Introduction

For purposes of the current document, "Pinakastra" or "We" or "Processor" shall mean Pinakastra Computing Private Limited, and all of its direct and indirect subsidiaries.

Data Privacy Policy explains in detail as deemed required by Pinakastra, the manner in which we collect information from and about clients, and what we do with the information, so that you as a client / visitor may opt for whether or not to provide personal information to us.

Pinakastra is sensitive to the private nature of information customers (Controller) provide to it over the Internet and is committed to protecting your privacy. We value and respect the privacy of the data that our customers (Controller) provide us during each interaction.

This Privacy Policy explains the data collection and use practices of the Pinakastra. When the Customer identifies Pinakastra as the Data Pinakastra(Processor) for its Cloud Managed Services by providing resources and services to perform the cloud infrastructure monitoring, system administration and other dev-ops tasks assigned by the person nominated by the Customer.

• The Customer acts as a Data Controller.
• The Customer wishes to subcontract certain Services, which may imply the processing of personal data, to the Data Processor.
• The Parties seek to implement a data processing agreement that complies with the requirements of the current legal framework in relation to data processing and with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
• The Parties wish to lay down their rights and obligations and agree as follows

1. Definitions and Interpretation
   1. Unless otherwise defined herein, capitalized terms and expressions used in Agreement shall have the following meaning:
      1. "Agreement" means this Data Processing Agreement and all Schedules;
      2. "Company Personal Data" means any Personal Data Processed by a Contracted Pinakastra(Processor) on behalf of the Customer pursuant to or in connection with the Principal Agreement;
      3. "Contracted Processor" means a Subprocessor;
      4. "Data Protection Laws" means EU Data Protection Laws and, to the extent applicable, the data protection or privacy laws of any other country;
      5. "EEA" means the European Economic Area;
      6. "EU Data Protection Laws" means EU Directive 95/46/EC, as transposed into domestic legislation of each Member State and as amended, replaced or superseded from time to time, including by the GDPR and laws implementing or supplementing the GDPR;
      7. "GDPR" means EU General Data Protection Regulation 2016/679;
      8. "Data Transfer" means:
         1. a transfer of Customer Personal Data from the Customer to a Contracted Processor; or
         2. an onward transfer of Customer Personal Data from a Contracted Pinakastra(Processor) to a Subcontracted Processor, or between two establishments of a Contracted Processor, in each case, where such transfer would be prohibited by Data Protection Laws (or by the terms of data transfer agreements put in place to address the data transfer restrictions of Data Protection Laws);
      9. "Services" means the "end-to-end IoT, video/audio/data streaming/recording/data analytics or third party platforms" services the Customer provides.
      10. "Subprocessor" means any person appointed by or on behalf of Pinakastra(Processor) to process Personal Data on behalf of the Customer in connection with the Agreement.
   2. The terms, "Commission", "Controller", "Data Subject", "Member State", "Personal Data", "Personal Data Breach", "Processing" and "Supervisory Authority" shall have the same meaning as in the GDPR, and their cognate terms shall be construed accordingly.
2. Processing of Customer Personal Data
   1. Pinakastra (Processor) shall:
      1. Comply with all applicable Data Protection Laws in the Processing of Customer Personal Data; and
      2. Not Process Customer Personal Data other than on the relevant Customer's documented instructions.
   2. The Customer instructs the Pinakastra(Processor) to process Customer Personal Data.
3. Pinakastra (Processor) Personnel
   1. Processor shall take reasonable steps to ensure the reliability of any employee, agent or contractor of any Contracted Pinakastra (Processor) who may have access to the Customer Personal Data, ensuring in each case that access is strictly limited to those individuals who need to know / access the relevant Customer Personal Data, as strictly necessary for the purposes of the Principal Agreement, and to comply with Applicable Laws in the context of that individual's duties to the Contracted Processor, ensuring that all such individuals are subject to confidentiality undertakings or professional or statutory obligations of confidentiality.
4. Security
   1. Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of Processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, Pinakastra(Processor) shall in relation to the Customer Personal Data implement appropriate technical and organizational measures to ensure a level of security appropriate to that risk, including, as appropriate, the measures referred to in Article 32(1) of the GDPR.
   2. In assessing the appropriate level of security, Pinakastra(Processor) shall take account in particular of the risks that are presented by Processing, in particular from a Personal Data Breach.
5. Subprocessing
   1. Pinakastra(Processor) shall not appoint (or disclose any Customer Personal Data to) any Subprocessor unless required or authorized by the Customer.
6. Data Subject Rights
   1. Taking into account the nature of the Processing, Pinakastra(Processor) shall assist the Customer by implementing appropriate technical and organizational measures, insofar as this is possible, for the fulfilment of the Customer obligations, as reasonably understood by Customer, to respond to requests to exercise Data Subject rights under the Data Protection Laws.
   2. Processor shall:
      1. Promptly notify Customer if it receives a request from a Data Subject under any Data Protection Law in respect of Customer Personal Data; and
      2. Ensure that it does not respond to that request except on the documented instructions of Customer or as required by Applicable Laws to which the Pinakastra(Processor) is subject, in which case Pinakastra(Processor) shall to the extent permitted by Applicable Laws inform Customer of that legal requirement before the Contracted Pinakastra(Processor) responds to the request.
7. Personal Data Breach
   1. Processor shall notify Customer without undue delay upon Pinakastra(Processor) becoming aware of a Personal Data Breach affecting Customer Personal Data, providing Customer with sufficient information to allow the Customer to meet any obligations to report or inform Data Subjects of the Personal Data Breach under the Data Protection Laws.
   2. Processor shall cooperate with the Customer and take reasonable commercial steps as are directed by Customer to assist in the investigation, mitigation and remediation of each such Personal Data Breach.
8. Data Protection Impact Assessment and Prior Consultation
   1. Processor shall provide reasonable assistance to the Customer with any data protection impact assessments, and prior consultations with Supervising Authorities or other competent data privacy authorities, which Customer reasonably considers to be required by article 35 or 36 of the GDPR or equivalent provisions of any other Data Protection Law, in each case solely in relation to Processing of Customer Personal Data by, and taking into account the nature of the Processing and information available to, the Contracted Processors.
9. Deletion or return of Customer Personal Data
   1. Subject to this section 9 Pinakastra(Processor) shall promptly and in any event within 10 business days of the date of cessation of any Services involving the Processing of Customer Personal Data (the "Cessation Date"), delete and procure the deletion of all copies of those Customer Personal Data.
   2. Processor shall provide written certification to Customer that it has fully complied with this section 9 within 10 business days of the Cessation Date.
10. Audit rights
    1. Subject to this section 10, Pinakastra(Processor) shall make available to the Customer on request all information necessary to demonstrate compliance with this Agreement, and shall allow for and contribute to audits, including inspections, by the Customer or an auditor mandated by the Customer in relation to the Processing of the Customer Personal Data by the Contracted Processors.
    2. Information and audit rights of the Customer only arise under section 10.1 to the extent that the Agreement does not otherwise give them information and audit rights meeting the relevant requirements of Data Protection Law.
11. Data Transfer
    1. The Pinakastra(Processor) may not transfer or authorize the transfer of Data to countries outside the EU and/or the European Economic Area (EEA) without the prior written consent of the Customer. If personal data processed under this Agreement is transferred from a country within the European Economic Area to a country outside the European Economic Area, the Parties shall ensure that the personal data are adequately protected. To achieve this, the Parties shall, unless agreed otherwise, rely on EU approved standard contractual clauses for the transfer of personal data.
12. General Terms
    1. Confidentiality. Each Party must keep this Agreement and information it receives about the other Party and its business in connection with this Agreement ("Confidential Information") confidential and must not use or disclose that Confidential Information without the prior written consent of the other Party except to the extent that:
       • (a) disclosure is required by law;
       • (b) the relevant information is already in the public domain.
    2. Notices. All notices and communications given under this Agreement must be in writing and will be delivered personally, sent by post or sent by email to the address or email address set out in the heading of this Agreement at such other address as notified from time to time by the Parties changing address.
13. Complete Understanding; Modification
    1. This Agreement, including any and all Attachments and Schedules attached hereto, constitutes the full and complete understanding and agreement between the Customer and the Data Pinakastra(Processor) and supersedes all prior or contemporaneous negotiations, discussions or agreements, whether written or oral, between the parties regarding the subject matter contained herein. Any waiver, modification or amendment of any provision of this Agreement will be effective only if in writing and signed by both the Customer and the Data Processor.
14. Governing Law and Jurisdiction
    1. It is the intention of the parties to this Agreement that this Agreement and the performance under this Agreement, and all suits and special proceedings under this Agreement, be construed in accordance with and governed, to the exclusion of the law of any other forum, by the laws of the State of Karnataka, India, without regard to the jurisdiction in which any other action or special proceedings may be instituted.
15. Type of Data Collection and Methods.
    During usage of the website as a visitor or client, and at other times, Pinakastra may require you to provide it with personally identifiable information or you may elect to provide Pinakastra with personally identifiable information.
    The personally identifiable information you provide may include your name, company, job title, address and email address and facts about yourself, your business, profession and product preferences.
    In addition, Pinakastra 's web servers may use automated technical means to collect personal information about our website visitors for example – by using cookies about website usage information from you when you visit the website.
    Website usage information informs Pinakastra about how visitors and subscribers use and navigate the websites, including the number and frequency of users to each web page, their IP address, and the length of their stays.
16. Usage of Data collected.
    The personal information collected on the website will be used to operate the website and to process service requests, handle orders, deliver products and services, process payments and to provide the services or carry out the transactions you have requested. In Support of these uses, Pinakastra may combine the personally identifiable information you have provided to it on the website with other information about you that is available to it, including website usage information and information from other sources. Pinakastra may use this information to enable it to process, validate and verify requests for products and services and for the purposes for which you specifically provided the information; to improve your experience on the website; to improve and develop new products, features and services; to alert you to new products and services and special offers; to provide marketing with aggregate information about the user base and usage patterns; to allow Pinakastra to personalise the advertising users see based on their personal characteristics or preferences, and for other purposes. Personal information collected from you may be stored and processed in the country in which Pinakastra operates or maintains facilities and may be transferred to third party suppliers by Pinakastra, in order to help Pinakastra to improve the content of the website, provide you with the products or services requested, to consider and respond to any application for employment made, and to help service providers to perform services on its behalf. By using the website, you consent to any such transfer of information as deemed required and necessary by Pinakastra. Pinakastra may disclose any information about you to law enforcement agencies, government officials or other authorities, as Pinakastra, in its sole discretion, believes necessary or appropriate in the circumstances. We use visitor's information provided to us via chat, email, web forms and other communications to correspond with the visitor about services they may be interested in purchasing. If the visitor selects a service online using a web form, we will use the information to establish their account and for quality assurance purposes. Information submitted by the visitor in writing, such as chat, email, and web form information is archived and may be tied to information that we collect about visitor's web visits. Unless the visitor expressly mentions that a telephone call should be recorded, we may not record telephone conversations, but we may enter information provided by the visitor via telephone into our systems for the aforesaid usage.
17. Access and updates to Personal Identifiable Information
    The personally identifiable information we collect about you is stored in limited access servers. Pinakastra maintains safeguards to protect the security, integrity, and privacy of these servers and your personally identifiable information.We always strive to make sure that the information we hold about the visitor is accurate and up to date, if the visitor is under the belief that any information we are holding about him/her is incorrect or incomplete, please write to us or e-mail us as soon as possible, at support@Pinakastra.in. We will promptly correct any information found to be incorrect.
18. Placement of Cookies.
    Like most websites, Pinakastra automatically collects information and data through the use of "cookies" to help us recognize visitors as unique visitors. A "Cookie" is a small text file that is placed on your hard disk by a web page server which enables a website to recognise repeat users, facilitate the user's ongoing access to and use of the website and allows a website to track usage behaviour and to tailor content or advertisements to match visitors preferred interest;compile aggregate data that will allow content improvements and targeted advertising. A cookie will not provide Pinakastra with personal information, therefore, if you have not supplied Pinakastra with any personal information, you can still browse the website anonymously. You have the ability to accept or decline cookies. Most web browsers automatically accept cookies, however you can modify your browser setting to decline cookies if you prefer. If you choose to decline cookies, you may not be able to fully experience the interactive features of this or other websites which you visit.
19. IP Address Tracking
    If you are connected to the internet you will have an IP Address. The address will be automatically collected and logged as part of the connection of your computer to Pinakastra' web server and may be used to determine the total number of visits to each part of the website. If there is a security breach the relevant IP Address will be identified by the Internet Service Provider and the user may be contacted.
20. Third Party Web Sites Links.
    We recommend all our visitors to review their Data Privacy Policies before submitting their personal data. We may provide links to third-party websites for the visitor's convenience and information with visitors prior consent,if possible. Data privacy policies of third party sites may differ from Pinakastra's practices and are not controlled by Pinakastra and are not covered by this Privacy Statement. We do not make any representations about third-party websites. Pinakastra recommends that you review the privacy policy at each such website to determine how that website protects your privacy.
21. Data Privacy Policy Modifications
    Pinakastra may amend this Privacy Policy from time to time, and will post any changes here as a new modified form of document and only keeping the latest in force policy document on the website, so that you are familiar with the Privacy Policy changes adopted by Pinakastra. Notwithstanding the right to amend the Privacy Policy as aforesaid, Pinakastra will never materially change privacy policies and practices to make them less protective of personal information collected in the past without the visitor's prior consent.