.svg){kind=small}
Privacy Notice
.svg){kind=small}
.svg){kind=small}
.svg){kind=small}
.svg){kind=small}
.svg){kind=small}
.svg){kind=small}
Introduction
This Privacy Notice is for the clients and users of ‘Consentin’ a digital personal data governance tool owned and operated by Leegality (incorporated Grey Swift Pvt. Ltd.) We have explained in simple language how we handle and protect personal data as part of your usage of the Consentin platform.
.svg)
Is this Policy applicable to you?
This policy applies to you:
- If you are a Consentin Client (an enterprise using our Consentin platform),
- If you are an end-user (‘User’) of one of our Clients (for example, you are managing your consent preferences on a website that uses Consentin),
- If you are just visiting our product informational website.
.svg)
Our role in your Privacy
Our role changes depending on who you are. This is important because it determines who is responsible for your data.
- If you are a ‘Consentin Client’: We act as the ‘Data Fiduciary’ for your information (like your name, email, and billing details). However, we act as the ‘Data Processor’ for the personal data of your Users whose consent preferences and data you manage through our platform.
- If you are providing your consent/ cookie preferences as a ‘User’ to a Consentin Client: We act as a ‘Data Processor’ acting on the instructions of our Client, the ‘Data Fiduciary’.
This means we only process your personal data to help us provide our service to the Consentin Client in accordance with their instructions or as required by law. The Consentin Client is responsible for making sure that your personal data is treated in accordance with applicable data protection laws. That includes informing you how service providers (like us) collect and use data on their behalf. - If you are visiting our website: We act as the ‘Data Fiduciary’ of the personal data we collect about your visit to our website and the personal data that you provide us through the website.
.svg)
What Information do we process?
We are committed to protecting your privacy by collecting limited personal data through the Consentin tool. The table below outlines the data we collect/ process data as a data processor or data fiduciary:
As a Data Processor acting on behalf of Consentin Client
Data Collected/ Processed by Consentin as a Data Processor
Purpose and how it’s used
User Profiles and Identifiers
To link consent records, preferences and data rights requests to specific Users.
Consent Preferences (granted, denied, withdrawn), Timestamps, and Purpose
To maintain an auditable record of consent provided by Users for our Clients.
Name, Email ID, Phone number
Our Clients may share User data optionally with us so we can assist in notifying Users about any updates or changes in how their personal data is managed by the Clients.
Data Principal Rights Requests
To help our Clients to receive, manage, and fulfill requests from their Users (e.g., requests for access, correction, or erasure of data).
Cookie Preferences
To manage and ensure implementation of cookie consent choices made by Users on our Client's websites and applications.
Reports and metadata from Consentin Lens (data discovery tool)
We may process reports, data lineage maps, and metadata to help our Clients understand where personal data resides in their systems. This data is not exported or stored outside Client systems and Consentin does not store actual personal data discovered by Lens.
As a Data Fiduciary
Data Collected/ Processed by Consentin as a Data Fiduciary
Purpose and how it’s used
Cookies, Usage patterns and Demographic details
We may collect personal data such as your URL clickstreams, products/services viewed, page response times, how long you stay on our pages, what you do on those pages- for analytics, improvement of the services and product offerings, marketing and promotional purposes.
Personal details provided on marketing form fills and interaction with advertisements
We may collect your name, mobile number, email address, organization details, social media profile and other details that you may provide when you fill out marketing forms or interact with our advertisements. We may also collect your personal data that is publicly available or from third parties providing such data for marketing purposes. This information helps us respond to your inquiries, provide relevant information about our services, and improve our marketing efforts.
Name, Email ID, Mobile Number, Access credentials, Company Details, Billing Information
If you are a Consentin Client, we may collect and process your data to create and manage your account, provide access to our tools, process payments, and communicate with you about product updates and support.
.svg)
How do we store and protect your data?
- Location: We store and process all data on secure Amazon Internet Services Private Limited servers within India, in compliance with the Digital Personal Data Protection Act, 2023 and rules.
- Pseudonymised identifiers: We store User preferences and consent records against a unique, pseudonymized identifier.
- Security Measures: We use advanced security measures, including end-to-end encryption and secure data storage, to protect your data from loss or unauthorised access. Our information security practices are certified under ISO/IEC 27001:2022 (Information Security Management Systems), ISO/IEC 27017:2015 (Cloud Service Security Controls) and ISO/IEC 27018:2019 (Protection of Personally Identifiable Information in Cloud Environments) , which are audited regularly. Access to data is granted strictly on a “need-to-know” basis.
While we take all reasonable measures to protect your information, no system is completely immune to risks. We cannot guarantee absolute security against malicious attacks or unforeseen breaches that are not wilfully caused by us.
.svg)
Third parties who process your data
We may use trusted third-party service providers to help us deliver our services. We only share data that is necessary for them to perform their function and ensure they follow strict data protection standards.
Third-Party Processor
Purpose
Amazon Internet Services Pvt. Ltd. (AISPL)
To host our platform and store data securely.
Email & SMS Providers
For sending account-related notifications and communications.
Payment Service Providers
To process payments for our services from Clients.
Translation Service Providers
To translate consent/privacy notices to Indian languages as per client requirements
Marketing and Analytics Partners
To analyse website traffic and manage marketing communications.
Additionally, we may be required to disclose information when legally obligated to do so by courts or other competent authorities under applicable law.
.svg)
Your privacy choices and rights
You have the right to access, update, or delete your personal data. We respect your rights over your personal data and strive to make it easy for you to exercise them.
You can reach out to us to:
- Access information about what personal data we hold about you;
- Manage or withdraw your consent;
- Correct, update or complete your personal data records
- Delete/ erase your personal data with Leegality here.
- To nominate someone to manage your information in case of your death or if you are unable to do so yourself.
- Raise any concerns or grievances about how we handle your data
We will make the changes promptly unless we are required to retain the personal data records and information as is under any applicable law or contractual obligations to Leegality Clients. We will also inform you and keep you updated about the action taken to process your request.
- Name: Prakhar Agrawal
- Email: support@leegality.com
- Address: First Floor, Plot No. 444, Phase III, Udyog Vihar III, Sector 18, Gurugram
Grievance Redressal
For the above mentioned actions, you can contact our Data Protection and Grievance Officer at:
- Name: Prakhar Agrawal
- Email: support@leegality.com
- Address: First Floor, Plot No. 444, Phase III, Udyog Vihar III, Sector 18, Gurugram
We’re here to help and will do our best to respond to your concerns at the earliest and within a period of 90 days.
.svg)
Cookies
Our website uses cookies to improve your experience. You can manage your preferences at any time through the cookie consent banner on our site here or by adjusting your browser settings. If you turn off cookies, you can still use our website, but some features might not work as effectively.
.svg)
Marketing and Promotional activities
We will inform you before collecting your data if we intend to use it for marketing. You can opt-out from receiving marketing communications at any time by clicking the ‘unsubscribe’ link in our emails or by emailing us at support@leegality.com.
.svg)
Legal requirements
Our company is based in India, and this Privacy Notice is governed by the laws of India. Any disagreement about this policy will be resolved in accordance with Indian laws and through arbitration in Delhi, India.
While you might be able to access our platform from other countries, we don’t actively promote or advertise our services outside India.
If you are accessing our platform from outside India, please note that we do not guarantee that this Privacy Notice complies with any other country’s laws. If your local laws don’t match what’s in this Notice or Indian laws, we recommend that you reconsider using our services.
.svg)
Updates to the Policy
We may update this policy from time to time to reflect changes in our practices or the law. We will post any changes on this page, and for significant changes, we will notify our Clients by email.
This policy was last updated on January 9, 2025.
