Privacy Policy

Information We Collect

We collect information to provide and improve our certification, auditing, and training services. The types of information we may collect include:

• Personal Information: Name, email address, phone number, job title, company name, and address provided when you contact us, register for services, or engage with our website.
• Professional Information: Details about your organization, such as industry, size, and certification requirements, to tailor our services.
• Usage Data: Information about how you interact with our website, including IP address, browser type, pages visited, and time spent, collected through cookies and similar technologies.
• Communication Data: Correspondence with us via email, phone, or forms, including inquiries or feedback.
• Financial Information: Payment details, such as bank account or credit card information, processed securely for service payments (not stored by us).

How We Collect Information

We collect information through:

• Direct Interactions: When you submit forms, request quotes, or communicate with us.
• Automated Technologies: Cookies, web beacons, and analytics tools track your website usage. You can manage cookie preferences via our cookie consent tool.
• Third Parties: Partners, such as payment processors or marketing platforms, may share limited data with us, subject to strict agreements.

How We Use Your Information

We use your information to:

• Deliver certification, auditing, and training services.
• Process payments and manage contracts.
• Respond to inquiries and provide customer support.
• Send marketing communications (with your consent, where required).
• Analyze website usage to improve our services.
• Comply with legal obligations, such as tax reporting or data protection regulations.

Under the GDPR, our legal bases for processing include:

• Contract: To fulfill our service agreements.
• Consent: For marketing or non-essential cookies.
• Legitimate Interests: For improving services or fraud prevention, where your rights are not overridden.
• Legal Obligation: To meet regulatory requirements.

How We Share Your Information

We do not sell your personal information.

• Service Providers: Third parties, such as IT providers, payment processors, or analytics firms, who process data on our behalf under strict confidentiality agreements.
• Affiliates: Other Alcumus Group entities for internal operations, subject to this policy.
• Legal Authorities: When required by law, such as in response to a court order or regulatory request.
• Business Transfers: In the event of a merger, acquisition, or sale, your data may be transferred with appropriate safeguards.

International Data Transfers

As a global organization, we may transfer data to countries outside India, including the EU and USA. We ensure compliance with:

• DPDP Act (India): Data transfers adhere to prescribed safeguards.
• GDPR (EU): Transfers use Standard Contractual Clauses or rely on adequacy decisions.
• CCPA (USA): Data handling aligns with California privacy standards.

We implement appropriate technical and organizational measures to protect your data during transfers.

Your Rights

Depending on your location, you have the following rights:

• Access: Request a copy of your personal data.
• Correction: Update inaccurate or incomplete data.
• Deletion: Request deletion of your data, subject to legal retention obligations.
• Restriction: Limit how we process your data in certain cases.
• Portability: Receive your data in a structured, machine-readable format.
• Objection: Object to processing based on legitimate interests or for marketing.
• Withdraw Consent: Revoke consent at any time, without affecting prior processing.
• Do Not Sell: Under CCPA, opt out of data sales (not applicable as we do not sell data).

To exercise your rights, contact us at abhishek@isoqarindia.com. We will respond within 30 days (or as required by law). In India, you may also approach the Data Protection Authority under the DPDP Act.

Data Security

We use industry-standard measures, including encryption, firewalls, and access controls, to protect your data. However, no system is completely secure, and we cannot guarantee absolute security. We notify you and regulators of data breaches as required by law.

Data Retention

We retain personal data only as long as necessary for the purposes outlined, or as required by law (e.g., tax or certification records). For example:

• Client data is kept for the duration of our contract and up to 7 years thereafter for legal compliance.
• Marketing data is retained until you unsubscribe.

Data no longer needed is securely deleted or anonymized.

Cookies and Tracking

Our website uses cookies to enhance user experience and analyze performance. You can manage preferences via our cookie banner.

For details, see our Cookie Policy here.

Third-Party Links

Our website may link to third-party sites not controlled by us. We are not responsible for their privacy practices. Review their policies before sharing data.

Children’s Privacy

Our services are not directed to individuals under 18. We do not knowingly collect data from children. If we learn such data has been collected, we will delete it promptly.

Changes to This Policy

We may update this policy to reflect legal or operational changes. Significant updates will be notified via email or our website. Check this page periodically for the latest version.

Contact Us

For questions, complaints, or to exercise your rights, contact:

Data Protection Officer: Abhishek Bhutra

Address: ISOQAR India Private Limited, 303, MATRIX, Off SG Highway, Makarba, Ahmedabad – 380 051, Gujarat, India

Email: abhishek@isoqarindia.com

Phone: +91 92050 40504