Welcome to My Chitti Technologies Pvt. Ltd.,
We respect your privacy rights and recognize the importance of secure transactions and information privacy. This Privacy Policy describes how My Chitti Technologies Pvt. Ltd. and its affiliates (collectively "My Chitti Technologies Pvt. Ltd.", "we", "us", or "our") collect, use, share, or otherwise process your personal information through My Chitti and its mobile application.
This Privacy Policy is an electronic agreement formed under the Information Technology Act, 2000, and the rules and regulations made thereunder (as amended till date), including the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021. It does not require any physical or digital signatures to make the terms of this policy binding. This Privacy Policy is a legally binding document. The terms of this Privacy Policy will become effective upon your use of our platform/service. Please read this policy carefully, along with our Terms of Service.
By visiting our platform, providing your information, or availing of our products or services, you expressly agree to be bound by the terms of this Privacy Policy and the applicable Terms of Service. By accessing or using our platform or services, you give explicit consent to collect, use, share, or otherwise process your information in accordance with this Privacy Policy. If you do not agree, please do not access or use our platform or services.
You acknowledge that you are disclosing Personal Information voluntarily. Prior to completing any registration process on our platform, or before availing of any services offered on our platform, if you do not wish to disclose any Personal Information, you may refrain from doing so. However, if you do not provide the requested information, the registration process may remain incomplete, and/or you may not be able to avail of our services. If you are our corporate customer, it is possible that we have entered into a contract with you regarding the non-disclosure of confidential information. This Policy shall not affect such a contract in any manner.
Our Values
Trust is the foundation of the My Chitti platform, and this includes trusting us to handle your information responsibly. Three core values guide us as we develop our products and services. These values should help you better understand how we view your information and privacy:
Your Information Belongs to You: We carefully analyse what types of information are necessary to provide our services and limit the collection to only what is essential. Where possible, we delete or anonymize information when it is no longer needed. Our engineers work closely with privacy and security teams to build products with privacy in mind. Our guiding principle is that your information belongs to you, and we aim to use it solely for your benefit.
We Protect Your Information from Others: If a third party requests your personal information, we will refuse to share it unless you give us permission or we are legally required to do so. If we are legally required to share your personal information, we will notify you in advance unless legally prohibited.
We Help Merchants and Partners Meet Their Privacy Obligations: Many of the merchants and partners using My Chitti do not have the benefit of a dedicated privacy team. We strive to help them meet their privacy obligations by designing products and services that are easy to use in a privacy-friendly manner. We also provide detailed FAQs and documentation on important privacy topics and respond to privacy-related questions.
Application of the Policy
This policy governs each website, mobile site, application, and/or other services provided by My Chitti Technologies Pvt. Ltd. and its affiliates that link to this policy. It is binding on all those who access, visit, or use My Chitti’s services. This policy applies equally to all of our vendors, service providers, subcontractors, partners, agents, representatives, employees, and any other third parties. My Chitti Technologies Pvt. Ltd. only collects and uses personal data voluntarily provided by you. You may browse our platform without disclosing any personal information, but to register or avail of certain services, you will need to provide limited personal data.
This policy applies to all contractors, suppliers, customers, users, vendors, sellers, partners, and other third parties working on behalf of My Chitti or accessing or using our platform/service. It also applies to My Chitti’s head office, branch offices, and all employees. The policy governs all personal data that My Chitti holds, including names, addresses, phone numbers, email IDs, and other information collected while using our platform or services. This Privacy Policy is part of My Chitti’s Terms of Service and covers the treatment of user information, including personally identifiable information, obtained through the My Chitti platform or services.
Objectives of the Policy
My Chitti collects and uses certain information about individuals, including customers, suppliers, business contacts, employees, and third parties with whom My Chitti has business relationships or may need to contact. This policy ensures that personal information is collected, handled, and stored in compliance with data protection standards and legislative requirements. It also ensures the protection of the rights of employees, customers, suppliers, and business contacts and outlines the procedures for data storage and processing to mitigate the risk of data breaches.
Collection of Information
In the course of carrying out its various functions and activities, My Chitti Technologies Pvt. Ltd. collects information from individuals and third parties and generates a wide range of information stored on our platform. This information can take various forms, such as corporate records, financial records, legal records, contracts, letters received from third parties, personnel/employee records, invoices, completed application forms, contact lists, email communications and attachments, photos, etc. My Chitti collects information to provide and continually improve its products and services. Information may be collected both online and offline. Regardless of the method of collection, the same privacy protections apply to all data/information, including personal information.
We collect personal information from you in a variety of ways when you interact with us through our services, such as:
Installing, accessing, or using our Services;
Creating an account on our services;
Requesting customer service or contacting us;
Conducting transactions where we collect personal information, as required by law or regulations;
Submitting a testimonial, rating, review, or other user-generated content;
Otherwise submitting personal information to us along with related content.
When registering for or availing of the various services we provide through our website ("Website"), telephone search, SMS, apps, or any other medium (collectively referred to as "the Platform"), you may be required to provide personal details such as your name, residence address, workplace address, email address, date of birth, educational qualifications, marital status, and similar Personal Information ("Personal Information"). We may also collect credit card, debit card, and other payment instrument details.
We, either through third-party service providers or by our own means, collect Know-Your-Customer (KYC) documents from you. These include but are not limited to:
Driving licence,
Aadhaar card,
Voter’s Identity Card,
PAN Card,
Passport,
Job card issued by NREGA,
Utility bills (e.g., electricity, telephone, post-paid mobile phone, gas, or water bills no older than two months),
Property or municipal tax receipts,
Pension or family pension payment orders (PPOs),
Letters issued by Foreign Embassies or Missions in India.
If you are a Sole Proprietorship, we may also collect documents such as:
Registration certificate,
Certificate/licence issued by municipal authorities under the Shop and Establishment Act,
Sales and income tax returns,
GST certificate,
Importer Exporter Code (IEC),
Utility bills such as electricity, water, or landline telephone bills,
Proof of business/activity.
For Legal Entities, we may collect:
Certificate of incorporation,
Memorandum and Articles of Association,
Permanent Account Number (PAN) of the company,
Board resolutions,
Power of attorney,
Documents related to beneficial owners.
For Partnership Firms, we may collect:
Registration certificate,
Partnership deed,
Permanent Account Number of the partnership firm,
Documents related to beneficial owners, managers, or officers.
For Trusts, we may collect:
Registration certificate,
Trust deed,
Permanent Account Number (or Form No.60),
Documents related to beneficial owners, managers, or officers.
For Unincorporated Associations or Bodies of Individuals, we may collect:
Resolutions of the managing body,
PAN (or Form No.60),
Documents related to beneficial owners, managers, or officers.
We may also undertake a Video-based Customer Identification Process (V-CIP) in compliance with the KYC policy of the Reserve Bank of India (RBI).
How Personal Information is Used
Personal Information is used for the following purposes:
To customise the content you see.
To fulfil your requests for certain services.
To contact you regarding our services, including but not limited to email, SMS, and other means of communication.
Where possible, we will indicate which fields are mandatory and which are optional. You always have the option to refrain from providing certain information by choosing not to use a particular service, product, or feature on our Platform.
My Chitti collects the personal information voluntarily provided by you while accessing or using our platform/service. We also collect data regularly from various sources, such as newspapers, visiting cards, pamphlets, magazines, and journals (both free and paid), or through data collectors. The examples of the information we collect include:
Types of Information Collected by My Chitti Technologies Pvt. Ltd.
Vendors/Sellers:
Personal identifying information: Name, address, phone numbers, email ID, age, personal description, profile photograph, marital status.
Payment information.
Location information.
Device information (if provided).
IP address.
Name, addresses, phone numbers, email IDs of friends and other people listed in addresses.
Content of reviews and emails to us.
Voice recordings of calls to us.
Images, videos, and other content related to our services.
KYC documents (e.g., Aadhaar, PAN Card, GST, Voter ID Card, Passport, Shop and Establishment Certificate).
Credit usage.
Corporate and financial information.
Device log files and configurations.
Users/Customers:
Personal identifying information: Name, address, phone numbers, email ID, age, personal description, profile photograph, delivery address.
Payment information.
Location information.
Device information (if provided).
IP address.
Name, addresses, phone numbers, email IDs of friends and other people listed in addresses.
Content of reviews and emails to us.
Voice recordings of calls to us.
Credit usage, login details, device log files.
Contacts – address book for app users.
Third-Party Information:
Corporate and financial information about co-branded partners, delivery partners, and other third parties associated with us.
CIN Number, PAN Number, GSTN Number.
Location information.
Device information (if provided).
IP address.
Internet-connected device details.
Identity and address information.
Officials/Employees/Resellers:
Personal identifying information: Name, address, phone numbers, email ID, age, personal description, profile photograph.
Educational information.
KYC documents.
Payment information.
Location information.
Device information (if provided).
IP address.
Content of reviews and emails to us.
Voice recordings of calls to us.
Login details and device log files.
Information from Other Sources:
Updated delivery and address information from carriers or third parties.
Account, purchase, or redemption information from merchants/partners.
Information about interactions with vendors while using My Chitti.
Search results and links (including paid/free listings).
Internet-connected device details.
Automatic Information:
IP address of your device connected to our platform.
Login details, email address, and password.
Location of the device/computer.
Content interaction information (e.g., downloads, streaming, network details).
Device metrics, application usage, connectivity data, and error logs.
Services metrics, interactions with features, settings preferences, and backup information.
URLs, including date & time; products & content viewed or searched for; page response times, download errors, length of visits, and page interaction information.
Phone numbers used to call us.
Images/videos while visiting our platform.
Device identifiers, cookies, browsing history, usage history, and other technical information.
My Chitti Technologies Pvt. Ltd. Does Not Collect Certain Information:
My Chitti does not collect sensitive personal data or information unless it is considered necessary to provide a service, fulfil a purpose, or for a lawful activity related to My Chitti’s functions. Users can continue to browse or search the My Chitti platform without providing personal information (PI); however, PI is required for certain services on the platform.
What We Don’t Collect:
My Chitti does not collect emails, addresses, or other contact information from your mobile address book or contact lists, other than name and mobile phone numbers.
My Chitti does not store historical location information in any form. It only retains the last known location from which My Chitti software was accessed if current location data is unavailable.
Transparency in Data Collection: While collecting information, My Chitti ensures that you are informed about:
The fact that the information is being collected;
The purpose for which the information is being collected;
The intended recipients of the information; and
The name and address of:
The agency collecting the information, and
The agency retained the information.
Conditions for Data Collection: The data or information shall not be collected unless:
You have provided valid, informed, and free consent;
Processing is necessary for the performance of a contract to which you are a party;
Processing is necessary for compliance with the company’s legal obligations;
Processing is necessary to protect your interests; or
Processing is necessary for the performance of a task carried out in the public interest.
Usage of Information:
The data/information collected shall be used only for the purpose for which it was collected. Additionally, My Chitti may use data for the following purposes:
Providing Services: To fulfil requests for products and services, and to communicate about those requests. If you search for products or services on the platform without logging in, we collect your mobile number and generate leads for vendors or service providers as per your choice. If you are logged in, we share your details (e.g., name, mobile number, email) with the vendors/service providers to fulfil your request.
Promotions and Surveys: To administer contests, promotions, and surveys.
Personalization and Improvements: To personalise services, analyse performance, fix errors, and improve the usability of the platform. We recommend features, products, and services based on your preferences.
Core Business Functions: For order fulfilment, internal processes, loss and fraud prevention, and legal compliance.
Interest-Based Advertising: To display ads that might interest you based on your activity.
Fraud Prevention: To detect and prevent fraud and abuse, ensuring the security of My Chitti and its customers.
Legal Proceedings: Personal data may be used for legal purposes, including in legal proceedings arising from improper use of services.
Maintenance: For operational and maintenance purposes.
Improving Services: We may use your voice input, images, and videos to respond to requests and improve our services.
Legal Obligations: We use personal data to comply with legal requirements, such as collecting KYC information for identity verification and other purposes.
Internal Research: Data collected is kept confidential and is used for research, marketing, and business analysis. It is shared only with your consent and only for relevant services or products.
Marketing: Personal information may be shared with vendors, service providers, and business partners to enhance customer experience, troubleshoot problems, or promote services.
Compliance with Law: In some cases, we use your data to comply with legal requirements, such as collecting place of establishment and bank account details from vendors for identity verification.
Surveys and Feedback: We may ask you to participate in optional surveys. The data collected helps us tailor your experience on the platform.
Third-Party Involvement:
My Chitti has arrangements with other companies and individuals to perform functions such as data analysis, marketing, payment processing, and customer service. These third parties have access to the personal information necessary for their functions, but they may not use it for other purposes. They are required to handle personal information in accordance with this Privacy Policy and applicable laws.
Your Consent:
With your consent, we may access your SMS, contacts, location, and device information. We may also request your PAN, GST Number, or other government-issued ID for purposes such as verifying your eligibility for certain services, issuing GST invoices, or enhancing your experience on the platform. You may refuse consent, but this may affect your access to certain products and services.
We may also use your IP address for diagnosing problems with our servers and for demographic analysis. Occasionally, we may ask you to participate in optional surveys, which could include voice or video recordings, demographic data, and lifestyle preferences. Participation is voluntary.
Usage of Cookies: We may use cookies to remember your information for subsequent visits, provide personalised content, track your activities, and improve your experience on the platform.
Processing of Personal Information:
Personal or sensitive personal data may be processed under the following circumstances:
Public Function or State Service:
If necessary for any function of Parliament, a State Legislature, or a State-authorised service or benefit provision.
For issuing certifications, licences, or permits by the State.
Legal Mandate:
If explicitly mandated by any law of Parliament or a State Legislature.
For compliance with any court or tribunal order or judgement in India.
Emergency and Health Services:
If necessary to respond to medical emergencies involving life-threatening or severe health threats.
To provide medical treatment during epidemics, disease outbreaks, or other public health threats.
To ensure safety during disasters or breakdowns of public order.
Employment and Service Provision:
For recruitment, termination of employment, or verification of attendance.
For providing any service or benefit sought by the data principal.
For activities related to the assessment of performance.
Reasonable Processing Purposes:
Personal data may be processed for reasonable purposes considering:
My Chitti's interest in processing for that purpose.
Whether My Chitti can reasonably expect to obtain the data principal's consent.
Any public interest in processing.
The effect of processing on the data principal’s rights.
The data principal's reasonable expectations in the context of processing.
Reasonable purposes include prevention and detection of unlawful activities (e.g., fraud), whistleblowing, mergers, acquisitions, network security, credit scoring, debt recovery, and processing publicly available personal data. My Chitti ensures the protection of the rights of data principals during such processing.
Sensitive personal data may only be processed with explicit consent. Consent is considered explicit if it is:
Informed: The data principal is fully aware of the purposes of processing, especially those with significant consequences.
Clear: The consent is meaningful without needing to infer it from conduct.
Specific: The data principal can choose separately which purposes or categories of sensitive data to consent to.
Processing of Personal Data of Children:
My Chitti does not allow children under 13 years of age to use the platform without parental guidance or control. We verify age based on the date of birth provided by the user. If children access our platform or services, it is assumed they do so under parental guidance and consent, and their information is processed accordingly. My Chitti processes children’s personal data in a manner that protects their rights and best interests.
Disclosure of Information:
1. User Submissions: Other users of My Chitti Services may see your ratings and submissions in line with the platform's functions. For example, a rating of "ABC Restaurant" on My Chitti will be visible to any user who has your phone number saved in their contacts and has tagged you as a friend in the My Chitti App.
2. Sharing with Third Parties: We do not sell or share Personally Identifiable Information (such as your mobile number) with third-party companies for their marketing purposes without your consent. However, we may share your information with third-party service providers when necessary for the operation, maintenance, and improvement of My Chitti Services.
Personal information may be disclosed to third parties, such as vendors, sellers, service providers, business partners, and stakeholders for purposes like fulfilling orders, enhancing your experience, providing feedback on products, collecting payments, conducting market research, or preventing fraud.
Third-party service providers may access personal information needed to perform their functions, but they may not use it for any other purposes. These providers must process personal information in compliance with applicable law.
3. Affiliated Companies: We may share information with affiliated companies, business partners, and associates to help operate, provide, improve, and support services. This includes enhancing infrastructure, delivery systems, and fighting spam, abuse, or infringement activities.
4. Business Transactions: In the event of mergers, acquisitions, or restructuring, all rights and obligations under this Privacy Policy may be assigned by My Chitti to any of its affiliates or successor entities. Your information may be transferred as part of such transactions.
5. Legal Disclosure: We may disclose personal information if required by law or in good faith belief that such disclosure is necessary to:
Respond to legal processes (e.g., subpoenas, court orders, or government requests).
Enforce our Terms of Use or other policies.
Investigate, prevent, or address fraud, illegal activity, security threats, or technical issues.
Protect the rights, property, or safety of My Chitti, its users, or others.
Comply with legal obligations related to identity verification or the prevention and investigation of cyber incidents or offences.
6. Government Requests: My Chitti may share or disclose information with government agencies without prior consent from you if mandated under the law for purposes like identity verification, prevention, detection, investigation, prosecution, and punishment of offences, including cyber incidents.
Transfer of Information:
My Chitti shall not transfer sensitive personal data or information, including any personal information, to third parties in India or outside India, except under the following circumstances:
To fulfil your requests for products and services.
To fix errors and improve the usability and effectiveness of the services.
For fraud prevention, public safety, and legal functions.
To prevent and detect fraud and abuse in order to protect the security of our customers, My Chitti, and others.
When necessary for the performance of a lawful contract between My Chitti and the data principal.
When the data principal has consented to the transfer of data.
My Chitti ensures that the same level of data protection provided by My Chitti will be maintained by the third party as well. When using vendors to collect personal information on behalf of My Chitti, the company ensures that these vendors comply with My Chitti’s data protection requirements as defined in this policy.
Retention of Your Information:
Personal information will only be used for the purposes identified in the Terms of Service (TOS) and only if you have provided consent. Personal information will be retained for as long as necessary for business purposes, as outlined in the TOS, or as subsequently authorised by you. We retain personal information in compliance with applicable laws, for a period no longer than required for the purpose for which it was collected, or as required by law.
However, we may retain data related to you if we believe it is necessary to prevent fraud or future abuse, or if required by law or other legitimate purposes. Additionally, we may continue to retain your data in anonymized form for analytical and research purposes.
When personal information is no longer needed for business purposes, My Chitti ensures that the data is destroyed in a manner that prevents unauthorised access, or it is de-identified to make the data non-personally identifiable. My Chitti has a documented process for communicating any changes in data retention periods required by the business, and you are authorised to request such changes.
For sensitive personal data, My Chitti shall not retain that information for longer than necessary for its lawful use or as required by other laws. My Chitti follows a data retention policy, and data will be de-identified or destroyed once the purpose of its collection has been fulfilled.
Personal information will be erased if storing it violates any data protection laws, or if it is no longer required by My Chitti or for the benefit of the data provider. However, My Chitti reserves the right to retain personal information for legal and regulatory purposes as per applicable laws. My Chitti will conduct an internal audit annually to ensure personal information is collected, used, retained, and disposed of in compliance with applicable laws.
Review of Information by You:
My Chitti shall provide a mechanism for you to review the data or information you have provided. You will be able to access, edit, rectify, modify, or delete any personal information or sensitive personal information that is found to be inaccurate or deficient. However, My Chitti is not responsible for the authenticity of the personal information or sensitive personal information supplied by you.
You are entitled to request details about your personal information in writing, and My Chitti will respond within 7 days of receiving such a request. You have the right to require My Chitti to correct or supplement any erroneous, misleading, outdated, or incomplete personal information. All access requests and the corresponding actions taken will be recorded and documented. My Chitti will provide personal information to you in a simple, understandable format.
Third-Party Advertisers, Links to Other Sites:
By visiting our platform or providing your information, you consent to the collection, use, storage, disclosure, and processing of your information (including sensitive personal information) in accordance with this Privacy Policy. If you provide us with personal information about other individuals, you represent that you have the authority to do so and to permit us to use the information as described in this policy.
When providing your personal information on our platform or through any of our partner platforms or establishments, you consent to be contacted by My Chitti or its affiliates, lending partners, technology partners, marketing channels, business partners, vendors, service providers, and other third parties through SMS, instant messaging apps, phone calls, and email for purposes specified in this Privacy Policy.
If you wish to manage or edit your information, we offer tools in the Settings section to help you manage the information available to other users. You can manage your contacts, groups, and broadcast lists or use our block feature to control whom you communicate with.
Vendors can add or update certain information in the vendor module, update account information, and adjust email or other communications received from My Chitti by updating notification preferences.
You can add or update your personal information regularly, and My Chitti will retain your previous information in its records. If you decline to provide Personally Identifiable Information (PII) through the My Chitti service, we may not be able to offer certain services. If you do not agree with our Privacy Policy or Terms of Service, please delete your account and uninstall the My Chitti application. Your continued use of the My Chitti service will signify your acceptance of our Privacy Policy and Terms of Service.
To protect your privacy and security, we take reasonable steps to verify your identity before registering your mobile number and granting access to the My Chitti service. For any questions or concerns about this Privacy Policy, your personal information, or your consent, please contact My Chitti via email at privacy@mychitti.net or through available web forms.
Consent for Data Collection and Use:
Before or at the time of collecting sensitive personal data or information, My Chitti will provide you the option not to provide the requested data. Systems will be established for collecting and documenting your consent for the collection, processing, and transfer of personal data. You will be informed of the choices available to you regarding the collection, use, and disclosure of personal information.
You may withdraw your consent at any time while availing of services, and My Chitti will reserve the right to stop providing services for which the information was requested. Consent will be obtained (in writing or electronically) before or at the time of collecting personal information or as soon as practicable afterward.
Changes to your preferences will be managed and documented. If personal information is to be used for purposes not identified at the time of collection, the new purpose will be documented, and you will be notified and asked to provide consent before using the data for this new purpose. You will be informed if your data is being used for marketing or advertisement purposes.
Consent to Push Notifications:
By using the My Chitti platform (web, app, or phone), you agree and confirm that any reviews, ratings, or comments you submit or post on My Chitti may be shared with your tagged friends who are also users of the service, according to My Chitti’s discretion.
Third-Party Advertisers and Links to Other Sites:
Currently, My Chitti is ad-free, and we intend to keep it that way. However, if we introduce advertisements in the future, we will update this section accordingly.
If you use My Chitti services through our partners, you will be redirected to their websites or applications, where your entry will be based on your My Chitti login credentials after receiving permission to share data. My Chitti is not responsible for the privacy practices or policies of these partners, and we encourage you to review their privacy policies before sharing any information.
If you make payments through our services, we may receive information and confirmations, such as payment receipts, from app stores or third-party payment processors.
Children Information:
We do not knowingly solicit or collect personal information from children under the age of 13. The use of our Platform is available only to individuals who can form a legally binding contract under the Indian Contract Act, 1872. If you are under the age of 18, you must use our Platform or services under the supervision of your parent, legal guardian, or a responsible adult.
Our Commitment to Information Security:
The security of your personal information is important to us. You are responsible for keeping your device and account safe and secure, and you must notify us promptly of any unauthorised use or security breach of your account or our Services. Your account information is protected by the password you use to access your account. Please keep this password confidential.
My Chitti uses commercially reasonable physical, managerial, technical, electronic, and procedural safeguards to preserve the integrity and security of your personal information. My Chitti shall adopt reasonable security practices and procedures as mandated under applicable laws for the protection of your information. This includes internal reviews of data collection, storage, processing practices, and security measures, including encryption and physical security to guard against unauthorised access to systems where My Chitti stores your personal information.
However, we cannot ensure or warrant the security of any information you transmit to My Chitti, and you do so at your own risk. You hereby waive and release My Chitti from any claim of damages under contract.
My Chitti may share your information with third parties under a confidentiality agreement, which provides for such third parties not to disclose the information further unless the disclosure is for a specified purpose. However, My Chitti is not responsible for any security breach or actions by third parties that receive your personal information. My Chitti is not liable for any loss or injury caused as a result of providing your personal information to a third party, including third-party websites, even if links to such third-party websites are provided on the Website.
Notwithstanding anything contained in this Policy or elsewhere, My Chitti shall not be held responsible for any loss, damage, or misuse of your personal information if such loss, damage, or misuse is attributable to a Force Majeure Event. A "Force Majeure Event" refers to an event beyond the reasonable control of My Chitti, such as sabotage, fire, flood, explosion, acts of God, civil commotion, strikes, riots, insurrection, war, acts of government, computer hacking, unauthorised access, breach of security, or computer crashes.
While we endeavour to take all reasonable and appropriate steps to keep secure any personal information that we hold about you and prevent unauthorised access, you acknowledge that the internet or computer networks are not fully secure. We cannot provide absolute assurance regarding the security of your personal information.
We maintain reasonable physical, electronic, and procedural safeguards to protect your information. Whenever you access your account information, we offer the use of a secure server. Once your information is in our possession, we adhere to our security guidelines to protect it against unauthorised access. However, by using our platform, you accept the inherent security risks of data transmission over the internet. Therefore, there will always be certain risks when using the Platform.
You are responsible for ensuring the protection of login and password records for your account. You hereby waive and release My Chitti from any claim of damages under contract.
We work to protect the security of your data/information, including sensitive personal data, during transmission by using encryption protocols and software. We follow the Payment Card Industry Data Security Standard (PCI DSS) when handling payment card data. If you choose a payment gateway to complete any transaction on the My Chitti Platform, your credit/debit card data/financial details may be stored in compliance with industry standards/recommended data security standards, i.e., the Payment Card Industry Data Security Standard (PCI-DSS) and applicable laws.
My Chitti shall review the policies and collection methods of third parties before accepting personal information from third-party data sources. The audit of reasonable security practices and procedures shall be carried out by an auditor annually and during significant upgrades of its processes and computer resources.
Transparency & Accountability Measures:
Privacy by Design:
My Chitti shall implement policies and measures to ensure that managerial, organisational, business practices, and technical systems are designed to anticipate, identify, and avoid harm to you. The technology used in the processing of personal data shall comply with commercially accepted or certified standards. The legitimate interests of businesses, including innovation, shall be achieved without compromising privacy interests.
Transparency:
My Chitti shall take reasonable steps to maintain transparency regarding its general practices related to processing personal data and will make the following information available in an easily accessible form:
Categories of personal data generally collected and the manner of collection.
Purposes for which personal data is generally processed.
Categories of personal data processed in exceptional situations or for exceptional purposes that may create a risk of significant harm.
Procedures for exercising data principal rights.
Rights to file complaints with the relevant authorities.
Information regarding cross-border transfers of personal data, if any.
Security Safeguards:
Based on the nature, scope, and purpose of processing, as well as the associated risks, My Chitti shall implement appropriate security safeguards, including:
Methods such as de-identification and encryption.
Protection of the integrity of personal data.
Prevention of unauthorised access, modification, disclosure, or destruction of personal data.
My Chitti Technologies Pvt. Ltd. shall periodically review its security safeguards and take appropriate measures as required.
Personal Data Breach:
In the event of a personal data breach likely to cause harm, My Chitti shall notify the relevant authorities with details regarding the breach. This will include:
Nature of the breached personal data.
Number of data principals affected.
Possible consequences of the breach.
Measures being taken to remedy the breach.
Record-Keeping:
My Chitti shall maintain up-to-date records of:
Data life-cycle operations such as collection, transfers, and erasure.
Periodic reviews of security safeguards.
Data protection impact assessments.
Data Audits:
My Chitti shall have its policies and the conduct of its processing audited annually by an independent data auditor. The audit will evaluate My Chitti's compliance with the law, including clarity of notices, transparency, security safeguards, personal data breach responses, and more.
Monitoring and Enforcement:
Dispute Resolution & Recourse:
My Chitti shall define and document a cyber-incident management program to address data protection and privacy-related incidents. This includes clear escalation paths up to executive management, legal counsel, and the board, based on the severity of the data breach. My Chitti shall perform periodic reviews of all complaints related to data breaches to ensure timely resolution and proper documentation.
Dispute Resolution & Escalation Process for Employees:
Employees with inquiries or complaints about the processing of their personal information shall first discuss the matter with their immediate reporting manager. If the issue remains unresolved, the employee may escalate the matter to the Grievance Officer.
Dispute Resolution & Escalation Process for Customers / Third Parties:
Customers or third parties with inquiries or complaints about the processing of their personal information should bring the matter to the Grievance Officer in writing. Disputes concerning the processing of personal information of non-employees shall be resolved through arbitration.
Terms of Use, Policy & Revisions:
If you choose to use My Chitti Services, your use and any dispute over privacy are subject to this policy and our Terms of Use, including limitations on damages, resolution of disputes, and the application of the prevailing law in India. If you have any concerns about privacy at My Chitti, please contact us with a detailed description, and we will attempt to resolve the issue.
Our business is constantly evolving, and our Privacy Policy will also change over time. You should frequently check our website to stay informed of any recent changes. Unless stated otherwise, our current Privacy Policy applies to all information that we have about you and your account. We assure you that we will never materially change our policies or practices in a way that makes them less protective of your information collected in the past without your consent.
Grievance Officer:
In accordance with the Information Technology Act 2000 and the rules & regulations made thereunder, the name and contact details of the Grievance Officer are provided below:
Name: P Jamal Saheb
Address: My Chitti Technologies Pvt. Ltd., Door No. LIG 134, Tuda Quarters, Mangalam, Tirupati (Rural), Chittoor- 517507, Andhra Pradesh
Contact No: 7022806288
Email: mychitti@mychitti.net
If you have a query, issue, concern, or complaint regarding the collection or use of your personal information under this Privacy Policy, please contact us using the information provided above or write to us at mychitti@mychitti.net.
DEFINITIONS:
"Act"
"Act" refers to the Information Technology Act, 2000 (21 of 2000).
"Automated means"
"Automated means" refers to any equipment capable of operating automatically in response to instructions given for the purpose of processing data.
"Biometrics"
"Biometrics" refers to technologies that measure and analyse human body characteristics, such as fingerprints, eye retinas and irises, voice patterns, facial patterns, hand measurements, and DNA for authentication purposes.
"Body corporate"
"Body corporate" means any company and includes a firm, sole proprietorship, or other association of individuals engaged in commercial or professional activities.
"Child"
"Child" refers to a data provider below the age of eighteen years.
"Cyber incidents"
"Cyber incidents" refers to any real or suspected adverse event related to cybersecurity that violates an explicitly or implicitly applicable security policy, resulting in unauthorised access, denial of service, disruption, or unauthorised use of a computer resource for processing or storing information, or changes to data without authorization.
"Cyber security"
"Cyber security" means protecting information, equipment, devices, computers, computer resources, communication devices, and information stored therein from unauthorised access, use, disclosure, disruption, modification, or destruction.
"Data"
"Data" refers to a representation of information, knowledge, facts, concepts, or instructions being prepared, processed, or already processed in a computer system or network, which may be in any form (including computer printouts, magnetic or optical storage media, punched cards, or tapes) or stored internally in computer memory.
"Data provider"
"Data provider" refers to the natural person to whom the personal data relates.
"Data protection & Security"
Anyone collecting personal and customer information must fairly and lawfully process it for limited, specifically stated purposes. They must use the information accurately and in a way that is adequate, relevant, and not excessive. The information/records should not be retained longer than necessary, and processing must comply with the law while keeping the information secure. The information must not be transferred outside the country without adequate protection.
"Password"
"Password" means a secret word, phrase, code, passphrase, secret key, or encryption/decryption keys used to gain access to information.
"Personal information"
"Personal information" refers to any information relating to a natural person, which, either directly or indirectly, in combination with other available or likely to be available information, can identify that person (e.g., name, address, mobile number, email ID, date of birth, etc.).
"Data processor"
"Data processor" refers to any person, including the State, a company, or any juristic entity, who processes personal data on behalf of a data fiduciary but excludes employees of the data fiduciary.
"Processing"
"Processing" refers to any operation or set of operations performed on personal data, such as collection, recording, organisation, structuring, storage, adaptation, alteration, retrieval, use, alignment, transmission, dissemination, restriction, erasure, or destruction.
"Reasonable security practices and procedures"
"Reasonable security practices and procedures" refer to security practices and procedures designed to protect information from unauthorised access, damage, use, modification, disclosure, or impairment, as specified in an agreement between parties or any applicable law.
"Sensitive personal data or information"
"Sensitive personal data or information" refers to personal information that includes:
a) Password;
b) Financial information (e.g., bank account, credit or debit card, or other payment details);
c) Physical, physiological, and mental health condition;
d) Sexual orientation;
e) Medical records and history;
f) Biometric information;
g) Any details related to the above categories provided to a body corporate for service provision;
h) Any information received under the above categories by the body corporate for processing.
Information that is freely available in the public domain or furnished under the Right to Information Act, 2005, or any other law, is not considered sensitive personal data.
"Third Party"
"Third Party" refers to all external parties (e.g., contractors, interns, trainees, vendors, users) who have accessed My Chitti's information assets or systems.