1. Data Protection Principles
Pesto has adopted the following principles to govern its collection, use, retention, transfer, disclosure and destruction of personal data: a) Lawfulness, Fairness and Transparency . Personal data shall be processed lawfully, fairly and in a transparent manner in relation to the data subject. This means that Pesto must tell the data subject what processing will occur (transparency), the processing must match the description given to the data subject (fairness), and it must be for one of the purposes specified in the applicable data protection regulation (lawfulness). b) Purpose Limitation . Personal data shall be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes. This means Pesto must specify exactly what the personal data collected will be used for and limit the processing of that personal data to only what is necessary to meet the specified purpose. c) Data Minimisation . Personal data shall be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed. This means Pesto must not store any personal data beyond what is strictly required. d) Accuracy . Personal data shall be accurate and kept up to date. This means Pesto must have processes in place for identifying and addressing out-of-date, incorrect and redundant personal data. e) Storage Limitation . Personal data shall be kept in a form that permits identification of data subjects for no longer than is necessary for the purposes for which the personal data is processed. This means Pesto must, wherever possible, store personal data in a way that limits or prevents identification of the data subject. f) Integrity & Confidentiality . Personal data shall be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing, and against accidental loss, destruction or damage. Pesto must use appropriate technical and organizational measures to ensure the integrity and confidentiality of personal data is maintained at all times. g) Accountability . The Data Controller (Board of Pesto Tech (India) Private Limited) shall be responsible for, and be able to demonstrate compliance. This means Pesto must demonstrate that the six data protection principles (outlined above) are met for all personal data for which it is responsible.
2. Collection of your personal information
2.1. We collect personal information from the individuals who want to register on our website www.pesto.tech. This information is not accessible to the visitors using Pesto’s website, either directly or by submitting a request. Individuals are required to create an account to be able to access certain portions of our Website, Individuals, if and when they create and use an account with Pesto need to register on the website, they will be required to disclose and provide to Pesto information including personal contact details like name and email address. In some cases, additional details like billing information including name, GST, address, PAN etc. may be required. Such information gathered shall be utilized to ensure greater customer satisfaction and help a customer satiate their needs.
2.3. We also automatically collect certain computer, device and browsing information when you access the website or use Pesto Services. This information is aggregated to provide statistical data about our users’ browsing actions and patterns, and does not personally identify individuals. This information may include:Computer or mobile device information, including IP address, operating system, network system, browser type and settings; Website usage information.
2.5. By using the Website and/or registering yourself at Pesto.com you authorize us to contact you via email or phone call or SMS and offer you our services, imparting product knowledge, offer promotional offers running on the website & offers offered by the associated third parties, for which reasons, personally identifiable information may be collected. And irrespective of the fact if you have also registered yourself under DND or DNC or NCPR service, you still authorize us to give you a call from Pesto for the purposes mentioned above with us.
If you want to avoid using cookies altogether, you can disable cookies in your browser. However, disabling cookies might make it impossible for you to use certain features of our website or Services, such as logging in to your Pesto Account or making Transactions. Your use of our website or Service with a browser that is configured to accept cookies constitutes acceptance of our and third-party cookies.
3. How Pesto uses the information we collect
3.1. We collect your personal information and aggregate information about the use of our Website and Services to better understand your needs and to provide you with a better Website experience. Specifically, we may use your personal information for any of the following reasons:
- To provide our Services to you, including registering you for our Services, verifying your identity and authority to use our Services, and to otherwise enable you to use our Website and our Services;
- For customer support and to respond to your inquiries;- For internal record-keeping purposes;
- To process billing and payment, including sharing with third party payment gateways in connection with Website and/or Pesto’s products and Services;
- To improve and maintain our Website and our Services (for example, we track information entered through the “Search” function; this helps us determine which areas of our Website users like best and areas that we may want to enhance; we also will use for trouble-shooting purposes, where applicable);
- To periodically send promotional emails to the email address you provide regarding new products from Pesto, special offers from Pesto or other information about Pesto that we think you may find interesting;
- To contact you via email, or, where requested, by text message, to deliver certain services or information you have requested;
- For Pesto’s market research purposes, including, but not limited to, the customization of the Website according to your interests;
- We also may compare personal information collected through the Website and Services to verify its accuracy with personal information collected from third parties; and
- We may combine aggregate data with the personal information we collect about you.
3.2. We may collect Pesto services usage information in order to improve function or UI, but will only use this information in an aggregated, anonymized fashion, and never in association with your name, email, or other personally identifying information.
4. Data Retention
4.1. To ensure fair processing, personal data will be retained by the Board of Pesto (who shall at all times be considered as the “Data Controller” under this Policy) until a customer has an active account on the website and undertakes transactions therefrom.
4.2. The Board of Pesto shall maintain all records relevant to administering this policy and procedure in electronic form on our computers, servers, cloud storage etc.
4.3. We will retain records of all such information for five years after the account has been closed. 4.4. All personal data should be deleted or destroyed as soon as possible where it has been confirmed that there is no longer a need to retain it.
5. Data Protection
5.1. To ensure fair processing, personal data will be retained by the Board of Pesto (who shall at all times be considered as the “Data Controller” under this Policy) until a customer has an active account on the website and undertakes transactions therefrom.
5.2. The Board of Pesto shall maintain all records relevant to administering this policy and procedure in electronic form on our computers, servers, cloud storage etc.
5.3. We will retain records of all such information for five years after the account has been closed.
5.4. All personal data should be deleted or destroyed as soon as possible where it has been confirmed that there is no longer a need to retain it.
6. data protection rights
We would like you to be completely aware of your data protection rights. Every customer is entitled to the following:
- Information access.- Objection to processing.- Objection to automated decision-making and profiling.
- Restriction of processing.
- Data portability.
- Data rectification.
- Data erasure.
If a customer makes a request relating to any of the rights listed above, the Board of Pesto will consider each such request in accordance with all applicable data protection laws and regulations. No administration fee will be charged for considering and/or complying with such a request unless the request is deemed to be unnecessary or excessive in nature. Requests shall be made in writing/email to: email@example.com.
We may share the information that we collect about you, including your personal information, as follows: a) Information Disclosed to Protect Us and Others We may disclose your information including Personal Information if:
(i) Pesto reasonably believes that disclosure is necessary in order to comply with a legal process (such as a court order, search warrant, etc.) or other legal requirement of any governmental authority,
(ii) disclosure would potentially mitigate our liability in an actual or potential lawsuit,
(iv) disclosure is intended to help investigate or prevent unauthorized transactions or other illegal activities, or
We may send periodic promotional or informational emails to you. You may opt-out of such communications by following the opt-out instructions contained in the email. Please note that it may take up to 10 business days for us to process opt-out requests. If you opt-out of receiving emails about recommendations or other information we think may interest you, we may still send emails on a case to case basis.
9. Breach Reporting
Any individual who suspects that a personal data breach has occurred as a result of the theft or exposure of personal data must immediately notify the Board of Pesto immediately at firstname.lastname@example.org by providing a description of what occurred. They will investigate all reported incidents to confirm whether or not a personal data breach has occurred. If a personal data breach is confirmed, Pesto will follow the relevant authorized procedure based on the criticality and quantity of the personal data involved. For severe personal data breaches, Pesto’s senior management will initiate and chair an emergency response team to coordinate and manage the personal data breach response.
THIS POLICY IS CURRENT AS OF THE EFFECTIVE DATE SET FORTH ABOVE. PESTO MAY, IN ITS SOLE AND ABSOLUTE DISCRETION, CHANGE THIS POLICY FROM TIME TO TIME BY UPDATING THIS DOCUMENT. PESTO WILL POST ITS UPDATED POLICY ON THE WEBSITE ON THIS PAGE. PESTO ENCOURAGES YOU TO REVIEW THIS POLICY REGULARLY FOR ANY CHANGES. YOUR CONTINUED USE OF THIS WEBSITE AND/OR CONTINUED PROVISION OF PERSONAL INFORMATION TO US WILL BE SUBJECT TO THE TERMS OF THE THEN-CURRENT POLICY.