Privacy Policy and Security
We at the UNLISTEDKART group i.e., UnlistedKart Private Limited & Qapita Group Companies and its subsidiaries, (“the Company/Unlistedkart/We/Us/UNLISTEDKART”) are committed to protecting the privacy and security of your personal information. Your privacy is important to us and maintaining your trust is paramount.
This Privacy Policy explains how we collect, use, process and disclose information about you. By using our website/app and affiliated services, you consent to the terms of our privacy policy (“Privacy Policy”) in addition to our Terms of Use. We encourage you to read this Privacy Policy regarding the collection, use, and disclosure of your information from time to time to keep yourself updated with the changes & updated that we make to this Policy.
Definitions
For the purposes of this Privacy Policy:
You means the individual accessing or using the Service, or the company, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable.
Company (referred to as either “the Company”, “We”, “Us” or “Our” in this Agreement) refers to Unlistedkart LLC, 1206 12th floor ‘A’ Wing , Mittal towers, MG Road Next to Citi Bank, Bangalore 560001.
Affiliate means an entity that controls, is controlled by or is under common control with a party, where “control” means ownership of 50% or more of the shares, equity interest or other securities entitled to vote for election of directors or other managing authority.
Account means a unique account created for You to access our Service or parts of our Service.
Website refers to Unlistedkart, accessible from Unlsitedkart.com
Service refers to the Website
Country refers to: Karnataka, India
Service Provider means any natural or legal person who processes the data on behalf of the Company. It refers to third-party companies or individuals employed by the Company to facilitate the Service, to provide the Service on behalf of the Company, to perform services related to the Service or to assist the Company in analyzing how the Service is used.
Third-party Social Media Service refers to any website or any social network website through which a User can log in or create an account to use the Service.
Personal Data is any information that relates to an identified or identifiable individual.
Cookies are small files that are placed on Your computer, mobile device or any other device by a website, containing the details of Your browsing history on that website among its many uses.
Usage Data refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).
Information we collect.
The following information is collected by or on behalf of UNLISTEDKART.
Information You provide us.
When you start using the App Services, we ask you to provide certain information as part of the registration process, and during your interface with the App. We will collect this information through various means and in various places through the App Services, including account registration forms, contact us forms, or when you otherwise interact with UNLISTEDKART including at customer support.
At the time of registration, we ask for the following personal information. Name (First Name, Last Name); Mobile Number; Email ID; Date of Birth; PAN Card
Pursuant to the services consumed by You from time to time, we may explicitly seek additional information including address, payment, or banking information, DEMAT information and any other governmental identification numbers or documents. You may choose to provide such information if you wish to use the services provided by the App.
We will also maintain a record of the information you provide to us when using customer support services.
From time to time, during your use of the App Services, UNLISTEDKART may require access to certain additional information such as SMS & contact details. Prior to accessing any such additional information, explicit consent shall be sought from you. Please note that even after consent has been provided by you, we only read transactional or promotional SMS and do not open, access, or read any personal SMS.
Certain features may be restricted, unavailable or unusable if you choose not to provide certain information.
Information created when You use our App Services.
We collect information relating to your use of our website/app using various technologies. This includes transaction details related to your use of our services including the type of services you requested, the payment method, amount, and other related transactional and financial information. Further, when you visit our website/app, we may log certain information such as your IP address, browser type, mobile operating system, manufacturer and model of your mobile device, geolocation, preferred language, access time, and time spent. We will also collect information about the pages you view within our sites and other actions you take while visiting our website/app.
We also maintain some records of users who contact us for support, for the purpose of responding to such queries and other related activities. However, we do not provide this information to any third party without your permission or utilize the same for any purposes not set out hereunder.
How We Use the Information we collect
We may use, store, and process the information provided by you to
Improve the App Services.
Create and maintain a trusted and safe environment on UNLISTEDKART (such as complying with our legal obligations and compliance with our policies).
Provide, personalise, measure, and improve our products & services.
The information collected through different channels, allows us to collect statistics about our website/app usage and effectiveness, personalise your experience whilst you are on our website/app, as well as customize our interactions with you and to enhance the scope of the App Services. The following paragraphs describe in more detail how we use your personal information.
Providing, understanding & improving App Services
Any information provided by you will be used for creating and updating your Account and processing your transaction(s) or for any other purposes for which you have granted access to such information to us, based on your interaction with the UNLISTEDKART App.
To complete a financial transaction, we may share financial information (such as payment mode details) provided by you with authorised third parties, for instance, our Payment gateway service providers, business partners, financial teams/institutions, or postal/government authorities involved in fulfilment of the said transactions, if any. This does not include any information collected from e-mails. In connection with a financial transaction, we may also contact you as part of our customer satisfaction surveys or for market research purposes.
We may use the information collected to perform internal operations necessary to provide our services, including to troubleshoot software bugs and operational problems, to conduct data analysis, testing and research and to monitor and analyse usage and activity trends. We process this personal information for these purposes given our legitimate interest in improving the App Services.
To expand the scope of our App services, we may from time to time, seek additional information and financial documents such as information related to investments in equity, mutual funds, and other documents. Any such collection of additional information & documents shall be subject to an explicit & purpose specific consent sought from all Users.
Safety, security, and resolution of issues
We may use your personal information, created as part of payment services availed by you, to ensure that your access and use of payment services follows our legal obligations (such as anti-money laundering regulations). We may share such information, with our advisors, third party service partners and providers for a seamless experience for you.
We may use the information to create and maintain a safe environment and use the same to detect and prevent fraud, span, abuse, security incidents and other harmful activity.
We use the information we collect (including recordings of customer support calls) to assist you when you contact our customer support services to investigate & resolve your queries, monitor, and improve our customer support responses. Certain online transactions may involve us calling you. They may also involve online chats. Please be aware that it is our general practice to monitor and, in some cases, record such interactions for staff training or quality assurance purposes or to retain evidence of a particular transaction or interaction.
We intend to protect your personal information and to maintain its accuracy as confirmed by you. We implement reasonable physical, administrative, and technical safeguards to help us protect your personal information from unauthorised access, use, and disclosure. For example, we encrypt all sensitive personal information such as Account information when we transmit such information over the internet. We also require that our commercial partners and vendors protect such information from unauthorised access, use, and disclosure.
We blend security at multiple steps within our products with state-of-the-art technology to ensure our systems maintain strong security measures. The overall data and privacy security design allows us to defend our systems ranging from low hanging issue up to sophisticated attacks.
We are committed to protecting your data as if it were our own. If you are a security enthusiast or a researcher and you have found a possible security vulnerability on Unlistedkart products, we encourage you to report the issue to us responsibly.
You could submit a bug report to us at [email protected] with detailed steps required to reproduce the vulnerability. We shall put best of our efforts to investigate and fix the legitimate issues in a reasonable time frame, meanwhile, requesting you not to publicly disclose it.
Sharing & Disclosure of data with Third Parties
As required by law, at times we might be required to disclose your personal information including personal, transactional, and financial information to relevant regulatory, and governmental authorities and also to our advisors such as law firms and audit firms while responding to request from the regulatory authorities. In some cases, when we believe that such disclosure is necessary to protect our rights, or the rights of others, or to comply with a judicial proceeding, court order, or legal process served on our website/app we would share such information pursuant to a lawful request from law enforcement agencies.
Subject to explicit and prior consent from a you, we may use information created by your use of our App services, not including information collected from other sources such as e-mails etc. for marketing purposes. This consent is purely voluntary, and you may at any time choose not to receive marketing materials from us by following the unsubscribe instructions included in each e-mail you may receive, by indicating so when we call you, or by contacting us directly. Further, if you want to remove your contact information from all our lists and newsletters, please click on the unsubscribe button on the emailers or send an email request to [email protected].
Subject to explicit and prior consent from you, we may disclose certain information that is created by your use of our App services, not including information collected from other sources such as e-mails etc. to other affiliate entities and partners that are not acting as our suppliers or business partners. For the sake of clarity, we do not sell or lease such information.
Some of our campaigns/programmes/related events may be co-branded, that is sponsored by both the third parties and us. If you sign up for such campaigns/programmes/related events, please note that your information may also be collected by and shared with those third parties. We urge you to familiarise yourself with their privacy policies to gain an understanding of the way they will handle information about you.
We may display targeted or non-targeted third-party online advertisements on the UNLISTEDKART website/app. We may also advertise our activities and organizational goals on other websites/apps. We may collaborate with other website/app operators as well as network advertisers to do so. We request you to read and understand such concerned third party privacy policies to understand their practices relating to advertising, including what type of information they may collect about your internet usage. No personally identifiable information is shared with any third-party online advertiser or website or app as part of any such activity. Unlistedkart does not provide any information relating to your usage to such website operators or network advertisers.
During your use of the App services, you may come across links to third party websites/apps that are not affiliated with Unlistedkart. Unlistedkart is not responsible for the privacy practices or the content of those other websites, or for any acts/ omissions by such third parties during your transaction with them.
Account Archival/Deletion
We provide all our Users an option to request the archival/deletion a specific account by reaching out to the support through [email protected]. Following such request, we archive all such information related to the specific account including but not limited to profile information, Account data, transaction details, reward details, referrals details, statement details, google oath sessions etc. that we are not required to retain.
In certain circumstances, we may be unable to delete your account, such as if there is any outstanding dispute or unresolved claims pending on your account or for the sake of legal reasons required to store the data for access. In such instances the data will be encrypted and only be accessible to the law authorities and you will be reached out before providing any such information to the authorities. However, upon resolution of the issue preventing deletion, the information is immediately archived/deleted and cannot be recovered thereafter. note that we may retain certain information if necessary for our own legitimate business interests such as fraud prevention and enhancing users’ safety and security or to fulfil our legal obligations and compliance.
You also have the option to request for an account deactivation/archival instead. This will temporarily block your access to UNLISTEDKART App until you send a re-activation request on [email protected] and successfully re-activate your account.
Cookies
We use data collection devices such as “cookies”, etc. on certain parts of the App to help analyse the App Services, user interaction with the App, measure promotional effectiveness, and promote trust and safety. For the sake of clarity, “cookies” are small files placed on your device hard-drive/storage that assist us in providing the App Services. Please be informed that we offer certain features via the App that are only available using a “cookie”.
We also use cookies to allow you to enter a particular password less frequently during a session. Cookies also help us obtain information that assists us in curating the Services more targeted to your interests. You are always free to decline our cookies if your device permits, although in that case you may not be able to use certain features on the app and you may be required to provide a password more frequently during a session.
Changes to Privacy Policy
Unlistedkart reserves the right to change this policy from time to time. Any changes shall be effective immediately upon the posting of the revised Privacy Policy. We encourage you to periodically review this page for latest information on our privacy practices.
Privacy Questions and Access
If you have questions, concerns, or suggestions regarding our Privacy Policy, we can be reached using the contact information on our “Contact Us” page or at [email protected]. In certain cases, you may have the ability to view or edit your personal information online. In the event your information is not accessible online, and you wish to obtain a copy of information you provided to us, or if you become aware the information is incorrect and you would like us to correct it, please contact us immediately.
Before we can provide you with any information or correct any inaccuracies, however, we may ask you to verify your identity and to provide other details to ascertain your identity and to help us to respond to your request. We will contact you within 30 days of your request.
Grievance Redressal Officer
If you have a grievance regarding our privacy policy or data usage practices, you may reach out to our Grievance Redressal Officer at the details below:
Grievance Redressal:[email protected]
s, consultants, or contractors be liable to you or any third party for any special, incidental, indirect, consequential or punitive damages or losses whatsoever, or damages for loss of data or profits, goodwill, and/ or other intangible loss, whether or not foreseeable and regardless of whether UnlistedKart Private Limited & Qapita Group Companies has been advised of the possibility of such damages, or based on any theory of liability, including breach of contract or warranty, negligence or other tortious action, or any other claim arising out of or in connection with your use of, or access to, the App or App Services.
In no event shall UnlistedKart Private Limited & Qapita Group Companies’s total cumulative liability to You in connection with the App Services for all damages, losses and causes of action, arising from or relating to these terms and conditions exceed the net fees UnlistedKart Private Limited & Qapita Group Companies has received and retained from your valid transactions during the three (3) month period immediately preceding the date of the claim.
Security
Best practices to follow
We have always placed your security first on UNLISTEDKART. To ensure maximum security, we have made a simple list of security to-do’s you can follow:
Never divulge your personal bank details like card number, CVV, PIN, and OTP in any medium, including calls, texts, or emails.
We will never, ever ask you for any of the sensitive details mentioned above.
We will never call you and ask to do any payment transaction on the app or install any remote access software such as TeamViewer, any desk, etc.
Never respond to such emails, texts, or phone calls.
Our customer support can only be reached via the app. please do not engage with phone numbers that claim to be of our support team.
Privacy Practices
We do not sell your personal information to or share it with unaffiliated third parties for their own advertising or marketing purposes without your explicit consent.
Cloud Infrastructure
UNLISTEDKART is hosted on a Virtual Private Cloud on Amazon Web Services which provides a secure and scalable technology platform to ensure we can provide you services securely and reliably.
Perimeter Security
We have deployed Defence in Depth Architecture using a network firewall, web application firewall, DDoS protection layer, and a content delivery network. Our infrastructure is launched in compliance with the AWS Well Architected Framework and from the security perspective incorporating practices from the AWS Cloud Adoption Framework. We have a 3-Tier Architecture which incorporates best practices from various standards and certifications.
We have strict network segmentation and isolation of environments and services in place.
Host Security
We use industry leading solutions around anti-virus, anti-malware, intrusion prevention systems, intrusion detection systems, file integrity monitoring, application control, application and audit log aggregation, and automated patching. All our servers are launched using the Centre for Internet Security Benchmarks for Amazon Linux.
Data Security
We employ separation of environments and segregation of duties and have strict role-based access control on a documented, authorized, need-to-use basis. We use key management services to limit access to data except the data team. Stored data is protected by encryption at rest and sensitive data by application-level encryption. We use data replication for data resiliency, snapshotting for data durability and backup/restore testing for data reliability.
Incident and Change Management
We have deployed mature processes around Change Management which enables us to release thoroughly tested features for you both reliably and securely enabling you to enjoy the UNLISTEDKART experience with maximum assurance.
We have an aggressive stance on Incident Management on both Systems downtime and Security and have a Network Operations Centre and an Information Security Management System in place which quickly reacts, remediates, or escalates any Incidents arising out of planned or unplanned changes.
Vulnerability Assessment and Penetration Testing
We have an inhouse network security team which uses industry leading products to conduct manual and automated VA/PT activities. We employ both static application security testing and dynamic application security testing which is incorporated into our continuous integration / continuous deployment pipeline. We also leverage CERT-IN certified auditors to do periodic external security testing and audits. All compliance/audit statuses will be updated in this section in this policy.
Responsible Disclosure
We at UNLISTEDKART are committed about our customer’s data and privacy. We blend security at multiple steps within our products with state-of-the-art technology to ensure our systems maintain strong security measures. The overall data and privacy security design allows us to defend our systems ranging from low hanging issue up to sophisticated attacks. If you are a security enthusiast or a researcher and you have found a possible security vulnerability on UNLISTEDKART products, we encourage you to report the issue to us responsibly. You could submit a bug report to us at [email protected] with detailed steps required to reproduce the vulnerability. We shall put best of our efforts to investigate and fix the legitimate issues in a reasonable time frame, meanwhile, requesting you not to publicly disclose it.