Effective Date: January 20, 2025
Last Updated: January 20, 2025
Version: 5.0
Compliance Framework: Digital Personal Data Protection Act, 2023
VENTURECORE SOLUTIONS PRIVATE LIMITED ("Company," "we," "us," or "our"), operating the Pirento platform, is committed to protecting the privacy and security of personal information entrusted to us by our users. This Privacy Policy describes how we collect, use, process, store, share, and protect personal information in connection with our comprehensive life management ecosystem and integrated services.
Our privacy practices are designed to comply with the Digital Personal Data Protection Act, 2023 ("DPDPA"), the Information Technology Act, 2000, and other applicable Indian data protection laws and regulations. We recognize that privacy is a fundamental right and that transparent, accountable data handling practices are essential for maintaining user trust and providing effective services.
This Privacy Policy applies to all personal information collected through our platform, including our five service verticals: Pirento Intern (Professional Evolution Hub), Pirento Capital (Wealth Wisdom Ecosystem), Pirento Vault (Digital Immortality Platform), Pirento Green (Environmental Life Impact), and Pirento Giftox (Meaningful Connection Engine), as well as our integrated legal services provided through our partnership with VakilSearch.
We process personal information based on appropriate legal grounds including user consent, contractual necessity, legitimate interests, and legal compliance requirements. Users have comprehensive rights regarding their personal information, including rights of access, correction, erasure, portability, and objection to processing, subject to applicable legal limitations and service requirements.
We collect various categories of personal information necessary to provide our comprehensive life management services and ensure optimal user experience across our platform verticals. The scope and nature of information collection varies based on the specific services used and the level of personalization requested by users.
Identity and Contact Information includes full name, email addresses, phone numbers, postal addresses, date of birth, gender, and government-issued identification numbers such as Aadhaar, PAN, or passport numbers. This information is essential for account creation, identity verification, service personalization, and compliance with legal requirements, particularly for financial and legal services.
Professional and Career Information encompasses current employment details, job titles, industry sectors, educational qualifications, professional certifications, career history, skill assessments, professional goals and aspirations, and performance evaluations. This information is primarily collected for Pirento Intern services and enables us to provide personalized career guidance, skill development recommendations, and mentor matching services.
Financial and Investment Information includes income levels, investment preferences, risk tolerance assessments, financial goals, asset holdings, investment history, credit information, bank account details, and transaction records. This sensitive financial information is collected for Pirento Capital services and is subject to enhanced security measures and strict access controls to protect user financial privacy.
Digital Assets and Legacy Information comprises digital account credentials, asset inventories, beneficiary designations, inheritance instructions, personal documents, photographs, videos, audio recordings, and other digital content intended for preservation and transmission. This information is collected for Pirento Vault services and requires special handling due to its sensitive and long-term nature.
Environmental and Lifestyle Information includes transportation patterns, energy consumption data, dietary preferences, purchasing behaviors, environmental goals, and sustainability practices. This information supports Pirento Green services and helps users track and improve their environmental impact while maintaining privacy regarding personal lifestyle choices.
Relationship and Social Information encompasses contact lists, relationship types and histories, communication preferences, gift-giving patterns, special dates and occasions, and social interaction data. This information enables Pirento Giftox services to provide personalized relationship guidance and meaningful connection recommendations while respecting privacy boundaries.
We automatically collect technical information about how users interact with our platform to ensure optimal performance, security, and user experience. This technical data collection is essential for platform operation and improvement but is handled with appropriate privacy protections and data minimization principles.
Device and Browser Information includes device types, operating systems, browser versions, screen resolutions, device identifiers, IP addresses, and hardware specifications. This information helps us optimize our platform for different devices and browsers while maintaining security through device recognition and anomaly detection.
Usage Analytics and Behavior Data encompasses page views, feature usage patterns, session durations, click-through rates, search queries, navigation paths, and interaction patterns across our platform verticals. This behavioral data enables us to understand user preferences, improve service delivery, and develop new features that better serve user needs.
Location Information may be collected through IP addresses, GPS coordinates (with explicit consent), or user-provided location data for services that require geographic context, such as environmental impact tracking, local mentor matching, or location-based gift recommendations. Location data collection is always subject to user consent and control mechanisms.
Communication and Support Data includes customer service interactions, support tickets, feedback submissions, survey responses, and other communications with our team. This information helps us provide effective support, resolve issues, and improve our services based on user feedback and needs.
Our platform integrates with various third-party services and partners to provide comprehensive functionality and enhanced user experiences. Information collection from these sources is governed by appropriate consent mechanisms and contractual protections to ensure user privacy and data security.
VakilSearch Legal Service Integration involves sharing relevant user information with our legal service partner for the provision of legal, secretarial, and accounting services. This information sharing is limited to details necessary for service delivery and includes personal identification, business information, service requirements, and relevant documentation as described in our partnership framework.
Social Media and Professional Network Integration may include profile information, connection data, and activity information from platforms such as LinkedIn, Facebook, or other professional networks when users choose to connect these accounts for enhanced service personalization and networking features.
Financial Service Provider Integration encompasses information from banks, investment platforms, credit agencies, and other financial institutions when users authorize such connections for comprehensive financial planning and wealth management services through Pirento Capital.
Environmental Data Sources include information from utility companies, transportation services, and environmental monitoring services that help provide accurate carbon footprint calculations and environmental impact assessments for Pirento Green services.
Our strategic partnership with Uber9 Business Process Services Private Limited, operating as VakilSearch, enables us to provide comprehensive legal, secretarial, and accounting services to Pirento users through an integrated service delivery model. This partnership requires careful coordination of data sharing practices to ensure seamless service delivery while maintaining the highest standards of privacy protection and legal compliance.
The legal basis for data sharing with VakilSearch includes contractual necessity for service delivery, user consent for legal service provision, legitimate interests in providing comprehensive platform services, and compliance with professional service requirements and regulatory standards applicable to legal service providers.
Our partnership agreement with VakilSearch includes comprehensive data protection clauses, confidentiality requirements, security standards, and compliance obligations designed to protect user information throughout the service delivery process. VakilSearch is contractually bound to handle shared information according to the same privacy standards that govern our platform operations.
Data sharing with VakilSearch is limited to information necessary for legal service delivery and is subject to purpose limitation, data minimization, and retention limitation principles. Users maintain control over their information and can withdraw consent for data sharing, though such withdrawal may limit our ability to provide integrated legal services.
The categories of information shared with VakilSearch depend on the specific legal services requested and the requirements for effective service delivery. We employ data minimization principles to ensure that only necessary information is shared, and we maintain detailed records of all data sharing activities for transparency and accountability.
Personal Identification Information shared with VakilSearch includes full name, contact details, government identification numbers, and other identity verification information required for legal service provision and regulatory compliance. This information is essential for legal document preparation, regulatory filings, and professional service delivery standards.
Business and Professional Information encompasses company details, business registration information, professional qualifications, employment history, and other business-related data necessary for corporate legal services, compliance requirements, and professional consultation services.
Service-Specific Information includes details about the specific legal services requested, relevant documentation, transaction information, and other context necessary for VakilSearch to understand service requirements and provide appropriate legal guidance and documentation.
Communication and Preference Information covers communication preferences, language preferences, service delivery preferences, and other information that enables VakilSearch to provide personalized, effective service delivery that meets user expectations and requirements.
Our partnership with VakilSearch includes comprehensive data protection safeguards designed to ensure that shared information receives the same level of protection and privacy respect that users expect from our platform. These safeguards are contractually enforced and regularly monitored to ensure ongoing compliance and effectiveness.
Confidentiality and Non-Disclosure Obligations require VakilSearch to maintain strict confidentiality of all shared information, use shared data solely for authorized service delivery purposes, and implement appropriate measures to prevent unauthorized access, use, or disclosure of user information.
Security and Technical Safeguards include requirements for encryption of data in transit and at rest, secure access controls and authentication mechanisms, regular security audits and vulnerability assessments, and incident response procedures for potential security breaches or data incidents.
Purpose Limitation and Data Minimization ensure that VakilSearch uses shared information only for the specific legal services requested and does not use shared data for marketing, business development, or other purposes beyond the scope of service delivery authorization.
Retention and Deletion Requirements specify that VakilSearch must retain shared information only for the duration necessary for service delivery and legal compliance requirements, and must securely delete or return information when retention is no longer necessary or when requested by users or Pirento.
Users maintain comprehensive rights regarding their information shared with VakilSearch, and we facilitate the exercise of these rights through coordination with our legal service partner. These rights are designed to ensure that users retain control over their information even when it is shared for service delivery purposes.
Access Rights enable users to request information about what data has been shared with VakilSearch, how it is being used, and the current status of their information within VakilSearch systems. We coordinate with VakilSearch to provide comprehensive access information to users upon request.
Correction and Update Rights allow users to request corrections or updates to information shared with VakilSearch, and we work with our partner to ensure that corrected information is properly updated in all relevant systems and records.
Deletion and Withdrawal Rights permit users to request deletion of their information from VakilSearch systems, subject to legal retention requirements and ongoing service obligations. Users can also withdraw consent for future data sharing, though this may affect the availability of integrated legal services.
Portability and Transfer Rights enable users to request copies of their information held by VakilSearch in portable formats, facilitating transfer to other service providers if desired. We coordinate with VakilSearch to fulfill portability requests in compliance with applicable data protection requirements.
Personal information is primarily used to deliver our comprehensive life management services and provide personalized experiences that align with individual user needs, preferences, and goals across our five platform verticals. Our use of personal information is guided by principles of necessity, proportionality, and user benefit, ensuring that information processing serves legitimate purposes that enhance user experience and service effectiveness.
Pirento Intern Professional Services utilize career and professional information to provide Career DNA Analysis, skill development recommendations, mentor matching services, and professional growth guidance. We analyze professional backgrounds, career goals, skill assessments, and personality profiles to create personalized career development pathways and connect users with appropriate mentors and opportunities.
Pirento Capital Wealth Management employs financial information to deliver Wealth DNA Profiling, investment guidance, financial planning tools, and wealth-building strategies. We process financial data, risk tolerance assessments, and investment preferences to provide personalized financial advice, portfolio recommendations, and wealth management guidance tailored to individual financial situations and goals.
Pirento Vault Digital Preservation uses personal information, digital assets, and legacy preferences to provide comprehensive digital inheritance planning, memory preservation, and legacy management services. We process personal documents, photographs, videos, and other digital content to create secure digital archives and ensure appropriate distribution according to user instructions.
Pirento Green Environmental Impact leverages lifestyle and consumption information to provide carbon footprint tracking, sustainability recommendations, and environmental impact guidance. We analyze transportation patterns, energy usage, consumption behaviors, and environmental preferences to deliver personalized sustainability plans and environmental improvement strategies.
Pirento Giftox Relationship Enhancement utilizes relationship information, communication patterns, and social preferences to provide gift recommendations, relationship guidance, and connection-building tools. We process relationship data, special occasions, and personal preferences to suggest meaningful gifts and experiences that strengthen personal and professional relationships.
We use personal information to operate, maintain, and continuously improve our platform infrastructure, security systems, and service delivery capabilities. This operational use of information is essential for providing reliable, secure, and effective services while ensuring optimal user experience across all platform features and functionalities.
Security and Fraud Prevention involves analyzing usage patterns, device information, and behavioral data to detect and prevent unauthorized access, fraudulent activities, and security threats. We employ machine learning algorithms and anomaly detection systems to identify suspicious activities and protect user accounts and information from security risks.
Performance Optimization and Analytics encompasses the use of technical and usage information to monitor platform performance, identify areas for improvement, and optimize service delivery speed, reliability, and effectiveness. We analyze user interaction patterns, system performance metrics, and service usage data to enhance platform functionality and user experience.
Feature Development and Innovation utilizes aggregated and anonymized user information to understand service needs, identify improvement opportunities, and develop new features and capabilities that better serve user requirements. This development process helps us evolve our platform to meet changing user needs and technological capabilities.
Quality Assurance and Support involves using communication data, support interactions, and feedback information to provide effective customer support, resolve issues, and maintain high service quality standards. We analyze support patterns and user feedback to identify common issues and implement systematic improvements.
Personal information enables us to communicate effectively with users about their accounts, services, platform updates, and relevant opportunities that may interest them. Our communication practices are designed to provide valuable, timely information while respecting user preferences and communication boundaries.
Service Communications include account notifications, service updates, security alerts, and other essential communications related to user accounts and service delivery. These communications are necessary for account management and service provision and are not subject to marketing opt-out preferences.
Educational and Informational Content encompasses newsletters, blog posts, webinars, and other educational materials related to career development, financial planning, digital preservation, environmental sustainability, and relationship building. Users can control their preferences for receiving educational content through their account settings.
Personalized Recommendations and Insights involve using user information to provide customized suggestions, insights, and opportunities that align with individual interests, goals, and preferences. These recommendations help users discover relevant services, features, and content that can enhance their experience and achieve their objectives.
Community and Networking Opportunities include information about events, networking opportunities, community activities, and collaborative features that may interest users based on their profiles, preferences, and platform activities. Users can control their participation in community features and networking opportunities.
We use personal information as necessary to comply with applicable laws, regulations, and legal obligations that govern our business operations and service delivery. This compliance use of information is essential for maintaining legal operation and protecting both user interests and business integrity.
Regulatory Compliance involves using personal information to meet requirements imposed by financial services regulations, data protection laws, consumer protection standards, and other applicable regulatory frameworks that govern our platform operations and service delivery.
Legal Process Response encompasses the use of personal information to respond to valid legal requests, court orders, subpoenas, and other legal processes that require disclosure of user information. We carefully evaluate all legal requests and disclose information only to the extent required by applicable law.
Risk Management and Due Diligence includes using personal information for identity verification, anti-money laundering compliance, know-your-customer requirements, and other risk management processes required for financial and legal service provision.
Record Keeping and Audit Requirements involve maintaining personal information records as required by applicable laws and regulations, including financial services regulations, tax requirements, and professional service standards that mandate specific record retention and reporting obligations.
Our primary information sharing arrangement involves our strategic partnership with VakilSearch for legal service delivery, which requires careful coordination of data sharing practices to ensure seamless service provision while maintaining comprehensive privacy protections and user control over their information.
As detailed in Section 3 of this Privacy Policy, we share relevant user information with VakilSearch to enable the provision of legal, secretarial, and accounting services through our integrated platform. This sharing is governed by strict contractual protections, confidentiality requirements, and security standards designed to ensure that shared information receives appropriate protection and is used solely for authorized service delivery purposes.
The scope of information sharing with VakilSearch is limited to details necessary for specific legal services requested by users, and we employ data minimization principles to ensure that only essential information is shared. Users maintain control over this sharing through their service choices and consent mechanisms, and they can withdraw consent for future sharing, though such withdrawal may affect the availability of integrated legal services.
We maintain detailed records of all information sharing with VakilSearch, including the categories of information shared, the purposes for sharing, and the duration of sharing arrangements. This transparency enables users to understand how their information is being used in the partnership context and exercise their rights regarding shared information.
Beyond our VakilSearch partnership, we work with carefully selected service providers and business partners to deliver comprehensive platform functionality and enhanced user experiences. These relationships involve limited information sharing under strict contractual protections and privacy safeguards designed to protect user information while enabling effective service delivery.
Technology Service Providers include cloud hosting services, data analytics platforms, security service providers, and other technology partners that support our platform infrastructure and operations. These providers receive only the information necessary to deliver their specific services and are contractually bound to protect user information and use it solely for authorized purposes.
Payment Processing Partners handle financial transaction information for subscription payments, service fees, and other platform transactions. These partners are selected based on their security standards, compliance certifications, and privacy protection capabilities, and they process payment information according to industry-standard security requirements.
Communication and Marketing Service Providers may receive limited contact information to facilitate email delivery, SMS communications, and other communication services. These providers are contractually prohibited from using user information for their own marketing purposes and must implement appropriate security measures to protect communication data.
Professional Service Networks may receive relevant professional information to facilitate mentor matching, networking opportunities, and professional development services within the Pirento Intern vertical. This sharing is always subject to user consent and control mechanisms that allow users to manage their participation in professional networking features.
We may disclose personal information when required by law, legal process, or regulatory requirements, or when necessary to protect our rights, user safety, or public interests. These disclosures are carefully evaluated to ensure they are legally justified and limited to the minimum information necessary to satisfy legal requirements.
Government and Regulatory Requests may require disclosure of user information to comply with valid legal processes, including court orders, subpoenas, search warrants, and regulatory investigations. We carefully review all such requests to ensure they are legally valid and appropriately limited in scope before making any disclosures.
Law Enforcement Cooperation involves sharing information with law enforcement agencies when required by law or when necessary to investigate suspected illegal activities, prevent harm to individuals, or protect public safety. We balance these disclosure obligations with our commitment to user privacy and make disclosures only when legally required or clearly justified.
Regulatory Compliance Reporting may involve sharing aggregated or specific user information with regulatory authorities as required by applicable laws and regulations governing our business operations, particularly in areas such as financial services, data protection, and consumer protection.
Legal Proceedings and Dispute Resolution may require disclosure of relevant user information in connection with legal proceedings, arbitration, or other dispute resolution processes involving our platform, services, or users. Such disclosures are limited to information relevant to the specific legal matter and are subject to appropriate confidentiality protections where possible.
In the event of corporate transactions such as mergers, acquisitions, asset sales, or business reorganizations, user information may be transferred as part of the business assets, subject to appropriate privacy protections and user notification requirements.
Merger and Acquisition Scenarios may involve the transfer of user information to acquiring companies or merger partners, but such transfers are subject to contractual requirements that the receiving party honor existing privacy commitments and provide equivalent privacy protections for transferred information.
Asset Sale and Business Restructuring situations may require the transfer of user information as part of business assets, but we ensure that such transfers include appropriate privacy protection requirements and user notification procedures to maintain transparency and user rights.
Bankruptcy or Insolvency Proceedings may involve the treatment of user information as business assets subject to legal proceedings, but we strive to ensure that user privacy interests are protected through appropriate legal mechanisms and that users are notified of any significant changes to information handling practices.
Due Diligence and Transaction Evaluation may involve limited disclosure of aggregated or anonymized user information to potential transaction partners for business evaluation purposes, but such disclosures do not include personally identifiable information and are subject to strict confidentiality agreements.
We implement comprehensive technical security measures designed to protect personal information from unauthorized access, use, disclosure, alteration, and destruction. Our security framework employs industry-standard technologies and best practices, regularly updated to address evolving security threats and maintain the highest levels of data protection.
Encryption and Data Protection encompasses end-to-end encryption for data in transit using TLS 1.3 or higher protocols, advanced encryption standards (AES-256) for data at rest, encrypted database storage with key management systems, and secure encryption key rotation and management procedures. All sensitive personal information, including financial data, legal documents, and personal communications, is encrypted using industry-leading encryption technologies.
Access Controls and Authentication include multi-factor authentication requirements for user accounts, role-based access controls for internal systems, privileged access management for administrative functions, and regular access reviews and permission audits. We implement zero-trust security principles that require verification for all access requests and maintain detailed logs of all system access and data interactions.
Network Security and Infrastructure Protection involves secure cloud hosting with reputable providers, distributed denial-of-service (DDoS) protection, intrusion detection and prevention systems, network segmentation and isolation controls, and regular security monitoring and threat detection. Our infrastructure is designed to maintain security and availability even under adverse conditions or security attacks.
Application Security and Code Protection includes secure software development lifecycle practices, regular security code reviews and vulnerability assessments, automated security testing and scanning, and secure deployment and configuration management. We follow industry best practices for secure application development and maintain ongoing security assessments to identify and address potential vulnerabilities.
Our operational security procedures ensure that human factors and business processes support our technical security measures and maintain comprehensive protection for user information throughout all aspects of our business operations and service delivery.
Personnel Security and Training encompasses background checks for employees with access to personal information, comprehensive security awareness training programs, regular security education and update sessions, and clear security policies and procedures for all staff members. We ensure that all team members understand their responsibilities for protecting user information and maintaining security standards.
Incident Response and Management includes detailed incident response procedures for security breaches, data incidents, and system compromises, rapid response teams for security incident investigation and containment, communication protocols for notifying affected users and regulatory authorities, and post-incident analysis and improvement processes to prevent similar incidents.
Vendor and Partner Security Management involves security assessments and due diligence for all service providers and partners, contractual security requirements and compliance obligations, regular security audits and monitoring of partner security practices, and incident coordination and response procedures for partner-related security issues.
Physical Security and Environmental Controls include secure data center facilities with appropriate access controls, environmental monitoring and protection systems, secure disposal procedures for hardware and storage media, and physical security measures for offices and facilities where personal information may be accessed or stored.
We maintain comprehensive data backup and recovery systems designed to ensure the availability and integrity of user information while maintaining appropriate security protections for backup data and recovery processes.
Backup Systems and Procedures encompass automated daily backups of all user data and system information, geographically distributed backup storage for disaster recovery, encrypted backup data with secure key management, and regular backup integrity testing and verification procedures. Our backup systems are designed to enable rapid recovery while maintaining security and privacy protections.
Disaster Recovery and Business Continuity include comprehensive disaster recovery plans for various scenarios, alternative processing sites and infrastructure for business continuity, regular disaster recovery testing and plan updates, and communication procedures for users during service disruptions or recovery operations.
Data Integrity and Validation involves regular data integrity checks and validation procedures, checksums and hash verification for data accuracy, monitoring systems for data corruption or unauthorized changes, and procedures for investigating and resolving data integrity issues.
Recovery Testing and Validation encompasses regular testing of backup and recovery procedures, validation of data recovery accuracy and completeness, performance testing of recovery systems and procedures, and documentation and improvement of recovery processes based on testing results.
We maintain continuous security monitoring and compliance programs designed to detect security threats, ensure ongoing compliance with security standards, and continuously improve our security posture and data protection capabilities.
Continuous Monitoring and Threat Detection includes 24/7 security monitoring and alerting systems, automated threat detection and analysis tools, security information and event management (SIEM) systems, and regular security assessments and penetration testing by qualified security professionals.
Compliance and Audit Programs encompass regular compliance assessments for applicable security standards and regulations, internal security audits and control testing, third-party security assessments and certifications, and documentation and reporting of security compliance status and improvements.
Vulnerability Management and Patching involves regular vulnerability scanning and assessment procedures, prioritized vulnerability remediation and patching programs, security update management for all systems and applications, and coordination with vendors and partners for security updates and patches.
Security Metrics and Reporting include key security performance indicators and metrics tracking, regular security reporting to management and stakeholders, trend analysis and security posture assessment, and continuous improvement programs based on security metrics and incident analysis.
Users have comprehensive rights to access and understand how their personal information is collected, used, and shared through our platform. These access rights are designed to provide transparency and enable informed decision-making about personal information and privacy preferences.
Right to Access Personal Information enables users to request comprehensive information about the personal data we hold about them, including the categories of information collected, the sources of information, the purposes for which information is used, and the recipients or categories of recipients with whom information is shared. We provide this information in clear, understandable formats within reasonable timeframes.
Data Processing Transparency includes detailed information about our data processing activities, the legal basis for processing different categories of information, the retention periods for various types of data, and the criteria used to determine retention periods. Users can access this information through their account settings and privacy dashboard features.
Third-Party Sharing Disclosure encompasses comprehensive information about our information sharing practices, including details about our VakilSearch partnership, other service provider relationships, and any other circumstances under which personal information may be shared or disclosed. Users receive clear information about the purposes and safeguards for all information sharing.
Processing Activity Records provide users with access to records of significant processing activities affecting their information, including data sharing events, access by authorized personnel, and any security incidents or data breaches that may have affected their information. This transparency enables users to understand how their information has been handled and exercise appropriate oversight.
Users have the right to ensure that their personal information is accurate, complete, and up-to-date, and we provide comprehensive mechanisms for users to correct, update, or supplement their information as needed.
Information Correction Procedures enable users to identify and correct inaccurate or incomplete personal information through their account settings, customer support channels, or direct communication with our privacy team. We process correction requests promptly and update information across all relevant systems and shared data arrangements.
Profile Management and Updates include user-friendly interfaces for updating personal information, preferences, and account settings, with real-time synchronization across all platform verticals and integrated services. Users can modify their information at any time and see immediate updates reflected in their service experience.
Verification and Validation Processes ensure that information corrections and updates are properly verified and validated before implementation, particularly for sensitive information such as financial data, legal documents, or identity information that may affect service delivery or security.
Downstream Update Coordination involves updating corrected information with our partners and service providers, including VakilSearch, to ensure that corrected information is reflected in all systems and services that rely on user data for service delivery.
Users have the right to request deletion of their personal information under appropriate circumstances, subject to legal retention requirements and ongoing service obligations that may necessitate continued information retention.
Right to Erasure Procedures enable users to request deletion of their personal information when it is no longer necessary for the purposes for which it was collected, when consent is withdrawn and no other legal basis applies, when information has been unlawfully processed, or when deletion is required for compliance with legal obligations.
Account Deletion and Data Removal includes comprehensive procedures for deleting user accounts and associated personal information, with clear timelines for deletion completion and information about any data that may be retained for legal or legitimate business purposes. Users receive confirmation when deletion is completed.
Selective Data Deletion allows users to request deletion of specific categories of information or data related to particular services while maintaining their account and other services. This granular control enables users to manage their privacy preferences while continuing to use desired platform features.
Retention Override and Legal Limitations involves clear communication about circumstances where deletion requests cannot be fully honored due to legal retention requirements, ongoing service obligations, or legitimate business needs, with detailed explanations of the reasons for continued retention and the duration of such retention.
Users have rights to obtain copies of their personal information in portable formats and to control how their information is used for various purposes, enabling them to make informed decisions about their data and potentially transfer it to other services.
Data Portability Services provide users with the ability to download comprehensive copies of their personal information in structured, commonly used, and machine-readable formats that facilitate transfer to other services or platforms. This includes all user-generated content, profile information, and service history data.
Export and Download Features enable users to access and download various categories of their information, including account data, service history, communications, and other relevant information, through user-friendly interfaces and automated export tools.
Consent Management and Withdrawal includes comprehensive controls for managing consent to various types of data processing, with the ability to withdraw consent for specific purposes while maintaining consent for other necessary processing activities. Users can modify their consent preferences at any time through their account settings.
Processing Objection Rights allow users to object to certain types of data processing based on legitimate interests, including marketing communications, automated decision-making, and profiling activities, with mechanisms to honor such objections while maintaining essential service functionality.
Our data retention practices are guided by principles of necessity, proportionality, and purpose limitation, ensuring that personal information is retained only for as long as necessary to fulfill the purposes for which it was collected and to comply with applicable legal and regulatory requirements.
Purpose-Based Retention Periods vary according to the specific purposes for which information is collected and used, with different retention periods for account management information, service delivery data, communication records, and compliance documentation. We maintain detailed retention schedules that specify appropriate retention periods for different categories of information.
Legal and Regulatory Compliance Requirements may mandate specific retention periods for certain types of information, particularly financial records, legal service documentation, and regulatory compliance data. These requirements are incorporated into our retention policies and may override shorter retention periods that would otherwise apply.
User-Controlled Retention Preferences enable users to specify retention preferences for certain categories of information, particularly for Pirento Vault digital preservation services that are designed for long-term or permanent retention according to user wishes and legacy planning objectives.
Regular Review and Assessment Procedures ensure that retention policies remain appropriate and current, with periodic reviews of retention periods, assessment of continued necessity for retained information, and updates to retention practices based on legal changes, business needs, and user feedback.
Different platform verticals have varying retention requirements based on the nature of services provided, user expectations, and applicable legal and regulatory frameworks that govern specific service categories.
Pirento Intern Professional Services Data is typically retained for the duration of active service use plus additional periods necessary for career development continuity, mentor relationship maintenance, and professional reference purposes. Career assessment data and professional development records may be retained longer to support ongoing career guidance and development tracking.
Pirento Capital Financial Services Data is subject to financial services retention requirements and may be retained for extended periods to comply with regulatory obligations, tax requirements, and financial planning continuity needs. Investment history and financial planning data may be retained to support long-term wealth management and financial goal tracking.
Pirento Vault Digital Preservation Data is designed for long-term or permanent retention according to user preferences and digital legacy planning objectives. This information may be retained indefinitely or until specific conditions are met, such as successful transmission to designated beneficiaries or explicit user instructions for deletion.
Pirento Green Environmental Data is typically retained for periods sufficient to support environmental impact tracking, sustainability goal monitoring, and environmental improvement assessment. Historical environmental data may be retained in anonymized formats for research and environmental impact analysis purposes.
Pirento Giftox Relationship Data is retained for periods necessary to support ongoing relationship management, gift recommendation accuracy, and relationship development tracking. Relationship history and preference data may be retained to maintain service effectiveness and personalization quality.
When retention periods expire or when users request deletion of their information, we implement comprehensive deletion procedures designed to ensure complete and secure removal of personal information from all systems and storage locations.
Systematic Deletion Processes include automated deletion procedures for information that has reached the end of its retention period, manual review and deletion for complex or sensitive information, and verification procedures to ensure complete deletion from all systems and backup storage.
Secure Deletion Standards encompass cryptographic erasure for encrypted data, physical destruction of storage media when necessary, overwriting procedures for magnetic storage, and verification of deletion completeness through technical auditing and validation procedures.
Partner and Third-Party Coordination involves coordinating deletion requests with our partners and service providers, including VakilSearch, to ensure that deleted information is also removed from partner systems and shared data arrangements, subject to their own legal retention requirements and professional obligations.
Deletion Verification and Documentation includes maintaining records of deletion activities for audit and compliance purposes, providing deletion confirmation to users when requested, and documenting any information that cannot be deleted due to legal or regulatory requirements.
Our backup and archive systems require special consideration for data retention and deletion policies, as backup data may persist beyond normal retention periods due to technical and operational requirements for data protection and recovery capabilities.
Backup Retention Policies specify retention periods for backup data that balance data protection needs with privacy requirements, with automated deletion of backup data when retention periods expire and secure deletion procedures for backup storage media and systems.
Archive Data Management involves long-term storage of certain categories of information for historical, legal, or business continuity purposes, with appropriate access controls and security measures for archived data and periodic review of archive necessity and retention periods.
Recovery and Restoration Considerations ensure that data recovery and restoration procedures respect current retention policies and user deletion requests, with procedures to prevent restoration of deleted data except in specific circumstances where legal or business requirements justify restoration.
Legacy Data and Historical Records may be retained in anonymized or aggregated formats for research, service improvement, and historical analysis purposes, with appropriate privacy protections and user consent for such retention and use.
We prioritize data localization and storage within India to comply with applicable data protection laws and provide users with confidence that their personal information is subject to Indian privacy protections and regulatory oversight.
Primary Data Storage in India encompasses our main database systems, user account information, and active service data, which are stored in secure data centers located within India and operated by reputable cloud service providers with appropriate security certifications and compliance standards.
Indian Regulatory Compliance ensures that our data storage and processing practices comply with the Digital Personal Data Protection Act, 2023, Information Technology Act, 2000, and other applicable Indian data protection and privacy regulations that govern the handling of personal information.
Data Center Security and Compliance includes selection of data center providers based on security standards, compliance certifications, and regulatory compliance capabilities, with contractual requirements for maintaining appropriate security measures and compliance with Indian data protection laws.
Backup and Disaster Recovery Considerations involve maintaining backup and disaster recovery systems within India where possible, with appropriate safeguards and legal compliance measures for any backup or recovery systems that may be located outside India for technical or operational reasons.
While we prioritize data localization, certain limited scenarios may require international data transfers to provide comprehensive services or comply with technical requirements, always subject to appropriate safeguards and legal compliance measures.
Service Provider and Technology Integration may involve limited data transfers to international service providers for specific technical services, cloud infrastructure components, or specialized service capabilities that are not available from Indian providers, always subject to appropriate contractual protections and safeguards.
VakilSearch Partnership Considerations include ensuring that any international aspects of VakilSearch operations or service delivery comply with appropriate data transfer safeguards and that user information shared with VakilSearch remains subject to appropriate privacy protections regardless of processing location.
User-Initiated International Services may involve data transfers when users specifically request services that require international processing or when users choose to integrate with international platforms or services through our platform, always with clear disclosure and user consent for such transfers.
Legal and Regulatory Compliance may require limited international data transfers to comply with legal obligations, regulatory requirements, or law enforcement requests that involve international cooperation or coordination, always subject to appropriate legal safeguards and limitations.
When international data transfers are necessary, we implement comprehensive safeguards designed to ensure that transferred personal information receives equivalent protection to that provided under Indian data protection laws.
Contractual Protection Measures include standard contractual clauses or equivalent contractual protections that require international recipients to provide appropriate privacy protections, security measures, and compliance with data protection principles equivalent to Indian standards.
Adequacy and Equivalence Assessments involve evaluating the privacy protection standards of destination countries and recipients to ensure that transferred information will receive appropriate protection, with preference for transfers to jurisdictions with adequate privacy protection frameworks.
Technical Safeguards for International Transfers encompass encryption of data during transfer and storage, secure communication protocols, access controls and authentication requirements, and monitoring and auditing of international data processing activities.
User Notification and Consent includes clear disclosure of international transfer scenarios, purposes for transfers, destination countries or regions, and safeguards in place to protect transferred information, with appropriate consent mechanisms for transfers that require user authorization.
International data transfers must comply with applicable laws in both India and destination jurisdictions, requiring careful legal analysis and compliance coordination to ensure comprehensive legal protection for transferred information.
Multi-Jurisdictional Legal Analysis involves assessment of applicable laws and regulations in both source and destination jurisdictions, identification of potential legal conflicts or compliance challenges, and development of compliance strategies that satisfy requirements in all relevant jurisdictions.
Regulatory Coordination and Reporting may include coordination with Indian data protection authorities regarding international transfers, reporting requirements for certain types of transfers, and compliance with any registration or notification requirements for cross-border data processing activities.
Legal Process and Government Access considerations include understanding legal frameworks for government access to data in destination jurisdictions, implementing appropriate safeguards against unauthorized government access, and maintaining transparency about legal process and government access risks.
Ongoing Compliance Monitoring encompasses regular review of international transfer arrangements and safeguards, monitoring of legal and regulatory changes that may affect transfer compliance, and updates to transfer safeguards and procedures as necessary to maintain appropriate protection levels.
We recognize the importance of protecting children's privacy and have implemented comprehensive policies and procedures to ensure appropriate protection for users under the age of 18, with enhanced protections for children under 13 years of age.
Minimum Age Requirements establish that our primary services are designed for users 18 years of age and older, with limited exceptions for certain educational or career development services that may be appropriate for older minors with appropriate consent and supervision mechanisms.
Age Verification Procedures include age declaration requirements during account registration, identity verification processes that confirm user age for sensitive services, and ongoing monitoring to identify potential underage users who may have provided inaccurate age information during registration.
Parental Consent and Supervision requirements apply to users between 13 and 18 years of age who wish to access certain platform features, with mechanisms for obtaining verifiable parental consent and maintaining parental oversight of minor users' platform activities and information sharing.
Enhanced Protection for Young Children includes strict prohibitions on collecting personal information from children under 13 years of age without explicit parental consent, enhanced security measures for any information collected from minor users, and limited data collection and use practices for minor users.
Certain platform features may be appropriate for minor users with appropriate safeguards, consent mechanisms, and supervision requirements designed to protect their privacy and safety while providing valuable educational and developmental opportunities.
Educational and Career Development Services may be available to older minors (16-18 years) with parental consent for career exploration, educational planning, and skill development activities that support their academic and professional development goals.
Supervised Account Features enable parents or guardians to maintain oversight of minor users' platform activities, with access to account information, activity monitoring capabilities, and controls over information sharing and communication features.
Limited Data Collection and Use for minor users includes restrictions on the types of information collected, limitations on information sharing and disclosure, enhanced security measures for minor user information, and special retention and deletion procedures for information collected from minors.
Communication and Interaction Restrictions encompass limitations on minor users' ability to communicate with other users, restrictions on participation in community features, and enhanced moderation and supervision of any interactions involving minor users.
Parents and guardians of minor users have comprehensive rights and controls regarding their children's use of our platform and the handling of their children's personal information.
Access and Review Rights enable parents to access and review all personal information collected from their minor children, including account information, activity records, and any communications or interactions through our platform.
Consent and Authorization Controls provide parents with the ability to grant, modify, or withdraw consent for their children's use of platform features, information collection and use activities, and participation in various platform services and activities.
Information Management and Deletion rights allow parents to request correction, update, or deletion of their children's personal information, with procedures for honoring such requests while maintaining any information necessary for account security or legal compliance.
Communication and Notification Preferences enable parents to control how they receive information about their children's platform activities, privacy policy updates, and other communications related to their children's use of our services.
We implement enhanced protections and safeguards for minor users that go beyond our standard privacy and security measures to ensure appropriate protection for this vulnerable user population.
Enhanced Security Measures include additional authentication requirements for minor user accounts, enhanced monitoring for suspicious activities or potential safety concerns, and special incident response procedures for security issues affecting minor users.
Content and Interaction Moderation encompasses enhanced content filtering and moderation for minor users, restrictions on access to certain types of content or features, and special procedures for handling inappropriate content or interactions involving minors.
Data Minimization and Purpose Limitation for minor users includes collecting only information that is strictly necessary for providing appropriate services, limiting the use of minor user information to essential service delivery purposes, and avoiding marketing or promotional uses of minor user information.
Regular Review and Assessment of minor user protections includes periodic evaluation of our policies and procedures for protecting minor users, assessment of emerging risks and protection needs, and updates to our minor user protection measures based on best practices and regulatory guidance.
We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, business practices, or privacy protection measures. Our modification procedures are designed to ensure transparency and provide users with appropriate notice and control over significant changes.
Regular Review and Update Schedule includes periodic review of our privacy practices and policies to ensure they remain current and appropriate, assessment of legal and regulatory changes that may require policy updates, and evaluation of user feedback and privacy concerns that may warrant policy modifications.
Significant Change Identification involves careful analysis of proposed policy changes to determine their impact on user privacy rights and expectations, with classification of changes as significant or minor based on their potential effect on user privacy and information handling practices.
User Notification Procedures encompass email notifications to all registered users for significant policy changes, prominent platform notifications and announcements for important updates, and clear communication about the nature and implications of policy changes.
Advance Notice Requirements provide users with reasonable advance notice of policy changes, typically 30 days for significant changes that may affect user rights or information handling practices, with shorter notice periods only for changes required by legal or regulatory requirements or emergency security measures.
Policy updates that materially affect user privacy rights or information handling practices require appropriate user consent and acceptance mechanisms to ensure that users understand and agree to the changes.
Explicit Consent for Material Changes includes requiring active user consent for policy changes that significantly expand information collection, introduce new uses of personal information, or materially reduce user privacy protections or rights.
Continued Use Acceptance applies to minor policy changes and clarifications that do not materially affect user rights, where continued use of our services after the effective date of changes constitutes acceptance of the updated policy.
Opt-Out and Account Termination Rights enable users who do not agree to policy changes to terminate their accounts and discontinue use of our services, with appropriate procedures for account closure and information deletion in such circumstances.
Granular Consent Options may be provided for certain types of policy changes, allowing users to accept some changes while opting out of others, subject to the feasibility of providing services with partial consent to policy terms.
We maintain comprehensive version control and historical records of our Privacy Policy to provide transparency about policy evolution and enable users to understand how our privacy practices have changed over time.
Version Numbering and Dating includes clear version numbers and effective dates for all policy versions, with detailed change logs that describe the nature and scope of modifications made in each version update.
Historical Policy Archive maintains accessible records of previous policy versions, enabling users to review historical privacy practices and understand the evolution of our privacy protections and commitments.
Change Documentation and Rationale provides detailed documentation of the reasons for policy changes, including legal requirements, business needs, user feedback, or privacy protection enhancements that motivated specific modifications.
Accessibility and Transparency ensures that policy version information and change documentation are easily accessible to users through our website and platform interfaces, with clear navigation and search capabilities for historical policy information.
Policy updates require careful implementation and transition procedures to ensure that changes are properly integrated into our operations and that users experience smooth transitions to updated privacy practices.
Operational Integration involves updating internal procedures, training programs, and system configurations to reflect policy changes, with coordination across all departments and service areas to ensure consistent implementation of updated privacy practices.
System and Technical Updates encompass modifications to platform interfaces, consent mechanisms, data handling procedures, and technical systems to support updated policy requirements and user rights.
Staff Training and Communication includes comprehensive training for all personnel on policy changes and their implications, with special attention to customer service representatives who may receive user questions about policy updates.
Monitoring and Compliance Assessment involves ongoing monitoring of policy implementation to ensure compliance with updated requirements, assessment of user feedback and concerns about policy changes, and adjustments to implementation procedures as necessary to address issues or improve user experience.
We provide multiple channels for users to contact us regarding privacy questions, concerns, requests, or issues related to their personal information and our privacy practices.
Dedicated Privacy Team includes qualified privacy professionals who are responsible for handling user privacy inquiries, processing privacy rights requests, and ensuring compliance with our privacy commitments and applicable data protection laws.
Primary Contact Information for privacy-related matters:
Response Time Commitments include acknowledgment of privacy inquiries within 48 hours of receipt, substantive responses to privacy questions within 5 business days, and completion of privacy rights requests within 30 days or as required by applicable law.
Specialized Support Services encompass assistance with privacy settings and controls, guidance on exercising privacy rights, support for privacy-related technical issues, and coordination with our VakilSearch partner for privacy matters related to legal services.
We have established comprehensive procedures for users to exercise their privacy rights, including access, correction, deletion, portability, and objection rights, with user-friendly processes and reasonable response timeframes.
Request Submission Methods include online forms accessible through user account settings, email requests to our privacy team, phone requests through our privacy hotline, and written requests submitted to our postal address.
Identity Verification Requirements ensure that privacy rights requests are processed only for verified account holders, with appropriate authentication procedures that balance security needs with user convenience and accessibility.
Request Processing Procedures encompass initial request review and validation, coordination with relevant departments and systems to fulfill requests, quality assurance review of request fulfillment, and communication with users about request status and completion.
Appeal and Escalation Procedures provide users with options to appeal privacy rights request decisions, escalate unresolved privacy concerns, and seek additional review of privacy-related issues through our internal review processes.
We maintain comprehensive procedures for handling privacy complaints and concerns, with internal resolution processes and coordination with regulatory authorities as appropriate.
Internal Complaint Resolution includes investigation of privacy complaints and concerns, coordination with relevant departments to address identified issues, implementation of corrective measures and process improvements, and communication with complainants about resolution outcomes.
Regulatory Authority Coordination encompasses reporting of privacy incidents and complaints to appropriate regulatory authorities as required by law, cooperation with regulatory investigations and inquiries, and implementation of regulatory guidance and requirements.
External Dispute Resolution may include coordination with alternative dispute resolution services, mediation services for privacy disputes, and other external resolution mechanisms that may be available for privacy-related concerns.
Continuous Improvement involves analysis of privacy complaints and concerns to identify systemic issues, implementation of process improvements based on complaint patterns and feedback, and regular review of complaint resolution procedures to ensure effectiveness and user satisfaction.
We provide comprehensive privacy education and resources to help users understand their privacy rights, our privacy practices, and how to effectively manage their personal information and privacy preferences.
Privacy Documentation and Guides include detailed explanations of privacy rights and how to exercise them, guides for managing privacy settings and preferences, information about our privacy practices and data handling procedures, and updates about privacy law changes and their implications.
Educational Content and Resources encompass blog posts and articles about privacy topics, webinars and educational sessions about privacy rights and data protection, frequently asked questions about privacy practices, and tips for protecting personal information online.
Privacy Tools and Controls include user-friendly privacy dashboards and control interfaces, automated tools for managing privacy preferences and settings, export and download tools for accessing personal information, and consent management tools for controlling information use and sharing.
Community and Support Forums may provide platforms for users to discuss privacy topics and share experiences, access to privacy experts and advocates for guidance and support, and opportunities for user feedback and input on privacy practices and policies.
This Privacy Policy Version 5.0 becomes effective on January 20, 2025, and applies to all personal information collected, used, and processed by VENTURECORE SOLUTIONS PRIVATE LIMITED in connection with the Pirento platform and all associated services.
Users who created accounts or provided personal information before the effective date of this Privacy Policy have 30 days from the effective date to review this Privacy Policy and decide whether to continue using our services under these privacy terms or to exercise their rights to modify their privacy preferences or terminate their accounts.
By continuing to use our services after the effective date, users acknowledge that they have read, understood, and agree to the privacy practices described in this Privacy Policy, including our information collection, use, sharing, and protection practices.
Users who do not agree to this Privacy Policy must discontinue use of our services and may exercise their rights to delete their personal information and terminate their accounts according to the procedures specified in this Privacy Policy and our Terms of Service.
Last Updated: January 20, 2025
Version: 5.0
Document ID: PIRENTO-PRIVACY-V5.0-20250120
Compliance Framework: Digital Personal Data Protection Act, 2023
© 2025 VENTURECORE SOLUTIONS PRIVATE LIMITED. All rights reserved.
This Privacy Policy represents our comprehensive commitment to protecting user privacy and personal information across all aspects of our multi-vertical platform and integrated services. We encourage users to read this Privacy Policy carefully and contact our privacy team with any questions or concerns about our privacy practices.