Privacy Policy

Introduction

Data Privacy is a fundamental principle within modern society. Data privacy is not – unlike the term may first suggest – all about data, but about the people, of whom information (data) is processed. Data privacy is a fundamental right, which refers to the protection of the personal rights of natural, living people. Every person should have the opportunity to decide, who gets which information about him or on which occasion (informational self- determination).
Ridex Helmet has created this Policy to demonstrate its commitment towards the Information Technology Reasonable Security Practices and Procedures and Sensitive Personal Data or Information), Rules, 2011 (“Rules”) and also towards Ridex’s global policy for data privacy and protection.
Ridex Helmet recognizes the importance of “Personal Information” including “Sensitive Personal Information” provided by natural persons, under a lawful contract.
Ridex Helmet intends to take reasonable measures to keep such information confidential under appropriate arrangements and under the applicable laws and policies.

Definition

• “Personal Data” means any information concerning the personal or material circumstances of an identified or identifiable individual, e.g. name, address, bank details, etc. It can be with reference to employees, customers, suppliers, shareholders, etc. A person is considered to be identifiable if they can be identified directly or indirectly.
• Employees are identified or identifiable persons, who are employed by Ridex Helmet including partners associated with them.
• “Customers” are identified or identifiable natural persons, who show Ridex Helmetthat they have an obvious interest in concluding a contract to acquire a product or a service or, as the case may be, that they are the recipient of a product or service provided by Ridex Helmet.
• “Processing” is any operation or set of connected operations performed using the Personal Data, whether with or without the help of automatic means. This includes collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction.
• “Rendering Anonymous” means the alteration of Personal Data so that the details about personal or material circumstances can no longer be matched to an identified or identifiable natural person or could be so matched only by expending a disproportionate amount of time, expense, and effort.
• “Pseudonymisation” means replacing identifying features with a code to make identification of the Data Subject impossible or considerably more difficult.
• “Sensitive Personal Data”, for this Policy, refers to such personal information about a natural person, which consists of information relating to:

1. Password
2. Financial information such as Bank account or credit card or debit card or other payment instrument details;
3. Physical, physiological, and mental health conditions;
4. Sexual orientation;
5. Medical records and history;
6. Biometric information;
7. Any detail relating to the above clauses as provided to us for providing services;
8. Any of the information received under any of the above clauses by us for processing, storing, or processing under lawful contract or otherwise.
9. Any information that is freely available or accessible in the public domain or furnished under the Right to Information Act, 2005, or any other law for the time being in force shall not be regarded as Sensitive Personal Information for this Policy.
10. “Provider” for this Policy, refers to a natural person or individual who provides Personal Information or Sensitive Personal data or information, directly under lawful contract to Ridex Helmet.

Purpose and usage

Provider’s Personal Information/ Sensitive Personal Data is collected and used /processed for lawful, legitimate, contractual, and administrative purposes of Ridex Helmet.
Generally, the Personal Information/Sensitive Personal Data collected pertains to the Provider that may be used for the purposes such as administration and facilitation of relationships with customers, employees, suppliers, etc. for internal operational purposes, for marketing surveys and customer research and feedback, warranty
services, to update with information about Ridex Helmet and the products and services, to provide information about special offers, from time to time and to satisfy the legal and regulatory obligations. The Personal Information/Sensitive Personal Data collected about the staff/employee may be used for human resource management, technology support/updates, management planning, administration, and management of the internal processes,
services, and operations to enable it to perform Ridex Helmet’s proper functions and to satisfy the legal and regulatory obligations. The Personal Information/Sensitive Personal Data (as per Rules) can be collected /or retained either directly by Ridex Helmet or through an affiliate or third party, as per the procedure prescribed by Rules.

Disclosure to Third Parties

The Personal Information/Sensitive Personal Data collected would only be used, processed, and/or shared within the affiliates and/or group companies, authorized Ridex Helmet dealers, and other authorized business partners.
Ridex Helmet would not disclose any Personal Information/Sensitive Personal Data to any external organization unless it has the consent of the provider or is required by law or has previously informed the Provider.
Notwithstanding anything in Article 4 to the contrary, if Ridex Helmet is, in the opinion that it is required by applicable law or government authority, to disclose any Personal Information/Sensitive Personal Data to any Person, then it may disclose such information only to the extent so required.

Security practices and procedures

Ridex Helmet has in place a security system, to ensure that personal information is protected from unauthorized access, use, disclosure, or alteration by anyone including the employees of Ridex Helmet.
Ridex Helmet undertakes several security measures to maintain the safety of the Provider’s personal information, which includes the use of: physical secure data centers and premises; internal security policies and procedures; defined internal segregation of duties; and electronic access controls such as passwords and encryption technology. Our Information Security Management System follows the
international standard ISO 27001.
Security practices:

1. Data economy – Access to personal data is granted only to personnel on need to know basis. Redundant data may not be stored and personal data from the concerned Department shall not be exported to other applications unless necessary.
   Where it is not necessary to know the identity of the Data Subject there the personal data shall be processed in a pseudonymized form or a form that has been rendered anonymous.
2. Purpose Limitation – Data collected for a particular purpose shall be used for that purpose only and shall not be used for any other purpose without the consent of the Data Subject or other legal permission.
3. Deleting/Archiving Data – Once the purpose of the processing of Personal Data is fulfilled then such Data must immediately be deleted or, as the case may be, access thereto blocked in compliance with the obligations to retain records prescribed by law or agreed within the Ridex Helmet. This obligation to delete data does not apply to
   data that has been rendered anonymous. In exceptional cases where required such information shall be dealt with on a case-to-case basis of the concerned Department and as per applicable laws.

No Obligation to provide personal information

The Provider is under no obligation to provide any personal information requested by Ridex Helmet and a Provider can withhold any personal information as he/she may choose, but in such a case Ridex Helmet may not be able to provide all products and services as this will depend on the kind of information withheld.

The Provider can opt-out at any time online by accessing the unsubscribe form.

The Provider may review the Personal Information/Sensitive Personal Data provided to Ridex Helmet to ensure that the said information is accurate. Ridex Helmet shall not be responsible for the authenticity of the information supplied to Ridex Helmet or any person acting on behalf of Ridex Helmet.

Contact Us

Ridex Helmet strives to maintain the Provider’s personal information on the records as accurately and updated as reasonably as possible. On request, the details on record, the purpose for which it is used, and to whom has it been disclosed can be provided