Privacy-Policy

This Policy outlines the manner in which we collect, process, protect, store, transfer, and use the information provided by visitors to the website Bimaakawach.com (hereinafter referred to as the "Website"). In this Privacy Policy, the terms "We," "Us," "Our," " Lords Mark Insurance Broking Services Pvt.Ltd.," and "Company" refer to Lords Mark Insurance Broking Services Pvt.Ltd., a company incorporated under The Companies Act, 1956, including its representatives and affiliates. The terms "You," "Your," "Yourself," or "User" encompass individuals accessing the Website as visitors or availing any of the Services provided by Lords Mark Insurance Broking Services Pvt.Ltd. at all levels, along with any employees (permanent or contractual), contractors, or associates.

Please carefully read the following terms and conditions. By accessing the Website or using any of our services, you agree to be bound by all the terms of this Privacy Policy.

For the purposes of this Privacy Policy, "Affiliate" refers to any person directly or indirectly controlled by Lords Mark Insurance Broking Services Pvt.Ltd.. "Control," as used in the preceding sentence, means the possession, directly or indirectly, of the power to direct or control the decision-making of the management or policies of the controlled person, through voting rights, contractual rights, or otherwise. "Person" includes any natural person, corporation, partnership, Limited Liability Company, trust, unincorporated association, or any other entity.

Purpose: The purpose of this Privacy Policy is to help you understand the following:
  • The type of Personal Information (including Sensitive Personal Data or Information) that we collect from users.
  • The purpose of collecting, using, and processing such Personal Information.
  • How and to whom we disclose this information.
  • How we protect the collected Personal Information, including Sensitive Personal Data or Information.
  • How users can access and modify their Personal Information.

Personal Information/Sensitive Personal Data: "Personal Information" refers to any information that relates to a user and is capable of identifying the person concerned, either directly or indirectly.

"Sensitive Personal Data or Information" refers to personal information of a user, including details such as passwords, financial information (bank account, credit card, debit card, etc.), physical, physiological, and mental health conditions, sexual orientation, medical records and history, biometric information, or any other data received by the Company for processing or storage. Data freely available in the public domain, furnished under the Right to Information Act, 2005, or any other law does not qualify as Sensitive Personal Data or Information.

Types of Personal Information collected by the Company: While using our Services, we may collect the following categories of Personal Information from users:
  • Name
  • User ID
  • Email address
  • Address (including country and ZIP/postal code)
  • Gender
  • Age
  • Phone Number
  • Password chosen by the user
  • Geographical location through the IP address of the user
  • Financial account information like bank account details, GST certificate, PAN Card, etc., and transactional information related to Company-involved transactions
  • Any of the above information pertaining to the customer/buyer of the user
  • All other personally identifiable information/details shared by the user from time to time, including personally identifiable information/details of the customer/buyer of the user, collectively referred to as "User Information."

To avail themselves of the Services, users may be required to upload/share certain documents (e.g., Aadhaar, PAN Card, GST certificate, etc.) on the Platform or email them to the Company. Accordingly, the term "User Information" includes any such documents uploaded or provided by the users. We may also keep records of telephone calls received and made for inquiries, orders, or other necessary purposes related to the administration of Services.

pAutomatic Data Collection: We may also receive and/or hold information about the user's browsing history, including the Uniform Resource Locator (URL) of the site visited prior to accessing the Platform, the Internet Protocol (IP) address of the user's computer (or proxy server used to access the World Wide Web), the user's computer operating system, the type of web browser used, and the name of the user's Internet Service Provider (ISP). The Platform may use temporary cookies to store certain non-Sensitive Personal Data or Information used for technical administration, research and development, and user administration. Additionally:

  • We do not knowingly collect Personal Information from children.
  • We may, in the future, include other optional requests for information from the user, including through surveys, to customize the Platform and deliver personalized information and for other purposes mentioned herein. Any additional Personal Information will also be processed in accordance with this Privacy Policy.
Purposes for which the Company may use the Information: We will retain User Information only to the extent necessary to provide one or more Services. By providing your information, you consent to the collection, sharing, disclosure, and usage of the information in accordance with this Privacy Policy. The information we collect may be utilized for various business and/or regulatory purposes, including but not limited to:
  • Registration of the user on the Platform.
  • Processing the user's orders/requests and providing various Services.
  • Sending timely/periodical updates to the user and their customers.
  • Completing transactions with users effectively and billing for the products/Services provided.
  • Technical administration and customization of the Platform.
  • Ensuring that the Platform's content is presented effectively to users.
  • Delivery of personalized information and targeted/non-targeted advertisements by the Company to the user.
  • Improvement of Services, Platform features, and functionality.
  • Research and development, user surveys, and business intelligence.
  • Dealing with requests, enquiries, complaints, or disputes, and other customer care-related activities.
  • Communicating any changes in our Services, Privacy Policy, or Terms of Use to the users.
  • Verification of user identity and fraud prevention.
  • Investigating, enforcing, resolving disputes, and applying our Terms of Use and Privacy Policy.
  • Complying with applicable legal requirements and Company policies/terms.
  • Any other purpose necessary to provide the Services that users have opted for.

Disclosure and Transfer of User’s Personal Information: We may need to disclose/transfer User’s Personal Information to certain third-party service providers in order to provide Users with the Services they have opted for. We may need to disclose / transfer User’s Personal Information to Governmental and judicial institutions/authorities, to the extent required: Under the laws, rules, and regulations and/or under orders of any relevant judicial or quasi-judicial authority; To protect and defend the rights or property of the Company; To fight fraud and credit risk; To enforce the Company's Terms of Use (to which this Privacy Policy is also a part); or When the Company, in its sole discretion, deems it necessary in order to protect its rights or the rights of others. The Company may also make all User Information accessible to its employees and data processors/third party vendors only on a need-to-know basis and for the purposes set out in this Privacy Policy. The Company takes adequate steps to ensure that all the employees and data processors/third party vendors, who have access to, and are associated with the processing of User Information, respect its confidentiality and that such data processors/third party vendors adopt at least such reasonable level of security practices and procedures as required under applicable law. However, the Company does not disclose information, individually labelled or aggregated, obtained through Marketplace Application programming interface on behalf of a User to other Users or any third parties, unless required by law. Non-personally identifiable information may be disclosed to third party ad servers, ad agencies, technology vendors and research firms to serve non-targeted advertisements to the Users. The Company may also share its aggregate findings (not specific information) in a non- personally identifiable form based on information relating to the User’s internet use (to the extent set out in this Privacy Policy) to prospective, investors, strategic partners, sponsors and others in order to help growth of Company's business. We may also disclose or transfer the User Information, to another third party as part of reorganization or a sale of the assets or business of Company. Any third party to which the Company transfers or sells its assets will have the right to continue to use the Personal Information and/or other information that a User provides to Us in a manner consistent with this Privacy Policy. Links to Third-Party: The links to third-party advertisements, third party websites or any third-party electronic communication services (referred to as “Third Party Links”) may be provided on the platform which are operated by third parties and are not controlled by, or affiliated to, or associated with the Company, unless expressly specified on the Platform. If You access any such Third-Party Links, we request You to review the concerned website’s privacy policy. We shall not be responsible for the policies or practices of such third parties. Security Practices and Procedures: For the purpose of providing the Services and for other purposes identified in this Privacy Policy, we are required to collect and host certain data and information of the Users. We are committed to protecting Your Personal Information, and to that end, the Company adopts reasonable security practices and procedures to implement technical, operational, managerial and physical security control measures in order to protect the Personal Information in its possession from loss, misuse and unauthorized access, disclosure, alteration and destruction. While we try our best to provide security that is commensurate with the industry standards, due to the inherent vulnerabilities of the internet, we cannot ensure or warrant complete security of all information that is being transmitted to Us. The Company takes adequate steps to ensure that third parties to whom the Personal Information may be transferred adopt at least such reasonable level of security practices and procedures as required under applicable law to ensure security of Personal Information. You hereby acknowledge that the Company is not responsible for any information sent via the internet that has been intercepted beyond Our control after having adopted reasonable security practices and procedures, and You hereby release Us from any and all claims arising out of or related to the use of intercepted information in any unauthorized manner. User's rights in relation to their personal information collected by the Company: All the information provided to the Company by a User, including Sensitive Personal Data or Information, is voluntary. User has the right to withdraw his/her/its consent at any time, in accordance with the terms of this Privacy Policy and the Terms of Use, but please note that withdrawal of consent will not be retrospective. Users can access, modify, correct and delete the Personal Information provided by them which has been voluntarily given by the User and collected by the Company in accordance with this Privacy Policy and Terms of Use. However, if the User updates his/her information, the Company may keep a copy of the information which User originally provided to the Company in its archives for User documented herein. In case the User seeks to update or correct, his/her Personal Information, the User may exercise these rights by Data Grievance Officer and communicating the change(s) for updating the Company’s records. In case the User does not provide his/her information or consent for usage of Personal Information or subsequently withdraws his/her consent for usage of the Personal Information so collected, the Company reserves the right to discontinue, in part or full, the Services/associated features and benefits for which the said information was sought. For how long do the Company keep Personal Information: Company will retain your Personal Information for as long as needed to fulfil the purpose for which it was collected and for any longer period thereafter in order to comply with applicable law. In case a User has withdrawn or cancelled their registration from the Platform, we are obliged under law to retain their Personal Information for a period of one hundred and eighty days after such cancellation. We may retain non-personally identifiable data indefinitely or to the extent allowed by applicable law. Changes to this Privacy Policy: We may update this Privacy Policy from time to time and shall notify you regarding the Policy as well as any such changes periodically and at least once a year. However, you are advised to review this page/policy periodically for any changes. Your continued usage of the Services shall constitute your acceptance of the amended/updated Privacy Policy. SECURITY MEASURES: Protecting Your information is our paramount goal. We adopt appropriate data collection, storage and processing practices and security measures to protect against any unauthorized access, alteration, disclosure or destruction of username, password, transaction information or any other information/data stored with Us. Some of the security measures taken by Us are as following: The information collected by Us is stored on servers that are secured behind a firewall. Further, the access to the servers is password-protected and strictly controlled. All information transmitted to and from Our server is fully encrypted. The data that is passed in APIs is passed over secure TLS based http connection. We do not store any payment or cards related information on Our servers. Your data stored in Our systems is not visible to anyone. We are ISO27001:2013 certified. The system architecture isolates your activity to ensure that any Company associates cannot view your information without your permission. CONSENT: By Using our Website and by providing Your information, it is assumed that You have provided Your express consent to the collection and Use of the information which is disclosed in accordance with this Privacy Policy, including but not limited to, Your express consent for sharing this information as per this Privacy Policy. We recommend that You do not Use/access and/or continue to Use/access the Website/App if You do not agree to the terms and conditions of this Privacy Policy. We obtain Your consent depending on our relationship with You. Thus, the consent is obtained in the following manner: Consent of prospects/customers: Consent of the customer is taken on the proposal form/ through acceptance of the terms and conditions of our App or Website. Consent of Partners: Consent of the Partner is obtained at the time of joining the company or accepting the terms and conditions of our App or Website during enrolling stage. Consent of Vendors/Suppliers: Consent of the vendor/supplier is obtained through signed written contracts along with supporting legal documents like affidavits. Consent of the Employees: Consent of an employee is obtained through the forms filled up by an employee at the time of joining through the joining documents and/ or through self-attested testimonials and other KYC documentation. By Using our Website or by providing Your information as mentioned above, it is assumed that You have provided Your express consent to the collection and Use of the information, which is disclosed in accordance with this Privacy Policy, including but not limited to, Your express consent for sharing this information as per this Privacy Policy. We recommend that You do not Use/access and/or continue to Use/access the Website, WAP service or app if You do not agree to the terms and conditions of this Privacy Policy You have an option to refuse to give Your consent or take back Your consent in a way as specified below: Customers can choose to approach our offices for a more private and protected meeting further leading to safe completion of the transaction or choose to avoid making transactions through the Website/App. Vendors have the right to choose to terminate the contract or modify the terms of the contract as mutually agreed upon by the Company and the vendor. Partners can drop the decision to become a Partner or after becoming a Partner, request for termination can be made and NOC can be taken from Us with respect to the same. Employee has the option to not join the Company or if the employee has joined the Company, he/she can modify the information submitted to Us.”

Disclosure and Transfer of User's Personal Information:

To provide Users with the Services they have chosen, we may need to disclose or transfer their Personal Information to certain third-party service providers.

Additionally, User's Personal Information may be disclosed or transferred to Governmental and judicial institutions/authorities under the following circumstances:
  • As required by applicable laws, rules, and regulations, or under orders of relevant judicial or quasi-judicial authorities.
  • To protect and defend the rights or property of the Company.
  • To combat fraud and credit risk.
  • When deemed necessary by the Company, in its sole discretion, to protect its rights or the rights of others.

Access to User Information is granted to Company employees and data processors/third-party vendors only on a need-to-know basis and for the purposes specified in this Privacy Policy. The Company ensures that these individuals and entities treat User Information confidentially and maintain a reasonable level of security practices and procedures required by applicable law. However, the Company does not disclose individually labeled or aggregated information obtained through Marketplace Application programming interface on behalf of a User to other Users or any third parties, unless required by law.

Non-personally identifiable information may be disclosed to third-party ad servers, ad agencies, technology vendors, and research firms to serve non-targeted advertisements to Users. The Company may also share aggregate findings, not containing specific information, related to Users' internet use (as outlined in this Privacy Policy) with prospective investors, strategic partners, sponsors, and others to support the Company's business growth.

In the event of reorganization or sale of the Company's assets or business, User Information may be disclosed or transferred to another third party. The acquiring party will have the right to continue using the Personal Information and/or other information provided by Users in a manner consistent with this Privacy Policy.

Links to Third-Party:

The Platform may provide links to third-party advertisements, websites, or electronic communication services ("Third Party Links") operated by entities not controlled, affiliated, or associated with the Company (unless explicitly stated on the Platform).

Users accessing Third-Party Links are advised to review the respective websites' privacy policies, as the Company does not take responsibility for the policies or practices of these third parties.

Security Practices and Procedures:

To safeguard User Personal Information, the Company implements technical, operational, managerial, and physical security control measures. These measures aim to protect Personal Information from loss, misuse, unauthorized access, disclosure, alteration, and destruction. While the Company endeavors to maintain security commensurate with industry standards, the internet's inherent vulnerabilities mean complete security of transmitted information cannot be guaranteed.

The Company ensures that third parties to whom Personal Information may be transferred adhere to reasonable security practices and procedures mandated by applicable law.

Users acknowledge that the Company cannot be held responsible for intercepted information beyond its control, even with reasonable security practices and procedures in place. Users release the Company from any claims arising from the unauthorized use of intercepted information.

User's Rights in Relation to Personal Information:

Providing information to the Company is voluntary, including Sensitive Personal Data or Information. Users have the right to withdraw their consent at any time in accordance with this Privacy Policy and the Terms of Use, but such withdrawal will not apply retrospectively.

Users may access, modify, correct, and delete their voluntarily provided Personal Information collected by the Company in accordance with this Privacy Policy and Terms of Use. If the User updates their information, the Company may retain a copy of the original information for its records, as stated herein. Users can exercise these rights by contacting the Data Grievance Officer to update the Company's records.

Failure to provide information or consent for Personal Information usage, or withdrawing consent, may result in the Company discontinuing some or all of the Services or associated features and benefits for which the information was sought.

Retention of Personal Information:

The Company retains Personal Information for as long as necessary to fulfill the purpose for which it was collected, and for any further period required by applicable law. If a User cancels their registration from the Platform, the Company is obligated by law to retain their Personal Information for 180 days (about 6 months) after such cancellation. Non-personally identifiable data may be retained indefinitely or as allowed by law.

Changes to this Privacy Policy:

The Company may update this Privacy Policy periodically and will notify Users of any changes periodically and at least once a year. Users are advised to review the Privacy Policy periodically for updates. Continued use of the Services constitutes acceptance of the amended Privacy Policy.

Security Measures:
The Company prioritizes the protection of User information and employs appropriate data collection, storage, processing practices, and security measures to prevent unauthorized access, alteration, disclosure, or destruction of data, including usernames, passwords, and transaction information. Some of the security measures include:
  • Storing information on secure servers behind firewalls with password-protected and controlled access.
  • Fully encrypting information transmitted to and from the Company's servers.
  • Using secure TLS-based http connections for data passed in APIs.
  • Not storing payment or card information on Company servers.
  • Implementing an ISO27001:2013 certified system architecture that isolates user activity to protect their information.
  • Restricting Company associates' access to User information without permission.
Consent:
By using the Website or providing information, Users express consent to the collection and use of disclosed information as per this Privacy Policy. Refusal to give consent or withdrawal of consent can be done as follows:
  • Customers can opt for private meetings at the Company's offices for secure transactions.
  • Vendors may terminate or modify their contract as mutually agreed upon.
  • Partners can request termination and obtain a No Objection Certificate from the Company.
  • Employees may choose not to join the Company or modify the information they provided.
PoSP