Felixvet

Privacy Policy

  1. DATA PRIVACY STATEMENT

As per the requirements of the Information Technology Act, 2000 (“IT Act”), and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (“SPDI Rules”) as amended from time to time, this data privacy policy (“Policy”) outlines the manner in which “Personal Information” or “Sensitive Personal Information” (defined hereinafter) will be handled or dealt with by Felix Generics Private Limited (“Company”).

  1. DEFINITIONS
  • Personal Information” (hereinafter referred to as “Pl”) for the purposes of this Policy, refers to any information that relates to a natural person, which either directly or indirectly, in combination with other information available or likely to be available with a body corporate, is capable of identifying such person.
  • Sensitive personal data or information of a person” (hereinafter referred to as “Sensitive Personal Information” or “SPDI”) for the purposes of this Policy refers to such personal information, which consists of information relating to:
    • password;
    • financial information such as bank account or credit card or debit card or other payment instrument details;
    • physical, physiological and mental health condition;
    • sexual orientation;
    • medical records and history;
    • biometric information;
    • any detail relating to the above clauses as provided to the Company to enable the Company to manufacture and provide products and/ or services; and
    • any of the information received under any of the above clauses by the Company for processing, stored or processed under a lawful contract or otherwise.

Provided that any information that is freely available or accessible in public domain or furnished under the Right to Information Act, 2005 or any other law for the time being in force shall not be regarded as Sensitive Personal Information for the purposes of this Policy.

  • Information Provider” for the purpose of this Policy, refers to a natural person or individual who provides PI or SPDI directly pursuant to a lawful contract to the Company.
  1. DATA COLLECTION AND ITS USE
  • The Company realizes the importance of PI including SPDI provided to it by the Information Provider and the trust they place with respect to maintaining the security in relation to PI including SPDI, and so the Company shall take reasonable steps to keep such information confidential and may share it with third parties in accordance with this Policy on a need-to-know basis under appropriate arrangements.
  • Notwithstanding anything contained in this Policy or any other document, the Information Provider agrees and confirms that the Company may disclose and/ or transfer PI (including Sensitive Personal Information) which was collected from the Information Provider, to any of its affiliates, agents or a third party: (i) in connection with manufacturing and providing the products and/ or services the Information Provider may have sought; or (ii) pertaining to the Information Provider’s employment with the Company; or (iii) to ensure the Company’s compliance with a legal or contractual obligation.
  • The Company (or any authorized person on its behalf) will:
    • ordinarily collect PI and/ or Sensitive Personal Information that it believes is necessary: (A) for a lawful purpose connected with a function or activity necessary to manufacture, deliver, promote or market the Company’s products/ services; (B) to carry out its primary business functions and/ or activities; (C) to comply with applicable regulations; or (D) in the capacity as an employer or a counterparty to agreements with individuals/ customers. Any such information collected will be kept confidential.
    • generally, collect only such information about the Information Provider, which is voluntarily provided, or the Information Provider has consented to provide the information or where it is required by law. The Company shall obtain such consent in any manner, and through any medium, but will not employ threats, duress or coercion to obtain such consent.
    • only collect such information by lawful and fair means and not in an unreasonably intrusive way.
    • apart from the necessity to collect the Information Provider’s information in order to provide a service or products, or maintain a business or employment relationship with the Information Provider, the purposes for which the Company would generally collect and use your Sensitive Personal Information (subject to the SPDI Rules) will include but are not limited to:
      • complying with legislative and regulatory requirements;
      • performing administrative functions; and
      • manufacturing and offering products and services that may interest the Information Provider.
  • The PI and/ or SPDI of the Information Provider may be collected and/ or retained either directly by the Company or by any person on its behalf. The Company will be required to share the names and addresses of entities that may collect and/ or retain PI and SPDI.
  • The Company (or any authorized person on its behalf) will not retain the information collected for longer than is required for the purposes for which such information may be lawfully used or is otherwise required under any law for the time being in force. The PI and SPDI collected shall only be used for the purpose for which it has been collected and for no other purpose.
  • The Company (or any authorized person on its behalf collecting PI or SPDI) will seek the Information Provider’s consent (regarding the purpose for which the information will be used) in writing, in the form of a letter, email, or fax before collection of such information. The Information Provider shall be given the option to not provide or refuse to provide the PI or SPDI sought to be collected by the Company. The Information Provider also has the option to withdraw the consent given earlier by intimation to the Company in writing. However, if the Information Provider opts out, the Company will have the option not to manufacture and provide the related product and/ or service to the Information Provider for which such information was sought.
  • The Company (or any person on its behalf) will upon request of the Information Provider allow the Information Provider to review the information provided and ensure that any PI or SPDI that is inaccurate or deficient will be corrected or amended as feasible. The Company (or any other authorized person acting on its behalf) will not be responsible for the authenticity of the information supplied by the Information Provider.
  1. PURPOSE FOR COLLECTION OF PI AND SPDI

The Company (or any other authorized person on its behalf) will collect PI, SPDI, customer data and employee data insofar as such are necessary for the fulfilment of the purposes mentioned under Paragraph 3 above.

  1. RECIPIENTS OR CATEGORIES OF RECIPIENTS TO WHOM THE DATA MAY BE DISCLOSED
  • The Company (or any other authorized person on its behalf) will not use or disclose SPDI collected about the Information Provider to a third party otherwise than for the purposes and as per terms set out in this Policy unless the disclosure is necessary for compliance of a legal obligation or where it is agreed to in the contract with the Information Provider or as consented by the Information Provider. The Company (or any other authorized person on its behalf) will also not publish such information collected, unless the same is required for compliance of a legal obligation or as consented by the Information Provider.
  • Provided that such information shall not be shared without the Information Provider’s consent, unless the same is being shared with government agencies as mandated under law for the purpose of verification of identity or for prevention, detection, investigation including cyber incidents, prosecution and punishment of offences.
  • Notwithstanding anything contained in this Policy, any SPDI shall be disclosed to any third party if required by an order under a law for the time being in force.
  • The Information Provider authorises the Company (or any other authorized person on its behalf) to disclose necessary PI and SPDI to affiliates, agents or third-party service providers who manufacture and/ or provide products and services to the Company in connection with the Company’s products/ services or, the Information Provider’s employment with the Company.
  • Subject to what is permitted under law, following are the types of third parties (whether in India or overseas) to whom the Information Provider’s PI and SPDI could be disclosed to:
    • agents, contractors, service providers and external advisers engaged by the Company from time to time to carry out, manufacture, provide products/ services or advise on the functions and activities where PI or SPDI of Information Provider is required;
    • other related bodies corporate/ affiliates of the Company;
    • regulatory bodies, government agencies, law enforcement bodies and courts; and
    • any person who the Company deems necessary for carrying out the instructions Information Provider gives to the Company.
  1. TIME LIMITS FOR THE DELETION OF DATA AND ACCESS

Subject to what is permitted under law, PI and SPDI will be deleted if the purpose mentioned under Paragraph 3 above is attained.

  1. TRANSFER OF DATA

The Company (or any authorized person on its behalf) may transfer PI and/ or SPDI to any other body corporate or a person in India, or located/ residing in any other country, that ensures the same level of data protection that is adhered to by the Company as provided for under the IT Act and SPDI Rules. The transfer may be allowed only if it is necessary for the performance of the lawful contract between the Company (or any authorized person acting on its behalf) and the Information Provider or where the Information Provider has consented to such data transfer.

  1. SECURITY

The Company (or any authorized person on its behalf) has formulated adequate security practices and procedures to ensure that the information is adequately protected as per the applicable laws, industrial practice and standards.. The Company strives hard for ensuring that the PI and SPDI it holds is protected from misuse, loss and unauthorized access, modification or disclosure.

  1. GRIEVANCE REDRESSAL AND MANAGER IN CHARGE OF DATA PROTECTION
  • The Company shall address any discrepancies and grievances of the Information Provider with respect to processing of information in a time bound manner.
  • The Company appoints Deepak Singh (Contact: 0124 – 4712200, Email ID: singh@felixvet.com) as the Grievance Officer, and these details are also published on the Company website. The Grievance Officer shall redress the grievances of the Information Provider expeditiously within 1 (one) month from the date of receipt of grievance.
  1. AMENDMENT

The Company may amend or modify this Policy from time to time at its sole discretion.