1. INTRODUCTION

ZAP91 Solar India Private Limited ("ZAP91", "Company", "we", "our" or "us"), is committed to protecting and respecting the privacy of individuals whose personal data is collected and processed by us.

This Privacy Policy ("Policy") explains how the Company collects, uses, stores, processes, shares and protects personal data collected through our websites, applications, supplier portals, customer interfaces, business operations, procurement platforms, manufacturing services and other interactions with us.

This Policy applies to customers, prospective customers, suppliers, vendors, service providers, business partners, contractors, website visitors, applicants and other individuals who interact with The Company ("Users", "you", "your").

2. CONSENT

By accessing or using our websites, platforms, products or services, or by otherwise providing your personal data to The Company, you acknowledge that you have read and understood this Policy. Where processing relies on your explicit consent under applicable laws, such consent will be requested separately (e.g., via cookie preferences or form opt-ins).

3. TYPES OF INFORMATION WE COLLECT

We may collect and process the following categories of information:

3.1 Personal Information

We may collect personal information relating to individuals, including but not limited to their name, email address, mobile number, business address, designation, employer details, usernames, account credentials, government-issued identification details (where required), signatures, authorizations, and records of communications and correspondence with us.

3.2 Business Information

Where you interact with The Company on behalf of an organization, we may collect business-related information, including the company name, corporate identification details, GSTIN, PAN and other tax registration information, registered office and operational addresses, banking and payment information, purchase orders, invoices, transaction details, details of authorized signatories, and contractual or commercial documentation.

3.3 Technical and Usage-related Information

When you access or use our websites, applications or digital platforms, we may automatically collect certain technical and usage-related information, including your IP address, device identifiers, browser type and version, operating system information, login and authentication details, browsing and usage activity, access logs, geographic location information (where permitted by applicable law), and information collected through cookies and similar tracking technologies.

3.4 Communications and Support Information

We may collect information that you provide when communicating or interacting with us through contact forms, customer support requests, supplier onboarding processes, vendor registration portals, surveys, feedback forms, email communications, telephone conversations, chat services, and other communication channels.

3.5 Recruitment Information

If you apply for employment, consultancy, internship, or other professional opportunities with The Company, we may collect information relating to your application and professional background, including your resume or curriculum vitae, educational qualifications, employment history, professional certifications, references, background verification information, and records of interviews or recruitment assessments.

3.6 Information Collected Automatically

We may collect information automatically through various technologies and tools, including cookies, web beacons, pixel tags, software development kits (SDKs), application programming interfaces (APIs), analytics platforms, and other similar technologies that help us understand User interactions, improve our services, and enhance User experience.

4. HOW WE COLLECT YOUR INFORMATION

4.1 We may collect information about you from a variety of sources, including directly from you when you interact with us, communicate with us, access our services, or provide information in connection with a business relationship.

4.2 In the course of our business operations, we may obtain information during supplier, vendor, customer, and partner onboarding processes, through contracts and other commercial engagements, and during recruitment and hiring activities.

4.3 We may further collect information from publicly available sources, third-party business partners, service providers, and other entities with whom we have a legitimate business relationship. Additionally, we may collect information through cookies and similar technologies, as well as through customer service interactions, support requests, surveys, and other communications with us.

5. PURPOSE OF COLLECTION AND PROCESSING

We may use personal data for the following purposes:

5.1 Provision of Services

We may use personal data to provide, manage and improve our products and services, including managing customer relationships, conducting procurement and sourcing activities, supporting manufacturing and production operations, managing supply chains, coordinating logistics and deliveries, and processing transactions, invoices and payments.

5.2 Business Operations

We may process personal data for the administration and operation of our business, including contract management, vendor and supplier onboarding and management, customer support, maintenance of internal records, financial reporting, accounting functions, audits, and other business administration activities.

5.3 Platform Management

We may use personal data to operate, maintain and secure our websites, applications, portals and digital platforms, including User authentication, account management, system administration, performance monitoring, troubleshooting, cybersecurity measures, fraud detection and prevention, and protection of our systems and Users.

5.4 Communication

We may use personal data to communicate with you, including responding to enquiries, requests and feedback, providing customer support, sending transactional and service-related communications, notifying you of updates relating to our products, services or business relationship, and otherwise managing our interactions with you.

5.5 Marketing and Business Development

Subject to applicable law and your communication preferences, we may use personal data to provide information regarding our products and services, newsletters, industry insights, event invitations, business updates, promotional materials and other marketing communications that may be of interest to you. You may opt out of receiving marketing communications at any time by following the instructions provided in such communications or by contacting us.

5.6 Legal and Regulatory Compliance

We may process personal data to comply with applicable laws, regulations, court orders and regulatory requirements, fulfil corporate governance obligations, undertake regulatory reporting, manage disputes and investigations, protect our rights and interests, enforce contractual arrangements, and establish, exercise or defend legal claims.

5.7 Recruitment and Human Resources

Where you apply for employment or engagement opportunities with us, we may use personal data for recruitment and human resources purposes, including candidate evaluation, interview management, background verification, reference checks, recruitment administration, workforce planning, and other activities related to hiring and personnel management.

6. DISCLOSURE OF INFORMATION

We may share or disclose your personal data only as permissible under applicable laws and as per terms of this Policy. We may share your personal information in the course of providing any services and processing your transactions and other instructions with different persons and entities such as affiliates or group companies, financial institutions, vendors, service providers, logistic partners, other entities participating in a payment system, business associates, government and regulatory authorities, consultants and internal departments. We take reasonable efforts to ensure that such third-party has implemented measures to assure protection of data and follow practices at least as protective as those described in this Policy. This sharing of User Data is on a need-to-know basis. Some of these third-parties include:

Third Party Service Providers: personal data may be shared with third party service providers (including but not limited to data entry, database management, promotions, products and services alerts, delivery services, payment extension services, authentication and verification services and logistics services) ("Service Providers"). These Service Providers are under a duty of confidentiality to The Company and are only permitted to use your personal data in connection with the purposes specified in clause 5 herein above.

Intra Group transfer of Data: We may disclose and transfer personal data to The Company's subsidiaries, affiliated companies, group companies and/or their designated service providers.

Sharing pursuant to Legal Obligations: We may also disclose and transfer personal data to our professional advisers, law enforcement agencies, insurers, government and regulatory and other organizations, when we believe in good faith that such transfer is necessary to comply with applicable law including to: (i) conform to legal requirements or comply with legal process; (ii) protect rights or property of our Company or its affiliated companies; (iii) fraud protection; (iv) prevention of crime or in the interest of national security; or (v) protection of personal safety of our Users or the public.

Improving our Business: We may use and share your personal information to analyse usage trends, improve our services, develop new features, and enhance User experience. This may include sharing information with our subsidiaries, affiliates, service providers, advertising agencies, or business partners who assist us in optimizing our website and other applications, conducting research, implementing business improvements, or delivering relevant advertisements and marketing communications.

We may also transfer personal data to a potential buyer, acquirer, transferee, assignee, merger partner or their advisors in connection with a sale, transfer, merger, acquisition, consolidation or purchase of some or more of our assets or businesses or in exploration of such a transaction, as well as any restructuring or rearrangement of our operations and business.

7. DATA PROCESSORS AND THIRD-PARTY SERVICE PROVIDERS

The Company may engage third-party service providers to process personal data on its behalf.

Such third parties shall be required to:

  • Process personal data only on documented instructions;
  • Maintain confidentiality obligations;
  • Implement appropriate technical and organizational security measures;
  • Comply with applicable data protection laws;
  • Assist The Company in fulfilling legal and regulatory obligations.

8. COOKIES

8.1 The Company uses "cookies" and similar tracking technologies such as pixel tags, web beacons to enhance User experience, improve our services, and provide personalized content and advertisements. Our website may also allow third-party services to place cookies on your device for analytics, advertising, or audience measurement. These third parties may collect information about your online activities over time and across different websites. We encourage you to review their privacy policies for more details.

8.2 By using our Platform with your browser settings set to accept cookies, you consent to our use of cookies and tracking technologies in the manner described above. Users can modify their browser settings to accept, block, or delete cookies. To manage cookie settings, please visit your browser's settings.

9. DATA SECURITY

9.1 We take the security of its User's information very seriously. All information always remains encrypted. The Company doesn't store any banking information (username, password etc) in any manner.

9.2 All information provided to the Company is stored on its secure servers.

9.3 The Company uses commercially reasonable safeguards to preserve the integrity and security of the Users' information against loss, theft, unauthorized access, disclosure, reproduction, use or amendment.

9.4 In using the website, the Users accept the inherent security implications of data transmission over the internet and the World Wide Web cannot always be guaranteed as completely secure. Therefore, the use of the website will be at the own risk of the Users.

9.5 The Company assumes no liability for any disclosure of information due to errors in transmission, unauthorized third-party access or other acts of third parties, or acts or omissions beyond its reasonable control and the User agrees not to hold The Company responsible for any breach of security unless such breach has been caused as a direct result of gross negligence or wilful default by The Company.

9.6 In the event The Company becomes aware of any breach of the security of the Users' information, it will notify the Users and take appropriate action to the best of its ability to remedy such a breach in accordance with applicable laws.

10. DATA RETENTION

The Company retains your personal information in accordance with applicable laws, for a period no longer than is required for the purpose for which it was collected or as required under any applicable law. However, The Company may retain data related to you if it believes it may be necessary for the following reasons:

  1. To prevent fraud or future abuse;
  2. To respond to a question or complaint, or to show whether we gave you fair treatment;
  3. To establish, exercise or defend our legal claims rights and/or defend against legal claims or if required by law or for other legitimate purposes;
  4. To comply with legal rules that apply to us about keeping records or information in which case we will retain your data for a minimum of 3 (three) years after your account has been terminated or longer depending on Applicable Laws; and
  5. The Company may continue to retain your data in anonymised form for analytical and research purposes.

11. RIGHTS OF DATA PRINCIPALS

Subject to applicable law, including the Digital Personal Data Protection Act, 2023, you may exercise the following rights in relation to your personal data:

11.1 Right to Access Information

You may request information regarding:

  1. The personal data processed by The Company;
  2. The purposes for which such personal data is processed;
  3. The categories of recipients with whom such data has been shared; and
  4. Any other information required under applicable law.

11.2 Right to Correction, Erasure and Deletion

You may request correction, completion, updating, erasure or deletion of your personal data where such information is inaccurate, incomplete, misleading or no longer required for the purposes for which it was collected, subject to legal and regulatory retention requirements.

11.3 Right to Withdraw Consent

You have an option to withdraw your consent that you have already provided by writing to us at the contact information provided below. Please mention "for withdrawal of consent" in the subject line of your communication. The Company will verify such requests before acting upon your request. Please note, however, that withdrawal of consent will not be retroactive and will be in accordance with the terms of this Policy, related terms of use, and applicable laws. In the event you withdraw the consent given to us under this Policy, such withdrawal may hamper your access to the website or restrict the provision of our services to you for which The Company consider that information to be necessary.

11.4 Right to Grievance Redressal

You have the right to raise grievances relating to the processing of your personal data or report any breach of this Policy. In the event you wish to do the same, you may contact the designated Grievance Officer of the Company, at the contact information provided below.

11.5 Right to Nominate

You may nominate another individual who may exercise your rights on your behalf in accordance with applicable law in the event of your death or incapacity.

12. MINORS

12.1 We do not knowingly collect, process, or store personal data of individuals under the age of 18 years. Our services are intended for use only by individuals who have attained the age of majority and are legally permitted to engage in financial transactions under applicable laws.

12.2 If we become aware that personal data of a minor has been collected without verifiable parental consent, we will take appropriate steps to delete such data.

12.3 Parents or legal guardians who believe that a minor has provided their personal data may contact us at details provided below to request deletion or exercise any other rights under Applicable Law.

12.4 Minors are advised not to use the website or provide any personal information. By accessing and using our services, you confirm that you are at least 18 years of age or have obtained parental/legal guardian consent where required.

13. CHANGES TO THIS POLICY

The Company may amend or update this Policy from time to time. Updated versions shall be posted on the relevant website and shall become effective upon publication unless otherwise stated. User agrees that any information The Company holds about User (as described in this Policy and whether or not collected prior to or after the new version of the Policy became effective) will be governed by the latest version of the Policy. Users are encouraged to periodically review this Policy.

14. SEVERABILITY

If any provision of this Policy is held to be invalid, unlawful or unenforceable, the remaining provisions shall continue to remain valid and enforceable.

15. GOVERNING LAW AND JURISDICTION

This Policy shall be governed by and construed in accordance with the laws of India.

16. CONTACT DETAILS AND GRIEVANCE REDRESSAL

For any questions, requests, complaints or concerns regarding this Policy or the processing of personal data, please contact:

ZAP91 Solar India Private Limited
Registered Office:
84/1, Vaishnavi Sovereign, Ground Floor & First Floor,
Green Glen Layout, Bellandur,
Bengaluru – 560103,
Karnataka, India.
Email: info@zap91.com