Privacy Policy

Last updated: 01st July 2026

This Privacy Policy ("Policy") describes how Ozone Secutech Private Limited (the "Company," "we," "our," or "us"), the entity that owns and operates the website www.ozokart.com and the Ozokart brand (collectively, the "Website" or "Services"), collects, uses, discloses, retains, and protects personal data of visitors, registered users, customers, vendors, and business partners ("you" or "your") who interact with the Website, including in connection with the purchase of architectural hardware, glass fittings, door control systems, furniture fittings, smart locks, security solutions, partition systems, shower enclosures, railings, façade hardware, home improvement products and, as the Ozokart range expands, other related home improvement, architectural hardware and allied products and services.

This Policy is drafted to address, to the extent applicable to a commercial e-commerce website, the Digital Personal Data Protection Act, 2023 and the Digital Personal Data Protection Rules, 2025 (India) ("DPDP Act.

Please read this Policy carefully. This Policy is intended to provide information about how we process Personal Data; it is not, by itself, a consent form except where we expressly ask for your consent through a separate affirmative action. Where we rely on consent, you have the right to withdraw it at any time, with effect from the time of withdrawal, as described in Section 14. Where we rely on legitimate interests under applicable law, we have balanced those interests against your rights and freedoms; you may object to such processing as described in Section 12. Where we process Personal Data to provide the Website, fulfil orders, comply with law, prevent fraud, or protect our legal rights, we may rely on other lawful bases recognised under applicable law. Where we request consent, we will do so through a separate affirmative action, such as ticking an unchecked box, clicking an “I agree” button, selecting cookie preferences, or using another clear consent control. Merely browsing the Website or continuing to use the Website will not, by itself, be treated as consent where applicable law requires affirmative consent.

 

1. Scope and Key Definitions

· "Personal Data" / "Personal Information" means any data about an individual who is identifiable by or in relation to such data.

· "Sensitive Personal Data" means Personal Data that is treated as sensitive, special category, or subject to enhanced protection under applicable law, including, where applicable, government-issued identifiers, precise geolocation, financial account or payment credential information, biometric data, health data, genetic data, data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, sex life or sexual orientation, and any other category designated as sensitive under applicable law. We do not intentionally request or collect Sensitive Personal Data unless it is necessary for a specific lawful purpose disclosed to you.

· "Data Fiduciary" / "Controller" means the entity that determines the purpose and means of processing Personal Data (i.e., the Company, in respect of data collected through the Website).

· "Data Processor" / "Processor" means a third party that processes Personal Data on the Company’s behalf and under its instructions.

· "Data Principal" / "Data Subject" means the individual to whom the Personal Data relates, i.e., you.

· "Consent Manager" means a registered entity under the DPDP Act through which a Data Principal may give, manage, review, or withdraw consent, where the Company makes such a mechanism available.

This Policy applies to Personal Data collected through the Website, mobile application (if any), and any other digital or offline channel that references this Policy (for example, customer support calls or in-store/event data capture, where applicable). It does not apply to the practices of companies we do not own or control, or to individuals we do not employ or manage, including third-party websites linked from the Website.

Our Privacy principles: We process Personal Data only where we have a valid legal basis or lawful ground under applicable law. Processing will be undertaken on the basis of consent under the DPDP Act, or without separate consent only where a specific “legitimate use” under Section 7 of the DPDP Act applies, such as processing Personal Data voluntarily provided by you for the specified purpose, compliance with law, court orders, or other permitted uses.

2. Categories of Personal Data We Collect

 

2.1. Information you provide directly

· Identity and contact data: full name, email address, postal/billing/shipping address, phone number, date of birth (where collected for age verification or promotions).

· Account data: username, password (stored in hashed/encrypted form), account preferences, wishlists, saved addresses, and communication preferences.

· Order and transaction data: products viewed, added to cart, purchased, returned, exchanged or cancelled; order value, order history, invoices, gift messages, and delivery instructions.

· Payment data: payment method type, limited transaction identifiers, billing details, payment confirmation status, refund status, and other payment-related metadata made available to us by our payment processor. Full card numbers, CVV, UPI credentials, bank login details, or equivalent payment credentials are entered directly into the payment processor’s secure environment and are not stored by us, except where a limited record is required for refunds, chargebacks, accounting, fraud prevention, or legal compliance. (see Section 8).

· Customer support and communications data: records of correspondence and calls with our support team, including content of queries, complaints, and feedback, and any account/identity information shared to validate your request.

· Marketing preferences: your opt-in/opt-out choices for email, SMS, WhatsApp, or push communications, and stated product or content preferences.

· Sensitive Personal Data: only where you voluntarily provide it (for example, a government ID for export/customs compliance, or payment information). We do not request health, biometric, or similarly sensitive categories of data and ask that you not submit such information to us through general support channels.

· User Generated Content: reviews, ratings, comments, testimonials, photographs, videos, survey responses, contest entries, social media interactions, and other content voluntarily submitted by you in connection with the Services.

2.2. Information collected automatically

· Device and technical data: IP address, device type and identifiers, operating system, browser type and settings, network/carrier information, and crash/diagnostic data.

· Usage data: pages and products viewed, search terms, click-stream and navigation paths, session duration, referring/exit pages, and interaction with emails (opens/clicks).

· Location data: approximate geolocation derived from IP address or, with your permission, more precise device location (for example, for store locator or shipping estimates).

· Cookie and tracking data: as described in Section 6 (Cookies, Pixels and Similar Technologies).

· Behavioural and Preference Data: information relating to your browsing patterns, shopping preferences, abandoned carts, product interests, engagement history, inferred interests, purchasing tendencies, and other insights generated from your interactions with the Website, marketing communications, and related digital properties.

2.3. Information from other sources

· Service providers and partners: information received from payment gateways, logistics and fulfilment partners, fraud-prevention vendors, and marketing/analytics platforms (see Section 8).

· Publicly available sources and social media: information you make available on social platforms when you interact with our official pages, or that is otherwise publicly available, used in accordance with applicable law.

· Business partners, distributors and resellers: where you interact with us as a vendor, supplier, or business contact rather than as a consumer.

You may choose not to provide certain Personal Data; however, this may limit or prevent your ability to use certain features of the Website, including placing an order.

3. How We Use Personal Data and Our Legal/Lawful Basis

We process Personal Data only where we have a valid legal basis. The table below maps our principal processing purposes to the corresponding lawful basis under the DPDP Act and applicable Indian law.

Purpose

Examples

Legal / Lawful Basis

Account creation and management

Creating and maintaining your User Account, authentication

Performance of a contract; legitimate interests for account security, fraud prevention, and service administration; consent only for optional account features where specifically requested.

Order fulfilment

Processing payments, arranging shipping, customer invoices, returns/exchanges

Performance of a contract

Customer support

Responding to queries, complaints, and service requests

Performance of a contract; Legitimate interests

Marketing communications

sending newsletters, promotional offers, abandoned-cart reminders, and product updates by email, SMS, WhatsApp, push notification, or similar channels.

Consent where required by applicable law. Where permitted under applicable electronic marketing laws, including any “soft opt-in” rule for existing customers, we may send limited marketing about our own similar products or services, provided you were given an opportunity to opt out at collection and in each subsequent message.

Website analytics and improvement

Understanding usage trends, A/B testing, optimising performance

Legitimate interests; Consent (non-essential cookies)

Personalisation, targeted advertising and retargeting

Recommending products on the Website, personalising content, measuring advertising, and, where applicable, using cookies, pixels, advertising identifiers, or similar technologies to deliver or measure ads across websites or platforms.

Consent where required for non-essential cookies or similar technologies; opt-out rights for sale/sharing or targeted advertising where applicable.

Fraud prevention and security

Screening orders for fraud, securing accounts, preventing abuse

Legitimate interests; Legal obligation

Legal and regulatory compliance

Tax, customs, accounting, responding to lawful requests from authorities

Legal obligation

Establishing, exercising or defending legal claims

Disputes, litigation, regulatory proceedings

Legitimate interests; Legal obligation

We rely on consent or on a specific legitimate use recognised under Section 7 of the DPDP Act, as applicable.

We maintain records of consents obtained, consent preferences, modifications to consent preferences, and withdrawals of consent, where required by applicable law, in order to demonstrate compliance with applicable privacy and data protection obligations.

Where we rely on consent, you have the right to withdraw it at any time, with effect from the time of

withdrawal, as described in Section 14. Where we rely on legitimate interests, we have balanced those interests against your rights and have concluded that our interests are not overridden by the impact on you; you may object to such processing as described in Section 14.

Where we rely on legitimate interests as a legal basis for processing, such interests may include operating and improving our Website and Services, understanding customer preferences, securing our systems, preventing fraud, maintaining business records, communicating with existing customers, protecting legal rights, conducting analytics and business planning, and managing our commercial operations.

We may process Personal Data in connection with additional architectural hardware, home improvement, and related consumer product categories that may be introduced in the future, provided such processing remains consistent with the purposes described in this Policy or is otherwise disclosed to you as required by applicable law.

4. Cookies, Pixels, and Similar Tracking Technologies

We, and our service providers, use cookies, web beacons, pixels, SDKs, and similar technologies ("Cookies") to operate the Website, remember your preferences, measure performance, and deliver relevant advertising. Cookies fall into the following categories:

· Strictly necessary cookies: required for core Website functionality (for example, shopping cart, checkout, login session, and security). These cannot be switched off.

· Performance and analytics cookies: help us understand how visitors use the Website (for example, Google Analytics / Ga4 or equivalent, as applicable.

· Functional cookies: remember your preferences (for example, language, currency, recently viewed items).

· Advertising and targeting cookies/pixels: used by us and our advertising partners (for example, Meta Pixel / Google Ads / Other Ad Platforms to deliver and measure the performance of advertising, including retargeting, on and off the Website.

Where prior consent is required by applicable law, we will not place or read non-essential cookies or similar technologies on your device unless you have first given consent through our cookie banner or preference centre. You may accept all, reject all, or customise non-essential cookie categories, and you may withdraw or change your choices at any time through the Cookie Preference Centre. Strictly necessary cookies that are required to provide core Website functionality may be used without consent, but only for those essential purposes.

We do not currently alter our data collection practices in response to browser "Do Not Track" signals. Where we detect a Global Privacy Control or other legally recognised opt-out preference signal, we will treat it as a valid request to opt out of sale/sharing or targeted advertising for the browser or device through which the signal is sent and, where we are able to reasonably associate that signal with your account or profile, for that account or profile as well. We will not require you to provide additional information solely to honour such signal, except where necessary to associate the request with an account or to comply with applicable law.

We maintain and make available a current cookie inventory identifying the categories of cookies and similar technologies used on the Website, the provider of each technology, the purposes for which it is used, and applicable retention periods. Such information is available through our Cookie Preference Centre and may be updated periodically.

5. Automated Decision-Making, Profiling, and Personalisation

We use analytics and, where applicable, automated tools to recommend products, personalise content, detect fraud, support customer service, and measure advertising performance. These tools may involve profiling, but we do not use solely automated processing to make decisions that produce legal or similarly significant effects on you, such as denying you access to the Website or materially varying prices solely on the basis of automated profiling. If we introduce such processing, we will provide any additional notice, rights, safeguards, and human review required by applicable law.

We may use artificial intelligence, machine learning, predictive analytics, recommendation engines, fraud detection technologies, customer support automation tools, and similar technologies to improve our Services, personalise customer experiences, detect suspicious activity, improve operational efficiency and assist customer support personnel. Such technologies are not intended to make decisions producing legal or similarly significant effects solely through automated means. Where applicable law grants rights relating to automated decision-making or profiling, individuals may exercise such rights by contacting us using the details provided in Section 18.

6. How We Share and Disclose Personal Data

We do not sell Personal Data for monetary consideration. However, certain disclosures of identifiers, device data, internet activity, or usage data to advertising or analytics partners may be considered “sharing” for cross-context behavioural advertising, or “sale” under some U.S. state privacy laws, even where no money is exchanged. Where such laws apply, you may opt out as described in this Policy.

We disclose Personal Data only as described below and, in each case, only to the extent necessary for the relevant purpose:

· Payment processors: Razorpay / Snapmint to process your payment securely.

· E-commerce platform and IT infrastructure providers: including our hosting/e-commerce platform Shopify and cloud hosting providers at Shopify

· Logistics, fulfilment and customs partners: Delhivery, Shadowfax, XpressBees, DP World, to deliver your orders and complete customs formalities for cross-border shipments.

· Customer relationship management and customer support platforms: Freshworks to manage your account relationship and support requests.

· Analytics, marketing and advertising platforms: Google & META , to measure and improve the Website and our marketing, subject to Section 4.

· Professional advisors and auditors: lawyers, accountants, insurers, and auditors, on a need-to-know basis.

· Corporate group: other entities within the Ozone group of companies, where necessary for internal administration, customer support, fraud prevention, legal compliance, shared IT systems, or where you interact with more than one of our brands, provided such sharing is limited to purposes consistent with this Policy or otherwise notified to you as required by applicable law.

· Government and regulatory authorities and law enforcement: where required to comply with a legal obligation, a valid legal process, or to protect the rights, property, or safety of the Company, our users, or the public.

· Business transactions: in connection with a merger, acquisition, financing, reorganisation, bankruptcy, or sale of business assets, subject to appropriate confidentiality and, where required by law, notice to you.

We require our service providers and processors to handle Personal Data only on our documented instructions, under written agreements (including, where applicable, data processing agreements/addenda) that impose confidentiality, security, sub-processor flow-down, deletion/return, and audit obligations consistent with applicable law.

We maintain an inventory of key categories of service providers engaged by us, including hosting providers, payment processors, logistics providers, customer relationship management providers, analytics providers, customer support providers, marketing platforms, cloud service providers, and fraud prevention providers. Such providers are granted access to Personal Data only to the extent necessary to perform services on our behalf.

Certain service providers engaged by us may utilise approved subcontractors or sub-processors. We require our service providers to impose privacy, confidentiality and security obligations on such sub-processors that are substantially equivalent to those imposed on the primary service provider.

7. Cross-Border Data Transfers

Personal Data we collect may be stored, processed, and transferred to India and to other countries where we, our affiliates, or our service providers operate (for example, where our hosting, payment, logistics, or analytics providers are located). We implement appropriate contractual, technical, and organisational safeguards for any such transfers.

  • Cross-border transfers of Personal Data are governed by applicable Indian law and are permitted except to countries restricted by the Central Government from time to time; we monitor and comply with any such restrictions.
  • A current list of the categories of cross-border recipients is set out in Section 6 above. You may request further details of the safeguards applicable to a specific transfer by contacting us using the details in Section 18.

  • Where required by applicable law, we may conduct transfer impact assessments or comparable evaluations before transferring Personal Data outside India. Such assessments are designed to identify risks associated with the transfer and determine whether supplementary contractual, technical or organisational safeguards are required.

Depending on the nature of the transfer and the Personal Data involved, supplementary safeguards may include encryption, pseudonymisation, access controls, contractual restrictions on onward transfers, vendor due diligence, security audits and other measures designed to protect Personal Data during cross-border transfers.

8. Data Retention

We retain Personal Data only for as long as reasonably necessary to fulfil the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, tax, or reporting requirements, or to establish, exercise, or defend legal claims. Indicative retention periods are:

· Account and profile data: for as long as your User Account remains active, and for up to [365] days after account deactivation or a deletion request, unless a longer period is required by law (for example, accounting and tax records, which we generally retain for [8] years in India).

· Order and transaction records: for the period required under applicable consumer protection, accounting, and tax laws.

· Customer support records: for [24] months after resolution, to handle follow-up queries and for quality assurance, unless a complaint or dispute requires longer retention.

· Marketing data: until you withdraw consent or opt out, and for a reasonable period thereafter to give effect to your request and maintain suppression lists.

· Cookie and analytics data: in accordance with the retention periods of the underlying tool, generally not exceeding [13] months for non-essential cookies, unless refreshed by renewed consent.

Where we no longer need Personal Data for these purposes, we will securely delete, anonymise, or aggregate it.

Where processing is based on consent and you withdraw consent, or where the specified purpose for which Personal Data was collected is no longer being served, we will cease processing and delete or anonymise the relevant Personal Data unless retention is necessary for legal compliance, accounting, tax, fraud prevention, dispute resolution, enforcement of legal rights, or another purpose permitted by applicable law.

9. Data Security

We implement reasonable and appropriate technical and organisational security measures designed to protect Personal Data against unauthorised access, accidental loss, misuse, alteration, or destruction, having regard to the nature, scope, and sensitivity of the Personal Data processed and the state of the art. These measures include:

· Encryption of data in transit using current industry-standard transport security protocols (TLS 1.2 or higher), and encryption of sensitive data at rest where appropriate.

· Access controls, role-based permissions, and authentication safeguards limiting access to Personal Data to personnel and service providers who need it to perform their functions.

· Network security measures, including firewalls and continuous monitoring for anomalous or fraudulent activity.

· Vendor and processor due diligence, including contractual security obligations and, where appropriate, independent certifications (for example, ISO 27001 or SOC 2) of key service providers.

· Regular review of our security practices and employee training on data protection and information security.

· Use of appropriate data protection techniques such as masking, obfuscation, pseudonymisation, tokenisation, or equivalent measures where appropriate to the nature and sensitivity of the Personal Data.

· Maintenance of access logs, monitoring mechanisms, and records reasonably necessary to detect, investigate, and remediate unauthorised access or Personal Data breaches, subject to applicable law and retention requirements.

· Business continuity and backup measures designed to preserve availability and restore access to Personal Data in the event of accidental loss, corruption, or security incidents.

No method of transmission or storage is completely secure, and we cannot guarantee absolute security. If we become aware of a Personal Data breach that is likely to result in risk to your rights, we will notify the competent supervisory/regulatory authority and affected individuals in accordance with applicable law and the timelines summarised below.

Jurisdiction

Notification to authority

Notification to individuals

India (DPDP Act)

To the Data Protection Board of India without delay after becoming aware of a Personal Data breach, with an initial description of the breach and its likely impact, followed by detailed particulars within the period prescribed under the DPDP Rules, including any 72-hour detailed report or other follow-up information required by law.

To affected Data Principals without delay after becoming aware of a Personal Data breach, in the form and manner prescribed by applicable law, including available information about the nature, extent, timing, likely consequences, mitigation measures, safety measures that may be taken by affected individuals, and contact details for queries.

We seek to integrate privacy and data protection considerations into the design, development, implementation and operation of our products, services, systems and business processes in accordance with recognised privacy-by-design and security-by-design principles.

We maintain documented incident response procedures designed to identify, investigate, assess, contain, remediate and document actual or suspected security incidents involving Personal Data. Such procedures include escalation processes, risk assessments, internal reporting obligations and notification mechanisms where required by law.

10. Children’s Privacy

The Website and our products are intended for adults and for individuals who are legally capable of entering into contracts in their jurisdiction. The Website is not directed to children. We do not knowingly process Personal Data of individuals under 18 years of age unless verifiable consent from a parent or lawful guardian has been obtained in accordance with the DPDP Act, or unless another processing basis is expressly permitted by applicable law. If you are a parent or guardian and believe that a child has provided us with Personal Data in a manner inconsistent with applicable law, please contact us and we will take appropriate steps to delete such information or obtain required consent.

We do not knowingly undertake behavioural monitoring, targeted advertising, profiling, or tracking of children where restricted by applicable law. If we become aware that such processing has occurred in relation to a child in a manner inconsistent with applicable law, we will take reasonable steps to stop such processing and delete or de-identify the relevant Personal Data unless retention is legally required.

If we determine that Personal Data of a child has been collected in a manner inconsistent with applicable law, we will take reasonable steps to delete such Personal Data and terminate any associated account, unless retention is required by law.

 

11. Marketing Communications and Your Preferences

We will only send you direct marketing communications by email, SMS, or WhatsApp where we have your consent or another valid legal basis recognised in your jurisdiction. You may opt out of marketing communications at any time by using the "unsubscribe" link in our emails, replying "STOP" to SMS/WhatsApp messages, or updating your communication preferences in your account settings, or by contacting us using the details in Section 18. Opting out of marketing communications does not affect transactional or service messages (such as order confirmations) which we may continue to send.

12. Your Privacy Rights

Subject to applicable law and to certain exceptions, you may have the following rights in relation to your Personal Data:

· Right of access / right to know: to obtain confirmation of, and a copy of, the Personal Data we hold about you, and information about how it is processed.

· Right to correction / rectification: to request correction of inaccurate or incomplete Personal Data.

· Right to update: to request that we update your Personal Data, including contact and account details.

· Right to erasure / deletion: to request deletion of your Personal Data, subject to our legal retention obligations.

· Right to restrict processing: to request that we limit how we use your Personal Data in certain circumstances.

· Right to data portability, where recognised by applicable law: to receive certain Personal Data you provided to us in a structured, commonly used, machine-readable format, and to have it transmitted to another controller, where technically feasible.

· Right to object: to object to processing based on legitimate interests or for direct marketing purposes, including profiling related to direct marketing.

 

· Right to withdraw consent: to withdraw consent at any time, with effect from the date of withdrawal, without affecting the lawfulness of processing carried out before withdrawal.

· Right to non-discrimination, where recognised by applicable law: we will not unlawfully discriminate or retaliate against you for exercising privacy rights, including by denying service or charging different prices, except where a difference is reasonably related to the value of the data or otherwise permitted by applicable law.

· Right to lodge a complaint / grievance redressal: to lodge a complaint with us in the first instance (Section 18), and thereafter with the competent supervisory authority or, in India, the Data Protection Board of India.

To exercise these rights, please contact us using the details in Section 18. Before responding to a privacy rights request, we may take reasonable steps to verify the identity of the requesting individual. Verification measures may include account authentication, confirmation of contact information, transaction verification, identity documentation or other information reasonably necessary to confirm identity and prevent unauthorised disclosures. You may designate an authorised agent to act on your behalf, subject to proof of authorisation. We will respond within the time period required by applicable law, and in any event without undue delay.

13. Region-Specific Disclosures

 

13.1. India – Digital Personal Data Protection Act, 2023

The Company acts as the "Data Fiduciary" in respect of Personal Data processed through the Website for users in India. In addition to the rights in Section 12, Data Principals in India have the following rights and protections under the DPDP Act:

· Right to access a summary of Personal Data processed and the processing activities undertaken, and the identities of Data Processors with whom Personal Data has been shared.

· Right to correction, completion, updating, and erasure of Personal Data, in accordance with the purposes for which it was processed.

· Right to grievance redressal: you may file a grievance with our Grievance Officer using the contact details below. We will acknowledge, review, and respond to grievances within the period prescribed under applicable law. If you are not satisfied with our response or if the grievance is not resolved within the prescribed period, you may escalate the matter to the Data Protection Board of India in the manner prescribed under applicable law.

· Right to nominate: you may nominate another individual to exercise your rights under the DPDP Act in the event of your death or incapacity, by writing to our Grievance Officer.

 

· Consent Manager: where we make a registered Consent Manager available, you may give, manage, review, and withdraw your consent through that Consent Manager.

Grievance Officer (India): Maneesh Kumar, Grievance Officer, Maneesh.k@ozone-india.com, 137, Shankar Chowk Rd, Udyog Vihar Phase 1, Udyog Vihar, Sector 20, Gurugram, Haryana 122016

Data Principals are required to comply with applicable obligations under the DPDP Act, including providing authentic information where required by law, exercising rights lawfully, and complying with applicable legal requirements relating to personal data submitted to us.

If we are notified as a Significant Data Fiduciary under the DPDP Act, we will additionally appoint and publish the contact details of a Data Protection Officer based in India.

If you remain dissatisfied after exhausting our grievance redressal process, you may file a complaint with the Data Protection Board of India in the manner prescribed under applicable law.

14. Withdrawing Consent and Managing Your Account

Where our processing is based on consent, you may withdraw it at any time, free of charge and as easily as it was given, by adjusting your account/communication settings, using the cookie preference centre, or contacting us using the details in Section 18. Withdrawing consent will not affect the lawfulness of processing carried out before withdrawal, and may limit our ability to continue providing certain Services to you (for example, fulfilling an order already in progress). You may deactivate or request deletion of your User Account at any time through your account settings or by contacting us; deletion will be carried out in accordance with Section 8, subject to our retention obligations under Section 8.

15. Third-Party Websites and Links

The Website may contain links to, or integrations with, third-party websites, applications, and services that we do not own or control, including social media plug-ins and payment gateways. This Policy does not apply to those third parties. We encourage you to review the privacy policies of any third-party site or service before providing your Personal Data.

16. Changes to This Privacy Policy

We may update this Policy from time to time to reflect changes in our practices, the Services, or applicable law. We will post the revised Policy on the Website and update the "Last updated" date above. Where changes are material, we will provide additional notice (for example, by email or a prominent Website notice) and, where required by applicable law, will seek your renewed consent before applying the changes to previously collected Personal Data. Your continued use of the Website after an update will be subject to the revised Policy from its effective date, but where applicable law requires notice, opt-out, or renewed consent for a new processing activity, we will provide such notice, opt-out, or request for consent before applying the change to you.

17. Governing Law and Jurisdiction

This Policy is governed by the laws of India. The courts at New Delhi, India, shall have exclusive jurisdiction over disputes arising out of or in connection with this Policy.

 

18. Grievance Redressal and How to Contact Us

The Company is the controller/data fiduciary responsible for the processing of Personal Data described in this Policy.

If you have questions, concerns, or complaints about this Policy or our data practices, or wish to exercise any of the rights described above, please contact us at:

Grievance Officer / Privacy Contact: Maneesh Kumar // Grievance Officer

 

Privacy Contact Email: maneesh.k@ozone-india.com

Address: Ozone Secutech, Udyog Vihar Sector 19, Plot 137, Udyog Vihar Phase-1, Gurugram, Haryana – 122016, India

We will acknowledge and seek to resolve your request within the time limits prescribed by applicable law.