Last updated on: 9th August 2024
We respect your privacy and care about how your Personal Information is used. This Privacy Policy (the “Policy”) outlines how Sumtracker Software Private Limited (“Company” or “us” or “we” or “our“) and its affiliates collect, use, store, process, transfer, and disclose your information through our website https://sumtracker.com/ (“Website”), and software (together referred to as the “Platform”). It applies to your interactions with and usage of our Platform. We prioritize the privacy and security of our Users. Therefore, we do not collect, store, or process any Personally Identifiable Information (PII) of the end-users of Sumtracker’s customers. By reviewing this Policy, you will gain a comprehensive understanding of your privacy rights and choices.
Your access to or utilization of our Platform and/or Services operated by the Company linked to this Policy implies your agreement to be governed by this Policy. By providing us with your Personal Information, you expressly consent to the use and disclosure of your Personal Information as outlined in this Policy. This Policy, along with the Terms of Service is applicable to your use of the Services and you explicitly agree and acknowledge to read the Privacy Policy in conjunction with the Terms of Service. The definitions and terms defined in the Terms of Service are incorporated in this Agreement by reference.
By utilizing the Services, engaging with the Company’s Platform, or furnishing your Personal Information, you explicitly agree and acknowledge that you accept the terms delineated in this Policy. The terms ‘you‘ or ‘your’ or ‘User‘ in the context of this Policy is as defined in the Terms of Service.
By visiting the Platform or providing your information, you expressly agree to be bound by this Privacy Policy and agree to be governed by the privacy laws including but not limited to the Digital Personal Data Protection Act (DPDP Act), General Data Protection Regulation (GDPR), and/or any other relevant regulations governing data protection and privacy.
IF YOU DO NOT CONSENT TO THE COLLECTION, USE, AND DISCLOSURE OF YOUR PERSONAL INFORMATION AS SET FORTH IN THIS PRIVACY POLICY, PLEASE REFRAIN FROM ACCESSING AND/OR USING OUR PLATFORM
TO WHOM DOES THIS POLICY APPLY?
-
- This Policy is inclusive and applies to all Users of our Platform, irrespective of their browsing intent or their extent of utilizing the Services offered on our Platform.
- The applicability of this Policy extends to Users regardless of the device type used for accessing our Platform, whether it be a laptop/desktop or a mobile/tablet device.
- We do not knowingly collect or solicit Personal Information from anyone under the age of eighteen (18) or knowingly allow such persons to register for and/or utilize the Services. If you are under the age of eighteen (18), please do not attempt to register for the products or Services or send any information about yourself to us. No one under the age of eighteen (18) may provide any Personal Information to us.
WHAT IS THE PERSONAL INFORMATION THAT WE COLLECT FROM YOU?
-
- To use our Platform, you need to create an account and register with us (“Account”) and for this purpose, we collect certain Personal Information which may include but is not limited to the following:
- Basic Information: You are required to provide basic information such as first name, last name, postal address, company name, company location, and the time zone you are in to ensure accurate service and support, some of which will depend on the features you use.
- Contact information: such as email address and mobile number.
- Linked Google Account Information: If your Account is linked with Google, we collect your Google email address for authentication and communication purposes.
- Additional Information: includes, without limitation, when you fill in a form on our Website, add information to your Account, participate in promotions, communicate with our support team, import or manually enter address book contacts, provide your address, or share your experience with us.
- Communication with us: This can include any communication that you send to us, including communications for any inquiries, payments, technical support, etc.
- You agree to provide us with your Personal Information whenever you use our Services by performing any of the following functions:
- Accessing our Platform by means of any web browser or any device;
- Creating an Account and registering for our Services on the Platform;
- Inquiring about our Services through our Platform;
- Initiating and maintaining correspondence with us.
- We take precautions to ensure that such Personal Information is kept secure and confidential, and we will only retain this data for as long as necessary for the purposes for which we collect it as per the permissible laws.
- We shall not be liable for any loss or damage sustained by you as a result of any disclosure (inadvertent or otherwise) of any Personal Information concerning your Account, credit cards, or debit cards in the course of any online transactions or payments made for any Services offered through the Platform. All User billing is done through external platforms such as Shopify and Stripe and Sumtracker has no control over the transactions done through such billing partners. You acknowledge that any payment made on the Platform will also be subject to the terms and conditions of Stripe and Shopify. For this purpose, we recommend that you go through the terms of service of the payment service providers.
- Access to your Personal Information is limited to employees, agents, partners, and third parties, who we reasonably believe will need that information to enable us to provide Services to you. However, we are not responsible for the confidentiality, security, or distribution of your own Personal Information by our partners and third parties (who have their own privacy policies) outside the scope of our agreement with such partners and third parties.
- When you use our Platform, we collect and store your information, which is provided by you from time to time. In general, you can browse the Platform without telling us who you are or revealing any Personal Information about yourself. Once you give us your Personal Information, you are not anonymous to us. Where possible, we indicate which fields are required and which fields are optional. You always have the option to not provide information by choosing not to use a particular service, product, or feature on the Platform.
HOW DO WE COLLECT YOUR PERSONAL INFORMATION?
-
- We employ various methods to gather information, ensuring a comprehensive understanding of User interactions and preferences. The collection of Personal Information is facilitated through the following processes:
- Information you give us: When you provide us with the information referred to in Clause 2.a through the methods outlined in Clause 2.b;
HOW DO WE COLLECT AND PROCESS ADDITIONAL INFORMATION VIA COOKIES?
In addition to direct User interactions, we leverage cookies and similar technologies to enhance the functionality and User experience on the Website. These allow us to collect and process additional information for various purposes:
- Cookies: We utilize cookies, which are small text files stored on Users’ devices. These cookies assist in tracking User preferences, optimizing the Platform’s functionality, and providing a customized experience. Users have the option to manage cookie preferences outlined through their browser settings. Below are the categories of cookies used on our Platform, along with a description of what they are used for:
- Strictly Necessary Cookies: These cookies are needed to run our Platform, to keep it secure if you are logged in, and to obey regulations that apply to us. They also help us keep your details safe and private;
- Functional Cookies: These cookies are used for remembering things such as your region or country, your preferred language, accessibility options like large font or high-contrast pages, and
- Performance Cookies: These cookies tell us how you and our other Users use our Platform. We combine all this data together and study it. This helps us to improve the performance of our Services and/or the Platform.
- Web Beacons, Pixel Tags, and Trackers: We may employ web Web Beacons, Pixel tags, and tracking URLs, which are tiny graphic images and/or small blocks of code placed on Platform pages, ads, or in our emails that allow us to determine whether you performed a specific action. When you access these pages or when you open an email, you let us know that you have accessed the web page or opened the email. These tools help us measure responses to our communications and improve our web pages and promotions;
- Log Files: Our servers automatically collect information sent by Users’ devices, known as log files. This data may include IP addresses, device information, browser type, and timestamps. Log files are instrumental in analyzing trends, administering the Website, and diagnosing technical issues;
- Third-Party Analytics: We may integrate third-party analytics services to further understand User behaviour. These services utilize their own tracking technologies to compile reports on Platform activity, aiding us in improving our Services.
- Location Data: As part of our Services, we may also collect precise geolocation data, including GPS signals, device sensors, Wi-Fi access points, and cell tower IDs. We collect this type of data if you grant us access to your location. You can withdraw your consent at any time by disabling the GPS or other location-tracking functions on your device;
- Session Management: We study session metrics to understand how Users interact with the Platform. This helps us learn the average time Users spend on the Platform and when they prefer to engage. We use tools like Google Analytics (or alternatives) to collect anonymous data, including the number of views, how long Users stay, and where they’re visiting from. This data allows us to optimize the User experience, making informed enhancements to cater to User preferences and behaviours;
WHY DO WE COLLECT YOUR PERSONAL INFORMATION?
-
- We shall collect your information only for lawful and legally permissible purposes, which are as follows:
- Contractual Necessity: We process your Personal Information to fulfil our contractual obligations with you.
- User Authentication: We collect your information to help us identify you as and when you access the Platform when you register an Account with us or log in, or when you utilize our Services;
- Communicate with you: We use your Personal Information to communicate with you concerning Services via different channels (e.g., by phone, e-mail, chat), including to fulfil your requests when you subscribe to our User plans or to provide you with notices about your Account and/or subscription, including expiration and renewal notices, email-instructions, etc;
- Fraud Prevention and Credit Risks: We use Personal Information to prevent and detect fraud and abuse to protect the security of our Platform;
- Troubleshoot Problems: We use your Personal Information to provide functionality, analyze performance, monitor your usage, fix errors, debug your Account and improve the usability and effectiveness of the Website and/or Services;
- Compliance with law: To be able to perform any contractual and legal obligation;
- Service Improvement: In order to enhance the functionality and User experience of Sumtracker, we may record merchants’ sessions while they are using the Platform. This data collection process is undertaken solely for the purpose of improving the Platform’s performance and features. By using Sumtracker, merchants acknowledge and consent to the recording of their sessions for these purposes. We assure merchants that any recorded sessions will be treated with the utmost confidentiality and used strictly for internal analysis and development efforts aimed at enhancing the overall quality of the service.
- Enhancing User Experience: To analyze User behaviour and preferences for improving our Services and User experience and to be able to provide location-specific services;
- Recommendations and Personalizations: We use your Personal Information to recommend features, products, and Services that might be of interest to you, identify your preferences, and personalize your experience with the Website and/or Services;
- Enhanced Advertising and Marketing Efforts: In our efforts to provide, personalize, measure, and enhance our advertising and marketing endeavours, we engage in several key activities. Firstly, we utilize User information to send promotional and marketing messages, tailoring them to suit individual preferences and interests. Through the analysis of User characteristics and preferences, we aim to send targeted promotional messages that resonate with each User segment. Finally, we extend invitations to Users for events and relevant opportunities, enriching their overall experience with our Platform. You may opt out of receiving any or all, of these communications from us by following the unsubscribe link;
- Providing alerts/notifications: To effectively communicate with you through emails/SMS/notifications through the Website to inform you about any other new Services that we may from time to time develop.
- Providing critical account related information: We may reach out to you to update about any critical information or errors related to your account on Sumtracker platform.
- In the course of operating the Sumtracker Platform and/or Services, we collect and utilize Personal Information in accordance with our Privacy Policy. For Users residing in the United States, particularly in California, Colorado, Connecticut, Delaware, Florida, Iowa, Montana, Nevada, Oregon, Texas, Utah, Vermont, Virginia, or Washington, or are otherwise protected by privacy or consumer health data laws in those jurisdictions, please refer to Schedule -I that supplements our main Privacy Policy and outlines state-specific rights and protections afforded to you.
- For the Users residing outside the United States, specific provisions and disclosures may apply, as detailed in our Supplemental Document (See Schedule -II ). This document provides comprehensive information regarding the processing of Personal Information, including details about responsible controllers, legal bases, User rights, and contact information for inquiries. By referencing this Supplemental Document, Users gain insights into our compliance with regulations such as the General Data Protection Regulation (GDPR) and gain transparency into how their information is handled.
- You consent and recognize that your Personal Information may be disclosed on our Platform authorized by you for the purpose of utilising our Services. Additionally, you agree and acknowledge that we are permitted to communicate with you through messaging, calls, emails, or other means to facilitate the performance of our Services wherever necessary.
WHO DO WE SHARE YOUR PERSONAL INFORMATION WITH AND WHY?
-
- To facilitate our Services and enhance User experience, we may share Personal Information with the following entities:
- Transactions: We may share your Personal Information necessary for transaction processing with our trusted financial or payment gateway partner;
- Third-party Service Providers: We engage the services of third parties to carry out various functions on our behalf, such as payment processing, data analysis, postal and email communications, hosting services, customer service, and continuous integration/continuous deployment (CI/CD) and marketing assistance. While these third-party service providers have access to the necessary Personal Information to fulfil their functions, they are prohibited from using it for any other purposes. Moreover, they are obligated to process the Personal Information in compliance with applicable laws. Further, we do not own or control these third parties. When you interact with these third parties and choose to use their service, you are providing your information to them. Your use of these services is subject to the privacy policies of those providers;
- Affiliates: We may share your information with our affiliates, in which case we will require those affiliates to honour this Privacy Policy. Affiliates may include our parent company and any subsidiaries, joint venture partners, or other companies that we control or that are under common control with us;
- Business Transfers: If we reorganize or sell all or a portion of our assets, undergo a merger, or are acquired by another entity, we may transfer your information to the successor entity. If we go out of business or enter bankruptcy, your information would be an asset transferred or acquired by a third party. You acknowledge that such transfers may occur and that the transferee may decline to honour commitments we made in this Privacy Policy;
- Legal Compliance:
- We may disclose your information to courts, law enforcement, governmental or public authorities, tax authorities, authorized third parties, or other Users, if and to the extent we are required or permitted to do so by law or where disclosure is reasonably necessary to: (i) comply with our legal obligations, (ii) comply with a valid legal request, such as a subpoena or court order, or to respond to claims asserted against Sumtracker, (iii) respond to a valid legal request relating to a criminal investigation to address alleged or suspected illegal activity, or to respond to or address any other activity that may expose us, you, or any other of our Users to legal or regulatory liability, (iv) enforce and administer our agreements with Users, including our Terms, additional legal terms, and policies, (v) respond to requests for or in connection with current or prospective legal claims or legal proceedings concerning Sumtracker and/or third parties, in accordance with applicable law, or (vi) protect the rights, property or personal safety of Sumtracker, its employees, its User, or Users of the public;
- Where legally required or permissible according to applicable law, we may disclose User information to relevant tax authorities or other governmental agencies, depending on where you are based, for the purpose of the tax authorities’ determination of proper compliance with relevant tax obligations;
- Where appropriate and/or legally required, we may notify the User about legal requests unless: (i) providing notice is prohibited by the legal process itself, by court order we receive, or by applicable law, or (ii) we believe that providing notice would be futile, ineffective, create a risk of injury or bodily harm to an individual or group, or create or increase a risk of fraud upon or harm to Sumtracker, our Users, or expose Sumtracker to a claim of obstruction of justice.
- Service Improvement: We may share certain aggregated, anonymized information with third parties (for example, for Google Analytics) in order to assess the Platform usage and information pertaining to the ease of navigation;
- Collaborations: We may share your Personal Information with reputable partners to facilitate joint initiatives, promotions, or integrated services;
- Growth and Expansion: As our Platform evolves and expands, there may be instances where sharing Personal Information with new entities or parties becomes necessary for the enhancement of our Services. Any such sharing will be carried out with the utmost consideration for User privacy and in accordance with relevant legal frameworks.
- We do not ever sell or rent your Personal Information without your express approval.
- We are not responsible for the actions of third parties with whom you share personal or sensitive data, and we have no authority to manage or control third-party solicitations. if you no longer wish to receive correspondence, emails, or other communications from third parties, you are responsible for contacting the third party directly.
HOW LONG DO WE KEEP YOUR PERSONAL INFORMATION?
In compliance with applicable laws, we retain your Personal Information for a duration no longer than necessary for the purpose for which it was collected or as mandated by relevant laws. However, certain data related to you may be retained beyond this period if we reasonably believe it is necessary to prevent fraud, mitigate potential abuse, allow us to exercise our legal rights, defend against legal claims, or fulfil other legitimate purposes required by law or for analytical and research purposes. It is important to note that once your Account has been cancelled or terminated, data from our servers will be scheduled to be deleted within 60 days of cancellation. Users cannot claim access to the data once it’s deleted. If Users delete their Accounts, their data will be immediately deleted. Furthermore, we may continue to retain your Personal Information for the following purposes, including but not limited to:
- Legitimate Business Interest: We may retain your Personal Information as necessary for our legitimate business interests, such as the prevention of money laundering, fraud detection and prevention, and enhancing safety. For example, if we suspend your Account for fraud or safety reasons, we may retain information from that Account to prevent that User from opening a new Account in the future;
- Legal, Tax, Reporting, and Auditing Obligations: We may retain and use your Personal Information to the extent necessary to comply with our legal, tax, reporting, and auditing obligations;
- Shared Information: Information you have shared with others, such as reviews and forum postings, may continue to be publicly visible on Sumtracker, even after your Sumtracker Account is cancelled and
- Residual Copies: Because we take measures to protect data from accidental or malicious loss and destruction, residual copies of your Personal Information may not be removed from our backup systems for a limited period of time.
DO WE TRANSFER YOUR PERSONAL INFORMATION CROSS-BORDER?
-
- Personal Information we hold about you may be transferred to other countries outside your residential country for any of the purposes described in this Policy.
- You understand and accept that other countries may have differing (and potentially less stringent) laws relating to the degree of confidentiality afforded to the information it holds and that such information can become subject to the laws and disclosure requirements of such countries, including disclosure to governmental bodies, regulatory agencies, and private persons, as a result of applicable governmental or regulatory inquiry, court order or other similar processes. In addition, a number of countries have agreements with other countries providing for the exchange of information for law enforcement, tax, and other purposes.
- If we transfer your Personal Information to third parties for purposes stated in this Policy, we will use our best endeavours to put in place appropriate controls and safeguards to ensure that your Personal Information is kept accurate, adequately protected, and processed only for specified and reasonable purposes in a manner that is fair, transparent and has a lawful basis, and is stored for no longer than is absolutely necessary.
THIRD-PARTY SERVICE INTEGRATIONS
Our Services allow you to integrate with Third-Party Integrations. To take advantage of this feature, you may need to authenticate, register for or log into such Third-Party Integrations through the Services or on the websites of their respective providers. When you connect Third-Party Integrations through the Platform, or enable linking between Third-Party Integrations and the Platform, Sumtracker will only collect relevant information (such as authentication tokens) to enable such linkage between the Third-Party Integrations and the Platform. Please see Section 9 of the Terms of Service for more information. When a User enables the Services to link with Third-Party Integrations, the Third-Party Integrations will provide us with access to certain information that you may have provided to the Third-Party Integrations and we will use, store and disclose such information in accordance with this Privacy Policy and the rules that you have set at the backend to govern the linking. Please remember that the manner in which Third-Party Integrations use, store and disclose your information is governed by the policies of such Third-Party Integrations, and Paragon shall have no liability or responsibility for the privacy practices or other actions of any Third-Party Integrations that may be enabled within the Services.
HOW DO WE PROVIDE FOR THE SECURITY OF YOUR PERSONAL INFORMATION WITH US?
- We implement reasonable physical, electronic, and procedural safeguards to ensure the confidentiality and integrity of your information.
- While we work diligently to protect the security of your Personal Information during transmission by using encryption protocols, it’s important to note that we do not accept liability in case of any data loss. Additionally, we do not accept liability for any loss of business or sales resulting from Personal Information updated on the User’s store.
- Despite our comprehensive measures, Users should acknowledge and accept the inherent security implications of data transmission over the Internet and the World Wide Web. Complete security cannot be guaranteed, and inherent risks persist. Therefore, Users bear the responsibility of safeguarding login and password records for their Accounts. We remain committed to continually enhancing our security protocols to address emerging threats and maintain the trust of Users.
HOW DO WE HANDLE DATA BREACHES AND SECURITY INCIDENTS?
-
- In the event of a data breach or security incident, Sumtracker maintains a proactive approach to ensure swift resolution and mitigate potential risks. We have established a comprehensive incident response plan designed to address such occurrences promptly and effectively:
- Identification: We promptly identify and acknowledge any signs of a data breach or security incident within our systems or infrastructure;
- Containment: Immediate action is taken to contain the impact of the breach, preventing further unauthorized access or damage to data;
- Notification: We prioritize transparency by promptly notifying affected parties, including Users and relevant stakeholders, about the breach and its potential impact on their data;
- Collaboration: Sumtracker collaborates with relevant authorities, such as regulatory bodies and law enforcement agencies, to report the incident and comply with any legal obligations or regulatory requirements and
- Post-Incident Assessment: Following the resolution of the incident, we conduct thorough assessments to evaluate the effectiveness of our response measures and identify areas for improvement.
WHAT ARE YOUR RIGHTS AS A DATA SUBJECT?
-
- You, as a data subject, have certain rights to your Personal Information with us, as under:
- Right to access: You can access the information that has been retained by us by visiting your Account section on the Sumtracker dashboard, which will display information supplied by you to us.
- Right to withdraw consent: The consent that you provide for the collection, use, and disclosure of your Personal Information will remain valid until such time it is withdrawn by you in writing. If you withdraw your consent, we will stop processing the relevant Personal Information except to the extent that we have other grounds for processing such Personal Information under applicable laws. We will respond to your request within a reasonable timeframe. You may withdraw your consent at any time by contacting us.
- Right to correction: You are responsible for maintaining the accuracy of the information you submit to us, including but not limited to your contact information provided as part of Account registration. If you wish to make a request to correct or update any of the Personal Information that we hold about you, you may update your information through a convenient automated data deletion form which is available within your User dashboard. For any necessary updates or corrections to your Personal Information, Users can easily modify details using the provided dashboard functionalities;
- Right to Object: You have the right to request that we stop processing your Personal Information. Upon receiving the request, we will contact you and let you know if we are able to comply or if we have legitimate grounds to continue to process your Personal Information. Even after you exercise your right to object, we may continue to hold your Personal Information to comply with your other rights or to bring or defend legal claims and
- Right to Erasure: You have the right to request for erasure of your Personal Information, the processing of which was previously consented to, unless retention is necessary for compliance with any laws.
- In relation to the above, you can exercise such right by sending us an email with your request to support@sumtracker.com along with the necessary proof of identity requirements that we may require prior to processing such a request from you.
- It’s important to note that we may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.
HOW CAN YOU EXPRESS YOUR COMPLAINTS AND CONCERNS?
User satisfaction is one of the key focus areas and an integral part of our Platform’s founding principles and business policies. We strongly believe that User satisfaction is the most important factor in the growth and development of our business and hence, we have adopted User centricity as a priority in developing our business processes. The terms below shall constitute our “User Grievance Redressal Policy” which outlines the framework for addressing User grievances:
-
- Objective: The objective of this Grievance Policy is to provide a framework:
- to ensure the provision of timely and effective resolution of issues raised by the User; and
- to keep the User informed about the manner in which they can reach out to us to resolve their queries and grievances.
- Governing Principles: The policy on grievance redressal is governed by the following principles:
-
- User shall be treated fairly at all times;
- issues raised by Users are always attended to with courtesy and on time;
- Users are provided with effective and satisfactory resolution within a reasonable time period; and
- Users are fully informed of avenues to escalate their issues/ grievances if they are not fully satisfied with the response to their complaints.
- User Support: Any User can reach out to our User support team/ representative through electronic mode by way of an email communication at support@sumtracker.com and
- Must Know: You must know and understand that-
- We DO NOT solicit confidential details like your OTP/CVV/PIN/Card Number/ Bank account details through any means.
- Scamsters/fraudsters attempt various techniques such as ‘phishing’, to contact, influence, and defraud consumers. We regularly caution our Users against sharing any personal or payment-sensitive information with unknown persons as such sharing leads to unauthorized use and/or fraud and consequent financial loss.
- We shall not be liable for any loss, damage, or expense incurred by a User where the User has shared personal and/or payment-sensitive information with scamsters/fraudsters.
- We also request and encourage our Users to report such attempts or incidents to us at support@sumtracker.com to enable us to investigate and explore legal recourse.
HOW ARE CHANGES MADE TO THIS POLICY?
This Policy may be updated at our sole discretion or due to changes in the law. Such changes, unless otherwise stated, will be effective from the day and date of posting on the Platform. We reserve the right to update the Policy without obligation to notify Users. It is recommended to regularly review this Policy for any changes, as your continued access and use of the Platform will be considered your approval and acceptance of all modifications to this Policy. In cases where applicable law mandates, we may notify you of updates through email. If you do not agree with this Policy governing our Platform, please refrain from using the Platform or the Services provided by us.
HOW CAN YOU CONTACT US?
Should you need additional information or have any questions or complaints regarding the handling of your Personal Information, please reach out to us in writing at support@sumtracker.com
Schedule I- Privacy Policy Supplement for Specific Jurisdictions
If you reside in California, Colorado, Connecticut, Delaware, Florida, Iowa, Montana, Nevada, Oregon, Texas, Utah, Vermont, Virginia, or Washington or are otherwise protected by privacy or consumer health data laws in those jurisdictions, this section supplements our main Privacy Policy and outlines specific rights and protections afforded to you.
- Right to Access: You have the right to request access to your Personal Information that is held by Sumtracker.
- Right to Correction: You have the right to correct any inaccuracies in your Personal Information held by Sumtracker. You can submit a verifiable request for correction, and we will promptly update your information as needed.
- Right to Deletion: You may request the deletion of your Personal Information from Sumtracker’s records, subject to certain exceptions permitted by law. We will comply with your request, provided it does not conflict with our legal obligations or legitimate business interests.
- Right to Opt-Out: You have the right to opt out of certain processing activities, such as the sale of Personal Information or the use of Personal Information for targeted advertising purposes. Sumtracker will respect your preferences and refrain from such activities upon your request.
If you disagree with Sumtracker’s response to your privacy rights request or believe your rights have not been adequately addressed, you have the right to appeal. You can submit your appeal in writing to our Data Protection Officer at Ankit Goyal (ankit@sumtracker.com) with the subject line “Appeal of Privacy Rights Request.”
- Data Retention and De-Identification:
Sumtracker is committed to retaining Personal Information only for as long as necessary to fulfil the purposes for which it was collected, as outlined in our main Privacy Policy (see Clause 6). We will also take measures to de-identify personal information in accordance with applicable laws and regulations.
For more detailed information on how Sumtracker handles your Personal Information, including our data collection practices, security measures, and third-party disclosures, please refer to our main Privacy Policy available.
Schedule II- Privacy Policy Supplement- Outside the United States
This supplemental section applies to Users residing outside the United States and serves as an extension of our Privacy Policy. It contains essential information mandated by the General Data Protection Regulation (GDPR), ensuring transparency in data processing practices. Should you have any queries, please refer to the contact details provided below.
This section delineates critical aspects, including controllership of Personal Information, legal bases for processing, User rights, data transfer safeguards, and contact information for further inquiries.
- Controllers of Personal Information:
Controller: For the purposes of the Controller of your Personal Information as defined in this Policy, the Company shall be the Controller.
- Legal Bases for Processing Personal Information:
We process this Personal Information for the purposes outlined in the Privacy Policy (see Clause 4 and Clause 5) given our legitimate interest in improving Sumtracker, including developing and improving our Services, and our Users’ experience with it, and where it is necessary for the adequate performance of the contract with you.
Under applicable law, you have certain rights that we respect and uphold. While some of these rights are applicable in general, others may apply only in specific circumstances. We may request verification of your identity and request details before taking further action on your inquiries.
- Access and Portability: You have the right to request access to certain copies of your Personal Information held by us. In certain cases, you may also request copies of the Personal Information you provided to us in a structured, commonly used, and machine-readable format, or ask us to transmit this information to another service provider where technically feasible;
- Rectification: You can request us to correct any inaccurate or incomplete Personal Information about you that cannot be updated within your Sumtracker Account;
- Erasure: While we generally retain your Personal Information as necessary for contractual performance, legal compliance, and as permitted by law, you have the right to request deletion of your Personal Information, subject to certain limitations and restrictions;
- Withdrawing Consent: If we process your Personal Information based on your consent, you have the right to withdraw consent at any time. Please note that the withdrawal of your consent does not affect the lawfulness of any processing activities performed before its withdrawal;
- Restriction of Processing: You can limit how we use your Personal Information, especially in cases where you contest its accuracy, oppose erasure, no longer require the information for processing purposes, or have objected to processing pending verification of legitimate grounds; and
- Objection to Processing: You have the right to object to the processing of your Personal Information based on specific grounds, such as direct marketing, legitimate interests, or public interests. We will cease processing your Personal Information for these purposes unless we have compelling legitimate grounds or where processing is required for legal claims.
- Operating Globally:To support our global operations, we may transfer, store, and process your information within our network of companies, partners, and service providers. It’s important to note that the laws in other countries may differ from those applicable in your country of residence. In certain situations, courts, law enforcement agencies, regulatory bodies, or security authorities in other countries may have the right to access your Personal Information.