doit Bharat
Phone Number
(+91)9870083848
Free Consultancy
info@doitbharat.com
Doit Bharat > Privacy Policy

Privacy Policy

1. Introduction and Scope

Doit Bharat Pvt. Ltd. ("us", "we", or "our") operates the www.doitbharat.com website (the "Service") as a provider of industrial compressed air solutions. We are committed to protecting the privacy and security of your personal data. This Privacy Policy explains how we collect, use, process, share, and protect your personal data when you use our Service, and outlines your rights in relation to your data.

This policy applies to all users of our Service globally, including customers, potential customers, and visitors to our website.

We are compliant with applicable data protection laws, including:

  • The Digital Personal Data Protection Act, 2023 (DPDPA) of India.
  • The Information Technology Act, 2000 (India) and its amendments, including the IT (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011.
  • The General Data Protection Regulation (GDPR) for individuals in the European Union (EU) and European Economic Area (EEA).
  • We adhere to industry-specific data security standards and are ISO 27001 certified.

2. Information We Collect (Personal Data)

Personal Data means any data about an individual who is identifiable by or in relation to such data. We collect various types of information in connection with the services we provide, including:

2.1 Data You Provide Directly

  • Business Contact Information: Name, job title, company name, email address, phone number, business address.
  • Account Information: Username, password, and other details provided when you register for an account.
  • Industrial Facility Details: Location, specific compressed air system configurations, usage data, operational parameters, and requirements you share with us.
  • Payment and Billing Information: Credit card details, bank account information, billing address for commercial transactions (processed securely by our payment partners).
  • Communication Data: Information you provide when you contact us with inquiries, for support, or provide feedback.
  • Technical Data from Equipment Sensors: Performance data, operational metrics, fault codes, and other telemetry data from your connected industrial equipment, collected with your explicit consent where required.

2.2 Data We Collect Automatically (Usage Data)

  • Log and Device Information: IP addresses, browser type and version, operating system, device type, unique device identifiers, referring URLs, and pages visited on our website.
  • Website Interaction Data: Information about your interactions with our Service, such as pages viewed, time spent on pages, links clicked, and features used.
  • Industrial Equipment Performance Metrics: Aggregated and anonymized performance data from connected systems for analytical purposes and service improvement, where applicable.

We may also use cookies and similar tracking technologies. Please see Section 9 ("Cookies and Tracking Technologies") for more details.

3. How We Use Your Data (Purposes of Processing)

We use your personal data for legitimate business purposes, including:

  • To Provide and Maintain Our Service: Deliver our industrial compressed air solutions, manage your account, and provide customer support.
  • To Optimize System Performance: Analyze data to enhance the efficiency, reliability, and performance of your compressed air systems and our services.
  • Personalization: To tailor our Service and communications to your interests and needs.
  • Communication: To notify you about service updates, energy efficiency opportunities, maintenance alerts, security notices, and respond to your inquiries.
  • Commercial Transactions: To process orders, payments, and manage billing and invoicing.
  • Research and Development: To improve and develop new products, services, and features, often using aggregated or anonymized data.
  • Legal and Regulatory Compliance: To comply with applicable Indian and international laws, regulations, legal processes, or government requests (e.g., Indian industrial regulations, tax laws).
  • Security and Fraud Prevention: To detect, prevent, and respond to technical faults, security incidents, fraud, or other illegal activities.
  • Marketing (with Consent): To send you promotional materials about our products and services, where you have provided consent or where otherwise permitted by law. You can opt-out at any time.

4. Legal Basis for Processing (for GDPR applicability)

If you are in the EU/EEA, our legal basis for collecting and using the personal data described above will depend on the personal data concerned and the specific context in which we collect it. We will normally collect personal data from you only:

  • Where we need the personal data to perform a contract with you (e.g., to provide our industrial solutions).
  • Where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms (e.g., for business operations, security, or service improvement).
  • Where we have your consent to do so (e.g., for marketing communications or collecting specific sensor data).
  • Where we need to comply with a legal obligation.

5. Data Sharing and Disclosure

We do not sell your personal data. We may share your information in the following circumstances:

  • Service Providers: With trusted third-party vendors, consultants, and other service providers who perform services on our behalf, such as industrial cloud hosting partners (primarily located in India, with robust data protection agreements), payment processors, analytics providers, and IT support. These providers are authorized to use your personal data only as necessary to provide these services to us.
  • Business Partners: With authorized equipment manufacturers or distributors if necessary for providing integrated solutions, support, or warranty services related to your equipment.
  • Legal Requirements and Law Enforcement: If required by law, such as to comply with a subpoena, or similar legal process, or when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request from Indian courts, regulatory bodies, or other competent authorities.
  • Business Transfers: In connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business by another company. We will notify you before your personal data is transferred and becomes subject to a different privacy policy.
  • With Your Consent: We may share your information for other purposes with your explicit consent.

5.1 International Data Transfers

Your information, including personal data, may be transferred to — and maintained on — computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those in your jurisdiction. For our global clients, especially those in the EU/EEA, if we transfer your personal data outside of India (e.g., to a sub-processor in another country), we will ensure appropriate safeguards are in place as required by GDPR. These may include:

  • Transferring to countries deemed to provide an adequate level of data protection by the European Commission.
  • Using Standard Contractual Clauses (SCCs) approved by the European Commission.
  • Implementing Binding Corporate Rules (BCRs) for intra-group transfers.
  • Relying on other valid transfer mechanisms under GDPR.

Our industrial cloud hosting partners for core data are primarily located in India.

6. Data Security

We implement robust technical and organizational security measures designed to protect your personal data from unauthorized access, use, alteration, disclosure, or destruction. These measures include:

  • Encryption: Industrial-grade encryption for data in transit (e.g., TLS/SSL) and at rest.
  • Access Controls: Strict access controls limiting data access to authorized personnel on a need-to-know basis, with role-based permissions.
  • Regular Audits: Periodic security assessments and audits, compliant with ISO 27001 standards.
  • Secure Data Centers: Use of secure data centers with physical and environmental security measures, primarily located in Mumbai and Bangalore, India.
  • Incident Response Plan: Procedures in place to promptly address any data breaches or security incidents.
  • Employee Training: Regular data protection and security training for our employees.

While we strive to use commercially acceptable means to protect your Personal Data, no method of transmission over the Internet or method of electronic storage is 100% secure. Therefore, we cannot guarantee its absolute security.

7. Data Retention

We will retain your personal data only for as long as is necessary for the purposes set out in this Privacy Policy. The criteria used to determine our retention periods include:

  • The length of time we have an ongoing relationship with you and provide Services to you (e.g., for as long as you have an account with us or keep using our services).
  • Whether there is a legal obligation to which we are subject (e.g., certain laws require us to keep records of your transactions for a certain period before we can delete them).
  • Whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).
  • For technical data from equipment sensors, retention periods may vary based on client agreements and the specific purpose of data collection (e.g., ongoing performance monitoring vs. short-term diagnostics).

When we no longer need to retain your personal data, we will securely delete or anonymize it.

8. Your Rights (Data Principal Rights)

Depending on your location and applicable data protection laws (including India's DPDPA and GDPR for EU/EEA individuals), you may have the following rights regarding your personal data:

  • Right to Access: To request access to and receive a copy of your personal data that we hold.
  • Right to Rectification (Correction): To request correction of any inaccurate or incomplete personal data.
  • Right to Erasure (Deletion): To request the deletion of your personal data, subject to certain legal obligations or legitimate interests that may require us to retain it.
  • Right to Withdraw Consent: To withdraw your consent at any time where we rely on consent to process your personal data (e.g., for marketing or specific sensor data). Withdrawal will not affect the lawfulness of processing before its withdrawal.
  • Right to Restrict Processing: To request the restriction of processing of your personal data in certain circumstances.
  • Right to Data Portability: (Primarily under GDPR) To receive your personal data in a structured, commonly used, and machine-readable format and to transmit this data to another controller.
  • Right to Object to Processing: To object to the processing of your personal data where it is based on our legitimate interests or for direct marketing purposes.
  • Right to Grievance Redressal (under DPDPA): To have easily available means of registering a grievance with our Data Protection Officer.
  • Right to Nominate (under DPDPA): To nominate any other individual who, in the event of your death or incapacity, shall exercise your rights.
  • Rights related to Automated Decision-Making and Profiling: (Primarily under GDPR) To not be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, except under certain conditions.

How to Exercise Your Rights: To exercise any of these rights, please contact our Data Protection Officer using the contact details provided in Section 11 ("Contact Us"). We will respond to your request in accordance with applicable law and within the prescribed time limits. We may need to verify your identity before processing your request.

You also have the right to lodge a complaint with a supervisory authority. In India, this is the Data Protection Board of India (once fully operational). For EU/EEA individuals, this is your local data protection authority.

9. Cookies and Tracking Technologies

We use cookies and similar tracking technologies (like web beacons, pixels, and scripts) to collect and track information, and to improve and analyze our Service. Cookies are small files stored on your device (computer or mobile device).

9.1 Types of Cookies We May Use:

  • Essential/Strictly Necessary Cookies: These are required for the operation of our Service, such as enabling you to log into secure areas.
  • Performance/Analytical Cookies: These allow us to recognize and count the number of visitors and see how visitors move around our Service. This helps us improve the way our Service works.
  • Functionality Cookies: These are used to recognize you when you return to our Service and enable us to personalize our content for you and remember your preferences.
  • Targeting/Marketing Cookies: These cookies record your visit to our Service, the pages you have visited, and the links you have followed. We may use this information to make our Service and advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose, with your consent where required.

9.2 Your Choices Regarding Cookies:

You have the option to accept or refuse cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. If you choose to decline cookies, you may not be able to fully experience the interactive features of our Service.

We may also use a cookie consent management tool on our website to provide you with more granular control over the cookies used.

10. Children's Privacy

Our Service is not directed to individuals under the age of 18 ("Children"). We do not knowingly collect personally identifiable information from children. If you are a parent or guardian and you are aware that your child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we will take steps to remove that information from our servers.

11. Contact Us / Data Protection Officer (DPO)

If you have any questions about this Privacy Policy, your rights, or our data protection practices, or if you wish to make a complaint or exercise one of your rights, please contact our Data Protection Officer:

Data Protection Officer:
Doit Bharat Pvt. Ltd.
Unit No-305, New India Industrial Estate,
Near Paper Box, Off Mahakali Cave Roads, Andheri East
Mumbai, Maharashtra 400093
India
Email: dpo@doitbharat.com
Phone: +91 22 1234 5678

12. Changes to This Privacy Policy

We may update our Privacy Policy from time to time to reflect changes in our practices, service offerings, or legal requirements. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date at the top. We may also provide notice to you through other means, such as email or a prominent notice on our Service, prior to the change becoming effective.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.