP.

 

16. Transfers

Personal information collected may be transferred to, stored, and processed in, India, or any other country in which we or our affiliates, partners, or service providers maintain facilities (unless specific restrictions are notified under the DPDP). Canta will take appropriate steps to make sure that such recipients act following applicable law. We will provide an adequate level of protection of personal information, including appropriate technical and organisational security measures and through the implementation of appropriate contractual measures to secure such transfer, in compliance with applicable law.

 

17. Individual Rights

An individual is entitled to the rights under the DPDP. These rights include:

(i) The right to access. An individual has the right to obtain information about our processing of personal data and a copy of their personal data that we store.

(ii) The right to rectify personal data. An individual has the right to request that we update their personal data if it is inaccurate or incomplete.

(iii) The right to request personal data erasure. An individual has the right to have their personal information erased from our files if the data is no longer necessary for the purpose for which it was collected, they withdraw consent and no other legal basis for processing exists, or they believe their fundamental rights to data privacy and protection outweigh our legitimate interest in continuing the processing.

(iv) The right to restrict or object to our processing. An individual has the right to restrict or object to the processing of their personal information if we do so based on legitimate interests or the performance of a task in the public interest as an exercise of official authority (including profiling); using the user/visitor data for direct marketing (including profiling); or processing the user/visitor data for purposes of scientific or historical research and statistics.

(v) The right to lodge a complaint. An individual has the right to lodge a complaint about our information processing actions by emailing us at [email protected] or with the concerned data protection authority under the DPDP.

(vi) Right to nominate. An individual has the right to nominate any other individual, who shall, in the event of death or incapacity of the user/visitor, exercise the rights of the user/visitor in accordance with this provision of the Policy or under the DPDP.

 

18. Retention

Canta will retain Personal Information no longer than is necessary to carry out the purposes listed in this Policy or that is required by law.

 

19. To Stop Receiving Messages From Us

If an individual wishes to stop receiving messages from us, click on the “Unsubscribe” link at the bottom of any message you receive from us.

 

20. Changes to this Policy

We regularly review and, where necessary, update our data protection and privacy policies. If we plan to use personal data for a new purpose, or in the event of changes in national laws or regulations, we update this Policy and communicate the changes to individuals before starting any new processing.

 

This Policy was updated on 05 January 2024.