Drishtipath Market Research and Technology Pvt. Ltd. ("the Company", "we", "our", "us") is committed to handling personal, organisational, and sensitive information in a lawful, fair, transparent, and secure manner. This Privacy Policy explains the types of data we collect, why we collect it, how we use and protect it, and your rights in relation to your personal data.
1. Purpose
We collect and use data for the following purposes:
- Service Delivery — Market research, data analysis, business intelligence, feasibility studies; social surveys, behavioral research, demographic studies, monitoring & evaluation (M&E); digital marketing, branding, advertising, outreach; and professional home and facility management services.
- Client & Partner Engagement — To fulfil contracts, communicate with clients, partners and stakeholders, and to customise and improve research design, marketing strategies, and service offerings.
- Research, Reporting & Insights — To collect, analyse and present data via reports, dashboards and knowledge products; contribute to evidence-based policymaking, development programmes and academic research; and generate anonymised/aggregated insights.
- Legal & Regulatory Compliance — To comply with applicable laws including the Digital Personal Data Protection Act, 2023 (DPDP Act), GDPR where applicable, taxation, audit and government reporting requirements, and to respond to lawful requests by regulators or courts.
- Business Operations & Improvement — Hiring, training and managing staff and contractors; developing software and survey tools; finance, billing and payment processing; and service performance evaluation.
- Communication & Marketing — Newsletters, campaigns and promotional materials where consent is given; client relationship management and feedback; and audience segmentation for targeted campaigns.
- Safety & Security — To ensure confidentiality, integrity and availability of data; prevent fraud and unauthorised access; monitor compliance with ethical standards; and run incident response procedures.
2. Information We Collect
Depending on the services provided, we may collect:
- Personal Identification Data — Name, date of birth, gender, nationality, government-issued IDs (where lawfully required), contact details (address, email, phone).
- Professional & Organisational Data — Employment details, job titles, organisation affiliation for B2B engagements.
- Research & Survey Data — Questionnaire responses, interviews, focus group inputs, opinions, preferences and demographic characteristics. Sensitive data (e.g., health, social status, financial) is only collected with informed consent.
- Digital Interaction Data — Device identifiers, browser types, IP addresses, geolocation (where applicable), activity logs, cookies and tracking technologies for analytics and performance improvement.
- Marketing & Communication Data — Newsletter and campaign preferences, and records of communications with us.
- Financial Data — Bank or payment details required for billing, vendor invoices and payment histories.
- Employee & Contractor Data — HR records, background verification, training records, certifications and contracts.
- Third-Party & Publicly Available Data — Information from government publications, public databases and lawful third-party sources.
Children’s Data
We treat children’s data with additional care:
- Definition: Individuals under 18 in India (DPDP Act, 2023) and under 16 in the EU/EEA (or lower age permitted by local law, but not below 13 under GDPR).
- Consent: Collected only with verifiable parental/guardian consent.
- Types: Age, gender, academic progress and survey responses strictly for research, evaluation or educational purposes. Sensitive categories require explicit consent.
- Use Restrictions: Not used for profiling, targeted marketing or advertising; anonymised or pseudonymised when possible.
- Safeguards: Access limited to trained staff; strict access control and secure storage.
- Parental Rights: Parents/guardians may access, correct, request deletion of their child’s data, and withdraw consent at any time.
3. Lawful Basis for Processing
We rely on one or more lawful bases including:
- Consent of the data subject.
- Performance of a contract.
- Compliance with legal obligations.
- Legitimate interests pursued by the Company.
- Public interest, research and statistical purposes with appropriate safeguards.
4. Data Security Measures
We implement industry-standard technical and organisational safeguards including:
- Encryption at rest and in transit.
- Role-based access control, strong passwords and multi-factor authentication.
- Secure servers, firewalls and intrusion detection systems.
- Data minimisation and retention limits.
- Regular security audits, monitoring and vulnerability assessments.
- Staff training on confidentiality, data handling and ethics.
- Incident response protocols including legal notifications where required.
- Vendor compliance enforced via contracts and audits.
- Physical security measures for office and paper records.
5. Data Sharing & Disclosure
We share data only under strict safeguards:
- Clients & Partners — Aggregated or anonymised findings. Identifiable data only when contractually necessary and with consent.
- Vendors & Contractors — Third parties may process data to perform services on our behalf and are bound by confidentiality and data protection agreements.
- Regulators & Authorities — Disclosed where required by law, regulation, or court order.
- International Transfers — Cross-border transfers are subject to applicable laws and contractual safeguards; we transfer only to jurisdictions with adequate protection or under safeguards.
- Restrictions — We do not sell, trade or rent personal data for profit. Marketing use is limited to Company communications with appropriate consent.
6. Data Subject Rights
Where applicable, individuals have rights to:
- Access their personal data.
- Correct or rectify inaccuracies.
- Withdraw consent.
- Request deletion (erasure).
- Restrict processing.
- Data portability (where applicable).
- Lodge complaints with supervisory authorities.
Requests can be submitted to our Data Protection Officer (DPO) using the contact details below.
7. Updates to Policy
Drishtipath Market Research and Technology Pvt. Ltd. may review and update this Privacy Policy to reflect changes in law, services, technology or business practices. The latest version will be available on our website. We may notify affected individuals of material changes; otherwise the updated policy is effective once published.
The "Last Updated" date at the top of this page indicates when the policy was last revised; continued use of our services after an update constitutes acceptance of the revised terms.
8. Contact Information
To ask questions, exercise your data rights, or raise concerns, contact our Data Protection Officer (DPO):
- Email: dpmrtindia@gmail.com
- Phone: +91 97336 68887
- Address: Government Colony, Opposite of Kishan Mandi, Ward No- 3, Barail, P.O Buniadpur, P.S Banshihari, Dakshin Dinajpur, 733121, West Bengal, India.
© Drishtipath Market Research and Technology Pvt. Ltd. All rights reserved.