Privacy Policy

1. Introduction

Depistage Services Private Limited ("Company", "we", "our", or "us") is committed to protecting the privacy, confidentiality, and security of personal data entrusted to us. As a provider of background screening, due diligence, and risk intelligence services, we recognize the sensitive nature of the information we handle and adhere to strict data protection and information security practices.

This Privacy Policy outlines how we collect, process, use, store, disclose, and safeguard personal data when individuals interact with our website or communicate with us.

By accessing or using our website, you acknowledge that you have read and understood this Privacy Policy and agree to its terms.

2. Company Information

Depistage Services Private Limited

223, Radheyshyam Abhishek, Eldeco Udyan 1, Dilkusha, Lucknow, Uttar Pradesh – 226002, India

Phone: +91 7897770575

Email: priyanshishrivastava87@gmail.com

3. Regulatory and Compliance Framework

We process personal data in compliance with applicable data protection laws and globally recognized standards, including:

• General Data Protection Regulation (GDPR) – EU/UK
• Digital Personal Data Protection Act, 2023 (India)
• ISO/IEC 27001 – Information Security Management System (ISMS)
• ISO/IEC 27701 – Privacy Information Management System (PIMS)

Our policies, processes, and controls are designed to ensure: Lawful and transparent data processing, Strong information security governance, Privacy by design and by default, Accountability and audit readiness.

4. Scope of This Privacy Policy

This Privacy Policy applies to:

• Visitors to our website
• Individuals who submit enquiries or contact us
• Prospective clients, vendors, and partners
• Users interacting with our digital platforms

Important: This policy does not govern data processed under client-specific agreements for background verification services, which are covered under separate contractual arrangements such as Data Processing Agreements (DPAs).

5. Categories of Personal Data Collected

6. Purpose of Processing Personal Data

We process personal data for the following purposes:

7. Lawful Basis for Processing (GDPR Compliance)

We process personal data based on one or more of the following lawful bases:

• Consent (where explicitly obtained)
• Legitimate Interests (business communication and service improvement)
• Contractual Necessity (pre-contractual discussions or agreements)
• Legal Obligations (regulatory compliance)

8. Data Protection Principles

In accordance with GDPR and DPDP Act, we adhere to the following principles:

• Lawfulness, Fairness, and Transparency
• Purpose Limitation
• Data Minimization
• Accuracy and Data Quality
• Storage Limitation
• Integrity and Confidentiality
• Accountability and Governance

9. Data Sharing and Disclosure

We do not sell or rent personal data. However, we may share data in the following circumstances:

10. Cross-Border Data Transfers

Where personal data is transferred across jurisdictions:

• Transfers are conducted in compliance with GDPR and DPDP requirements
• Appropriate safeguards are implemented, such as: Standard contractual clauses, Secure data environments, Restricted access controls

11. Data Retention Policy

We retain personal data only for as long as necessary to:

• Fulfill the purpose of collection
• Meet legal, regulatory, and contractual obligations
• Resolve disputes and enforce agreements

Upon expiry of retention periods, data is: Securely deleted, or Anonymized for analytical use.

12. Information Security Measures (ISO 27001 Alignment)

We implement comprehensive technical and organizational security controls, including:

• Encryption of data in transit (SSL/TLS) and at rest
• Role-Based Access Control (RBAC)
• Secure authentication and authorization mechanisms
• Network security (firewalls, intrusion detection systems)
• Continuous monitoring and logging
• Vulnerability management and periodic testing
• Incident response and breach management procedures
• Vendor risk assessment and access control

We regularly review and update our security measures to mitigate emerging risks.

13. Data Subject Rights

14. Grievance Redressal Mechanism (DPDP Compliance)

We maintain a grievance redressal mechanism to address concerns related to data processing.

Grievance Officer / Contact:

Depistage Services Private Limited

Email: priyanshishrivastava87@gmail.com

Phone: +91 7897770575

All complaints will be acknowledged and addressed within reasonable timelines in accordance with applicable laws.

15. Children's Data Protection

• Our website is not intended for individuals below 18 years of age
• We do not knowingly collect personal data from minors
• Any such data identified will be deleted promptly

16. Third-Party Websites

Our website may include links to third-party websites:

• We do not control these websites
• We are not responsible for their privacy practices or content
• Users should review third-party privacy policies independently

17. Cookies and Tracking Policy

We use cookies to:

• Enable website functionality
• Improve performance
• Analyze usage trends

Users can control cookie settings via their browser. Disabling cookies may impact functionality.

18. Data Breach and Incident Response

In the event of a data breach:

• We will follow established incident response protocols
• Assess and contain the breach promptly
• Notify affected parties and authorities where required by law
• Take corrective actions to prevent recurrence

19. Changes to This Privacy Policy

• This Privacy Policy may be updated periodically
• Updates will be published on this page
• Continued use of the website constitutes acceptance of revised policy

20. Contact Information

For any privacy-related queries, requests, or concerns:

Depistage Services Private Limited

223, Radheyshyam Abhishek, Eldeco Udyan 1, Dilkusha, Lucknow, Uttar Pradesh – 226002, India

Phone: +91 7897770575

Email: admin@depistageservices.com