Privacy Policy - Marmin Technologies
Introduction
This Privacy Policy ("Policy") describes how Marmin Technologies Private Limited ("Marmin Technologies", "we", "us", or "our") collects and uses your data when you use our website (marmin.ai) and any related services (collectively, "Services"). This Policy also describes your rights and how you can exercise them. By using our Services, you agree to the collection and use of information in accordance with this Policy.
Collection and Use of Personal Data
We collect various types of personal data, including but not limited to:
- Identifiers: Name, email address, phone number, IP address.
- Usage Data: Information on how you interact with our Services.
- Cookies and Tracking Technologies: These are detailed in our cookie policy.
Legal Basis for Processing
We process personal data based on the following legal grounds:
- Consent: We obtain your consent to collect and process your personal data for specific purposes. You can withdraw your consent at any time.
- Contract: Processing is necessary for the performance of a contract with you.
- Legal Obligation: Compliance with legal obligations to which we are subject as stated by the regulatory authorities.
- Legitimate Interests: Processing is necessary for our legitimate business interests, provided these are not overridden by your rights.
Consent and Withdrawal
By using our Services and providing your personal data, you consent to its collection and processing as outlined in this Policy. You have the right to withdraw your consent at any time by contacting us at support@marmin.ai.
Consequences of Withdrawal or Refusal of Consent
- If you withdraw your consent, we will stop processing your data for purposes based on consent. However, certain data might have to be retained for compliance as stated by the respective regulatory authority.
- Refusal to provide consent for certain data collection may limit your ability to use some features of our Services.
Data Retention
In compliance with the regulatory authority, we might be required to retain invoices and related data for a certain period. This means that even if you request the erasure of your data, certain information must be retained to comply with legal obligations.
Data Subject Rights
Under GDPR, you have the following rights:
- Access: Request access to your personal data.
- Rectification: Correct inaccurate or incomplete personal data.
- Erasure: Request the deletion of your personal data. In certain cases, due to the legal obligations towards the regulatory authorities, certain data will be retained for the stipulated time.
- Restriction: Restrict the processing of your personal data.
- Portability: Request the transfer of your personal data to another controller.
- Objection: Object to the processing of your personal data based on legitimate interests.
- Automated Decision-Making: Object to decisions made solely on automated processing, including profiling.
To exercise these rights, contact us at support@marmin.ai.
Use of Personal Information
We use the personal information we collect for various purposes, including:
- To provide and maintain our Services.
- To notify you about changes to our Services.
- To allow you to participate in interactive features of our Services when you choose to do so.
- To provide customer support.
- To gather analysis or valuable information so that we can improve our Services.
- To monitor the usage of our Services.
- To detect, prevent, and address technical issues.
Access to Data Within the Organization
Only authorized personnel within Marmin Technologies have access to personal data. Access is granted based on the need to know to fulfill their job responsibilities and is subject to strict contractual confidentiality obligations.
Sharing Personal Data Outside the Organization
Marmin Technologies is committed to maintaining the confidentiality of your personal data. We share personal data outside the organization only under specific circumstances, primarily to fulfill our contractual and legal obligations. As of now, this data is shared only with regulatory authorities to process invoices and manage necessary business processes on behalf of our customers.
Security of Your Data
We implement industry-standard technical and organizational measures by using a variety of security technologies and procedures to help protect your data from unauthorized access, use, loss, destruction, or disclosure. When we collect particularly sensitive data it is encrypted using industry-standard cryptographic techniques including but not limited to SSL, TLS, RSA, and AES. We adhere to the ISO/IEC 27001:2022 standard, an internationally recognized framework for Information Security Management Systems (ISMS). Our commitment to ISO 27001 ensures that we follow rigorous security practices and maintain high standards for information security. We adhere to the following reasonable security practices and procedures to protect your personal data:
- Access Control: We ensure that access to personal data is granted only to authorized personnel on a need-to-know basis and that such access is logged and monitored.
- Data Encryption: Sensitive personal data is encrypted both in transit and at rest using strong encryption methods such as AES-256.
- Network Security: We employ secure network architecture, including firewalls and intrusion detection systems, to prevent unauthorized access.
- Regular Audits: We conduct regular security audits and assessments to identify potential vulnerabilities and ensure compliance with our security policies.
- Incident Management: We have established protocols for managing and responding to security incidents, including data breaches, to mitigate any potential impact on your personal data.
- Employee Training: We conduct regular training programs for our employees to ensure they are aware of and comply with our security policies and procedures.
- Business Continuity Management: We have developed and tested business continuity plans to ensure the availability of critical information and systems in the event of a disruption.
- Risk Assessment and Treatment: We conduct regular risk assessments to identify potential security threats and vulnerabilities, and implement appropriate risk treatment plans to mitigate identified risks.
- Audit and Compliance: We conduct regular internal and external audits to ensure compliance with ISO 27001 standards and continuously improve our ISMS.
Information We Collect and How We Use It
TYPE OF USER | VISITOR | USER |
---|---|---|
WHAT DATA WE MAY COLLECT |
|
|
HOW AND WHY, WE USE IT | We use this information to analyze and identify your behavior and enhance the interactions you have with the Website. If you submit your details and give us your consent, we may send you newsletters and e-mails to market other products and services we may provide. | We collect this data in order to facilitate the provision of our Services. We will occasionally send you e-mails regarding changes or updates to the Service that you are using. If you give us your consent, we may send you newsletters and e-mails to send you updates regarding the products and our services. |
Data Anonymization
For the avoidance of any doubt, we should clarify that in the event we anonymize and aggregate information collected from you, we will be entitled to use such anonymized data freely, without any restrictions other than those set out under applicable law.
Grounds for Processing
The data provided by you as a Visitor, or when you sign up as a Customer / User or register for our Services will be processed by us for the purpose of rendering Services to you or to take steps prior to rendering such Services, at your request. Where such data is not being used by us to render Services to you, we shall explicitly seek your consent for using the same. You can choose to withdraw this consent at any time by contacting us at support@marmin.ai.
Additionally, we may process your data to serve legitimate interests.
Retention of Personal Information
We will store any personal data we collect from you as long as it is necessary in order to facilitate your use of the Services and for ancillary legitimate and essential business purposes -- these include, without limitation, improving our Services, attending to technical issues, and dealing with disputes. We may need to retain your personal data even if you seek deletion thereof if it is needed to comply with our legal obligations, resolve disputes, and enforce our agreements. If you are a customer, please be advised that:
- You will need to inform your Leads about how you store and deal with any data you collect from them using one of our Services, in compliance with applicable laws including the GDPR; and
- After you terminate your usage of a Service, we may, unless legally prohibited, delete all data provided or collected by you from our servers.
Transfer of Information
In order for us to facilitate our operations, we may transfer and store the data we collect and process in accordance with this Policy, to our database server in a third country for Disaster Recovery purposes. Your rights and protections will, under no circumstances, be diluted by this transfer. Further, in the ordinary course of business, we may employ other companies and people to assist us in providing certain components of our Services in compliance with the provisions of this Policy. To do so, we may need to share your data with them. Where applicable -- if the entities to which these transfers are affected are not situated in countries deemed 'adequate', we shall enter into appropriate Data Protection Addendums with the transferee parties that comprehensively protect your data. We shall also put in place industry-standard technical and organizational measures (including robust data handling policies) to ensure that such transfers are completed in accordance with applicable laws. Some of the examples of where we may subcontract processing activities to third parties include—data analysis, marketing assistance, processing credit card payments, and providing customer service.
Compelled Disclosure
In addition to the purposes set out in the Policy, we may disclose any data we collected or processed from you if it is required:
- Under applicable law or to respond to a legal process, such as a search warrant, court order, or subpoena;
- To protect our safety, your safety, or the safety of others or in the legitimate interest of any party in the context of national security, law enforcement, litigation, criminal investigation or to prevent death or imminent bodily harm;
- If required in connection with legal proceedings brought against Marmin Technologies, its officers, employees, affiliates, customers or vendors; or
- To establish, exercise, protect, defend, and enforce our legal rights.
Changes to This Policy
We reserve the right to modify this Policy or its terms relating to the Website and Services at any time, effective upon posting an updated version of this Policy on the Website. Continued use of the Website and Services after any such changes shall constitute your consent to such changes.
Contact Us
The contact details of our Grievance Officer, who you may contact if you have any concerns, complaints, or feedback pertaining to this Policy, are as follows:
ADDRESS: | Marmin Technologies Pvt Ltd #104 Sri Manjunatha Regency Geethanjali Vidyalaya Main Rd C V Raman Nagar Bengaluru Karnataka 560093 India |
EMAIL: | support@marmin.ai |