Privacy & Policy
This Privacy Notice outlines UpsideLMS’s approach to data protection to fulfil its obligations under the EU General Data Protection Regulation 2016/679 ("GDPR"). This Privacy Notice applies to your Personal Data which is processed by us, whether in physical or electronic mode. This notice shall apply to you ONLY if GDPR applies to the processing of your Personal Data by us.
In this Privacy Notice, the expressions ‘Personal Data’, ‘Data Subject’, ‘Controller’, ‘Processor’ and ‘Processing’ shall have the meanings given to them in the GDPR.
We are committed to treating Data Privacy seriously. It is important that you know exactly what we do with your Personal Data.
Throughout this document, the terms “we”, “us”, “our”, “ours” refer to UpsideLMS. Wherever we’ve said ‘you’ or ‘your’, this means you.
WHO WE ARE
We are UpsideLMS, a provider of learn-tech solutions with headquarters in Pune, India. We provide a wide range of technology enabled solutions to businesses worldwide. You can find out more about us at www.upsidelms.com
THE ROLES WE PLAY
We play the role of a Data Controller when we collect and process Personal Data about you.
We play the role of a Data Processor when we collect and process Personal Data on behalf of another Data Controller.
Our Information handling practices are continually reviewed to ensure that they comply with applicable laws in the jurisdictions and fields in which we provide our services. We commit to protecting your privacy and hence our Personal Data handling practices are continually reviewed to ensure compliance with the European Union General Data Protection Regulation (GDPR), 2018.
Categories of Personal Data
Categories of Personal Data collected and processed by us are as follows:
Demographic & identity data
- Contact details such as name, email address, contact number
- Socio-Demographic details such as Country
- Open data and public records such as information about you that is openly available on the internet, and on social media handles like LinkedIn.
Online identifiers and other technical data
- Location details such as data we get about your location, IP address, or from where you connect a computer to the internet
- Communications details such as the Meta data and other Personal Data we get from communications done through e-mails, SMS, instant messages and calls, or when you post reviews or feedback about our services/products
- Usage data details such as data about how you use our website, the type of browser you use, the URL you previously accessed and the URL you go to next, pages viewed, etc
Purpose, Usage & Legal basis for using your information
- To provide our products and services to you and contact you regarding the same
- To handle enquiries and complaints, and contact you regarding the same
- To monitor, record and analyse any communications between you and us, including phone calls, emails, text messages
- To meet our regulatory and reporting obligations
- To evaluate, develop and improve our platforms, services, and enhance user experience
- To perform analytics and recognize demographic trends and provide tailormade content to you
- To communicate with you about promotional material or information about other services and products that might be of interest or value to you
- Periodically sending you our newsletter
LAWFUL GROUNDS FOR USING YOUR INFORMATION
We are permitted to process your Personal Data in compliance with GDPR by relying on one or more of the following lawful grounds:
- You have explicitly agreed to us processing such information for a specific reason
- The processing is necessary to perform the agreement we have with you or to take steps to enter into an agreement with you
- The processing is necessary for compliance with a legal obligation we have
- The processing is necessary for the purposes of a legitimate interest (“Legitimate Interest”) pursued by us, such as:
- to provide services to you;
- to prevent, detect, investigate and prosecute fraud and alleged fraud, and other crimes and to verify your identity in order to protect our business and to comply with laws that apply to us and/or where such processing is a contractual requirement of the services you have requested;
- to evaluate, develop or improve our products and services; or
- to keep our customers informed about other relevant services, unless you have indicated at any time that you do not wish us to do so;
- to market our products or services;
How Do We Get Personal Data
Most of the Personal Data we process is provided to us directly by you when you use our products and/or services. This also includes the Personal Data collected when you use our website and application(s).
We also receive Personal Data indirectly from other sources, in following scenarios:
- Social media networks (for instance, when you click on one of our Facebook or Google ads or from your publicly available information)
- Third party providers such as public databases, joint marketing partners, social media platforms, email service providers
- Events, conferences, or trade shows where we receive your visiting cards, or when you submit your details at our booths, or through networking with you at such events
Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the website.
Below is a list of cookies used on our website along with a description of what they are used for.
|Category||What they do|
These cookies are needed to run our website, to keep it secure if you are logged on and to obey regulations that apply to us.
If you are a customer, they help us know who you are so that you can log on and manage your accounts. They also help us keep your details safe and private.
These cookies are used for remembering things like:
These cookies tell us how you and our other customers use our website. We combine all this data together and study it. This helps us to:
These cookies help us decide which of our products, services and offers may be relevant for you.
We may use this data to tailor the marketing and ads you see on our own and other website and mobile apps, including social media. For instance, you may see our ads on other sites after you have been to our website.
If you turn off cookies, you will still see ads online, but they will not be tailored to things that may interest you.
Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set, visit www.aboutcookies.org or www.allaboutcookies.org However, please note that this website does not belong to us and we do not authenticate any information available therein and your visit thereon will be subject to the terms and conditions and privacy policies of that website.
Please note disabling the ‘Strictly Necessary’ cookies may cause certain parts of our website to remain inaccessible to you.
Sharing Your Personal Data
We use data processors who are third parties who provide elements of services for us. We have contracts in place with our data processors. This means that they cannot do anything with your Personal Data unless we have instructed them to do it. They will hold it securely and retain it for the period we instruct.
We might disclose your Personal Data if we believe that it is reasonably necessary to comply with a law, regulation, legal process; to protect the safety of any person; to address fraud, security, or technical issues; or to protect our rights or the rights of those who use our services.
1. Reasons for Sharing Information with Other Parties:
We may share your information with others where it is lawful to do so including where we or they:
- need to provide you with products or services
- have a legal obligation to do so
- have requirement in connection with regulatory reporting, litigation or asserting or defending legal rights and interests;
- have a legitimate business reason for doing so,
- have asked you for your consent to share it, and you’ve agreed.
2. With Whom Your Information may be Shared:
We may share your information for the above purposes with other’s parties including:
- channel partners and any sub-contractors, agents or service providers who work for us or provide services to us or group companies (including their employees, sub-contractors, service providers, directors and officers);
- merger, acquisition or takeover, including any transfer or potential transfer or assignment of any of our rights or duties under our agreement with you
- law enforcement authorities, government authorities, courts, dispute resolution bodies, our regulators, auditors and any party appointed or requested by our regulators to carry out investigations or audits of our activities
- statutory and regulatory bodies and authorities (including the government) investigating agencies and entities or persons, to whom or before whom it is mandatory to disclose the Personal Data as per the applicable law, courts, judicial and quasi-judicial authorities and tribunals, arbitrators and arbitration tribunals
- overseas regulators
- anybody else that we’ve been instructed to share your information with by you
Cross-border Data Transfer
Personal Data we hold about you may be transferred to other countries outside your residential country for any of the purposes described in this Privacy Notice. If we transfer your information to third parties for purposes stated in this Privacy Notice, we will use best endeavors to put in place appropriate safeguards to ensure that your information remains adequately protected. You can request for information on safeguards provided by reaching out to us at the details provided in the ‘Contact Us’ section of this notice.
We are committed to protecting your Personal Data in our custody. We take reasonable steps to ensure appropriate physical, technical and managerial safeguards are in place to protect your Personal Data from unauthorized access, alteration, transmission and deletion. We use encryption at relevant points to protect your data. We ensure that the service providers/third party vendors provide services to us under appropriate confidentiality agreements and are required to take appropriate security measures to protect your personal information in line with our policies.
Retention and Disposal of Data
We keep the Personal Data we collect about you on our systems or with third parties for as long as required for the purposes set out in this privacy notice and for legal or regulatory reasons. We will only use your Personal Data for those purposes and will make sure that your privacy is protected. We shall take reasonable steps to delete or permanently de-identify Personal Data that is no longer needed.
Links to Other Websites
Where we provide links to websites of other organisations , this privacy notice does not cover how that organisation processes Personal Data. Our Websites have links that redirect you to our social networking pages of Facebook, Twitter, LinkedIn, Google+, Feedburner, SlideShare, and YouTube and other sites where we may have pages in future. These pages are hosted on separate sites that are governed by their own privacy policies. We encourage you to read the privacy notices on the other websites you visit.
Our website is not designed to be used by children aged below 16. Personal Data of children will not be knowingly collected by us.
Your Data Protection Rights
Under the GDPR, you have rights we need to make you aware of. We commit to provide the following rights to you, as detailed below:
|Rights under GDPR||How we facilitate your Rights?|
|Right to be Informed||
We aid this right to you through our Privacy Notice
Our Privacy Notice communicates how we handle your Personal Data collected through our website. For any further information, feel free to contact us.
|Right of Access||
Under GDPR, you can contact us to get access to your Personal Data along with information regarding its purpose, disclosure, categories of Personal Data, storage period, source of collection of Personal Data, confirmation whether they are being processed or not.
Right to Rectification
You can contact us to get the information corrected.
Right to Erasure
You can contact us to get your Personal Data deleted or erased.
Right to Restriction of Processing
You can contact us and request restriction of further processing in case:
1. You contest the accuracy of Personal Data provided to us and you like to restrict its processing for a period enabling us to verify the Personal Data.
2. You think the processing of Personal Data is unlawful and request restriction instead of deletion.
Right to Data Portability
You can contact us to get your Personal Data in a structured, machine-readable format and if you want, can have it transmitted to another organisation.
Right to Object
We send you emails containing our marketing material when you opt in for it at the time of registration. You can choose to opt out of receiving marketing material from us anytime by clicking on the unsubscribe link at the bottom of the marketing email that you receive from us.
Right not to be subject to Automated individual decision-making, including profiling
We do not process your Personal Data for automated decision-making including profiling.
Right to lodge a complaint with the Supervisory Authority
You have the right to lodge a complaint with a supervisory authority, in the particular Member State of your habitual residence, place of work or place of an alleged infringement of the General Data Protection Regulation.
For the purpose of identifying the supervising authority of your concern you may visit the link below: https://edpb.europa.eu/about-edpb/board/members_en
If you wish to make a request to exercise any of your rights, you can contact us using the details in the ‘Contact us’ section of this notice
For any further queries and complaints related to privacy, or exercising your rights under GDPR, you could reach us at:
Contact Email Address: firstname.lastname@example.org
Your queries will be addressed within one month of receipt of such requests. In case of any delay in addressing such requests, the delay and the reason therefore will be communicated to you within a month of receipt of request.
Notification of Changes
We keep our privacy notice under regular review to make sure it is up to date and accurate. Any changes we may make to this privacy notice in the future will be posted on this page. We recommend that you re-visit this page regularly to check for any updates.