Menu
Account

Privacy Policy

At Yugalinks Global Connect Pvt Ltd, we take your privacy seriously and are committed to maintaining the confidentiality, integrity, and security of your personal and business information. This Privacy Policy outlines how we collect, use, disclose, and protect your data when you interact with our services, whether as a customer, supplier, or visitor to our website.

We recognize the importance of safeguarding the trust you place in us and prioritize transparency in all aspects of our data practices. Our approach adheres to both national regulations, such as the Information Technology Act 2000 and its rules, and international standards in data privacy.

This policy aims to help you understand the nature of the data we collect, why we collect it, and the steps we take to ensure your information remains protected at all times. By continuing to use our website and services, you consent to the terms outlined here. If you have any concerns or questions, please feel free to contact us using the details provided at the end of this policy.

Introduction

 

At Yugalinks Global Connect Pvt Ltd, we are committed to maintaining the highest standards of privacy and data protection for all individuals and businesses that engage with us. This Privacy Policy serves as a comprehensive document that explains how we handle, collect, use, store, and protect your data. Whether you are a customer, supplier, or simply a visitor exploring our website, your trust and the confidentiality of your information are our top priorities.

Our goal is to provide clear and transparent information on our practices to empower you to make informed decisions about how your data is shared with us. By outlining this policy, we aim to establish a foundation of trust, demonstrating our commitment to safeguarding sensitive information, adhering to relevant legal frameworks, and using your data responsibly to enhance your experience with us.

This Privacy Policy applies to all individuals who access our services, including the use of our website, registration as customers or suppliers, and any communication with Yugalinks through electronic or offline channels. Specifically, it covers personal data (such as name, contact details, and business identification information), as well as technical data (such as cookies, IP addresses, and other metadata). It outlines the lawful ways in which we process this data, ensuring our compliance with applicable regulations including but not limited to the Information Technology Act 2000 and data privacy laws relevant to international trade and e-commerce operations.

Our approach to data protection goes beyond legal compliance. We continuously enhance our security infrastructure and privacy policies to align with evolving standards. We encourage users to carefully review this policy to understand their rights, the types of data collected, and the specific purposes for which it is used. By engaging with our services, you acknowledge and agree to the practices described herein.

If at any point you feel that your data privacy concerns are not adequately addressed, we invite you to reach out to our dedicated support team or the grievance officer mentioned in this policy. Your feedback is invaluable and helps us improve our systems and services. Through this commitment to transparency and protection, we seek to create a reliable and trustworthy environment where businesses and individuals can focus on growth, innovation, and collaboration with peace of mind.

Definitions

To ensure clarity and understanding throughout this Privacy Policy, it is important to define certain key terms used within this document. These definitions will help customers, suppliers, and other stakeholders better comprehend the specific meanings and implications of terms related to data collection, usage, and privacy. Below are the key terms and their respective definitions.

 

1.Personal Data

Refers to any information that identifies or can be used to identify an individual directly or indirectly. This includes, but is not limited to, name, contact information, identification numbers, location data, and any other identifiers that can uniquely pinpoint an individual.

 

2.Business Data

Information related to businesses and organizations, such as company name, registration details (e.g., GST, IEC), transaction records, and certifications. This category primarily pertains to our interactions with suppliers, manufacturers, and customers engaged in B2B commerce.

 

3.Customers

Refers to individuals, businesses, or organizations who utilize our platform for purchasing, exporting, or engaging in other services provided by Yugalinks Global Connect Pvt Ltd. Customers include both domestic and international entities.

 

4.Suppliers

Defined as businesses, manufacturers, or service providers who collaborate with Yugalinks to offer goods or services. Supplier data includes business profiles, contracts, certifications, and representative contact details.

 

5.Sensitive Personal Information (SPI)

This refers to specific categories of personal data that are particularly sensitive, such as financial data (bank account details, payment methods), authentication credentials, and identification numbers like PAN or Aadhaar. Handling SPI is subject to stringent legal requirements and additional safeguards.

 

6.Data Processing

The act of collecting, storing, managing, and using data to fulfill specific business or service purposes. This can include activities such as analyzing data, sharing it with third parties, or utilizing it for marketing and operational purposes.

 

7.Cookies

Small text files stored on a user’s device when visiting a website. These files collect information about browsing preferences and behavior, helping to enhance user experience and enable targeted services.

 

8.Third Parties

External organizations, service providers, or partners who assist Yugalinks in delivering its services, such as logistics companies, payment gateways, and government bodies like FIEO or DGFT. Third parties may also include entities responsible for analytics and marketing.

 

9.Consent

The explicit agreement provided by users, either through affirmative action or written acknowledgment, to permit Yugalinks to collect, process, and use their data for specified purposes. Consent may be withdrawn at any time under applicable laws.

 

10.Grievance Officer

A designated individual at Yugalinks responsible for addressing complaints and concerns related to data privacy. This officer ensures compliance with legal regulations and resolves user grievances in a timely manner.

 

11.Data Breach

An unauthorized access, use, disclosure, or compromise of personal or business data. Yugalinks is committed to implementing robust security measures to prevent such incidents and to notify affected parties promptly in the event of a breach.

 

12.Regulatory Bodies

Organizations such as Federation of Indian Export Organisations (FIEO) and Directorate General of Foreign Trade (DGFT) that oversee, regulate, and facilitate compliance with trade and data protection laws relevant to our business operations.

 

By defining these terms, Yugalinks Global Connect Pvt Ltd seeks to provide users with a transparent and accessible understanding of the terminology used throughout our privacy practices. These definitions are critical to building trust and ensuring that all stakeholders feel informed about their interactions with Yugalinks and their rights in the context of data protection. If any terms remain unclear, we encourage users to contact us for further clarification.

Information We Collect

The collection of information is essential to providing our customers and suppliers with seamless and secure services. The data we collect varies based on the user’s interaction with our platform, whether as a customer, supplier, or website visitor. This section outlines the types of information we gather, the methods of collection, and the reasons for doing so.

 

Information Collected from Customers

As part of our B2B services, we collect various forms of customer information, which can broadly be categorized as follows.

 

a) Personal Information

  • Name, contact number, and email address of individuals or representatives managing the business.
  • Identification details such as PAN card, Aadhaar number (if applicable), or any similar legally mandated ID.

b) Business Information

  • Company name, GSTIN, and Importer Exporter Code (IEC).
  • Nature of business, product categories, and areas of operation.

c) Transaction and Financial Information

  • Purchase and payment details, including invoices and payment method (bank account or payment gateway details).
  • Data related to export documentation, including RCMC (Registration Cum Membership Certificate).

d) Technical Data

  • Device details (type, operating system, browser type).
  • IP address, geolocation, and browsing history.
  • Information collected through cookies (preferences, session data, and user behavior on the site).

 

Information Collected from Suppliers

Our partnerships with suppliers require the collection of specific business and representative information to facilitate trade operations. The types of supplier data we collect include.

a) Business Information

  • Company registration details and licenses required for B2B activities.
  • Product catalog, manufacturing capabilities, and certifications, such as ISO.

b) Representative Information

  • Names, contact numbers, and official email addresses of supplier representatives managing communications or contracts.

c) Transaction History

  • Records of trade volumes, contractual agreements, pricing data, and delivery schedules.

 

Information Collected Automatically

To improve user experience and optimize our website performance, we automatically collect certain data when you interact with our platform.

  • Website usage metrics, including pages visited, time spent on the site, and navigation patterns.
  • IP address and general geolocation data for identifying service access trends.
  • Logs and reports related to website errors and technical diagnostics.

 

How We Collect Information

We obtain data using a variety of methods, tailored to user convenience and legal compliance

  • Direct Collection: Information provided by customers or suppliers via registration forms, trade inquiries, or subscription to newsletters.
  • Automated Collection: Data obtained through cookies, web beacons, or analytics tools integrated into our website.
  • Third-Party Sources: Information shared by authorized third parties, such as partner organizations, regulatory bodies (e.g., FIEO or DGFT), or logistics providers involved in delivering services.

 

Purpose of Data Collection

The information collected is vital for ensuring smooth operations and delivering value to our stakeholders. The key purposes include.

  • Facilitating Services: Enabling B2B transactions, export documentation, and other trade-related operations.
  • Communication: Sharing important updates, responding to inquiries, and ensuring proactive customer support.
  • Compliance: Meeting legal and regulatory obligations, such as taxation and export/import laws.
  • Improvement: Enhancing the functionality of our platform based on usage metrics and feedback.
  • Marketing: Sharing relevant updates about our services, new features, or opportunities with consent.

 

Security of Collected Information

All information collected is processed and stored in secure environments. We use industry-standard encryption for sensitive data and ensure restricted access to business-critical information. Our systems are designed to protect against unauthorized access, breaches, and misuse.

How We Collect Information

We strive to ensure that the process of collecting information is transparent, lawful, and respectful of user privacy. Our methods are designed to gather only the information that is necessary to deliver our services effectively, support our customers and suppliers, and comply with applicable regulations. This section explains the various ways we collect data and how each method aligns with our commitment to privacy and data security.

 

Methods of Information Collection

We use several approaches to collect data from customers, suppliers, and visitors. These include:

 

a) Direct Collection from Users

This involves information voluntarily provided by users when they engage with Yugalinks. Examples include:

  • Account Registration: Users fill out forms to create accounts, where we collect details such as name, email address, business name, GST number, and contact details.
  • Service Requests: Customers and suppliers provide additional information when requesting export documentation assistance, seeking government incentives, or subscribing to newsletters.
  • Communication: Information is shared through emails, phone calls, or in-person meetings, particularly during trade inquiries or issue resolution.

 

b) Automated Data Collection

We employ technology to collect data automatically when users interact with our platform. Key methods include:

  • Cookies and Tracking Tools: These small text files are stored on your device and help track user preferences, session details, and navigation behavior on our website. Cookies help enhance functionality and offer a personalized experience.
  • Web Analytics: Tools like Google Analytics may be used to monitor website performance, track usage patterns, and gather demographic insights.
  • Log Files: Our system automatically captures data such as IP addresses, browser type, and access times for security and diagnostic purposes.

 

c) Collection from Third Parties

In some cases, we may collect data through authorized third-party sources, such as:

  • Regulatory Bodies: Data related to certifications or registrations (e.g., RCMC, IEC) is obtained from FIEO or DGFT for customers requiring export facilitation.
  • Service Partners: Payment gateways, logistics providers, and marketing partners may share data required for smooth service delivery and operational compliance.

Users may also provide information by participating in platform features, such as:

  • Customer satisfaction surveys.
  • Feedback forms for service improvements.
  • Online chats or forums hosted by Yugalinks for user engagement.

 

Steps in the Data Collection Process

 

1.User Consent

Before collecting any information, we obtain explicit user consent where required by law. For automated processes, users are notified about the collection of data via cookie policies and website banners.

 

2.Minimal Data Collection

We follow the principle of data minimization, collecting only what is absolutely necessary for the stated purposes.

 

3.Transparency

During the data collection process, users are informed about why the information is needed, how it will be used, and their rights regarding the data.

 

4.Secure Data Transmission

All data is transmitted through secure channels, using encryption protocols like SSL/TLS to prevent interception during the collection process.

 

Scenarios in Which We Collect Information

 

1.For Customers

  • When registering an account or subscribing to services.
  • While submitting export documentation requirements.
  • During financial transactions and payment processing.

2.For Suppliers

  • When registering a supplier profile.
  • While uploading business certifications or compliance documents.
  • During contract negotiations or trade partnerships.

3.For Website Visitors

  • When browsing the website or interacting with product/service listings.
  • When clicking on advertisements or subscribing to newsletters.
  • While interacting with on-site tools like product finders or shipping estimators.

 

Legal and Ethical Compliance

All data collection practices align with the applicable Indian regulations, including the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and any relevant global data protection laws. We ensure the following

  • User consent is always obtained in compliance with legal standards.
  • No data is collected from individuals under the age of 18 without verifiable parental consent.
  • Data collection methods are reviewed periodically to maintain compliance with evolving privacy standards.

 

User Control and Preferences

We empower users to control the information collected through tools and features such as:

  • Cookie Preferences: Allowing users to accept, decline, or customize cookie settings.
  • Opt-Out Features: Users can opt out of marketing communications or surveys at any time.
  • Data Access Requests: Customers and suppliers can request access to, or deletion of, their data by contacting us directly.

How We Use Collected Information

The information we collect from customers, suppliers, and website visitors is used responsibly and transparently to provide our services, improve user experience, and comply with legal obligations. Our aim is to ensure that data usage aligns with the legitimate interests of all parties while maintaining the highest standards of privacy and security. Below is a comprehensive explanation of how we use the information we collect.

 

Core Purposes of Data Usage

a) Providing and Enhancing Services:

We use customer and supplier data to deliver the core services offered by Yugalinks, which include:

  • Assisting with export-related documentation, such as obtaining RCMC or IEC certifications.
  • Facilitating trade connections between businesses in India and international markets.
  • Processing transactions, managing orders, and tracking deliveries.
  • Enabling users to access government incentives for exports.

b) Improving User Experience

Data collected from user interactions helps us optimize the design, functionality, and usability of our platform. This includes:

  • Tailoring content, recommendations, and features based on user preferences and browsing behavior.
  • Enhancing navigation and reducing friction in customer or supplier workflows.

c) Communication and Support

We use contact information for timely communication with users regarding:

  • Service-related notifications, updates, and announcements.
  • Responses to queries, complaints, or service requests.
  • Feedback requests aimed at improving our offerings.

d) Marketing and Promotion

With user consent, we use collected data for marketing purposes, such as:

  • Sending newsletters and promotional content about new features or services.
  • Informing users about export opportunities, trade fairs, or other business growth events.
  • Delivering personalized advertisements and targeted promotional messages based on user interests and activity.

 

Specific Use Cases Based on User Type

a) For Customers

  • Verifying account authenticity and ensuring secure transactions.
  • Facilitating access to business tools, such as trade insights and documentation resources.
  • Providing customized export solutions tailored to the customer's specific industry and market requirements.

b) For Suppliers

  • Managing and promoting supplier profiles to connect them with potential buyers.
  • Ensuring compliance with trade regulations by verifying supplier certifications.
  • Using transaction data to generate analytics that suppliers can leverage for operational improvements.

c) For Website Visitors

  • Enhancing website functionality through data analysis derived from cookies and other tracking technologies.
  • Serving relevant and region-specific content to visitors based on geolocation and browsing patterns.

Compliance and Regulatory Obligations

To meet our legal and regulatory responsibilities, the data we collect is used to

  • Comply with trade regulations as mandated by bodies like FIEO and DGFT.
  • Maintain records for audit purposes and fulfill taxation requirements.
  • Ensure adherence to anti-money laundering (AML) laws and other international trade compliance standards.

Data Analytics and Reporting

We utilize aggregated and anonymized data to conduct analytics, including

  • Monitoring key performance metrics, such as user engagement and transaction volumes.
  • Identifying trends and user behaviors to refine our services.
  • Producing reports for internal and external stakeholders, such as regulatory authorities or business partners.

Security and Fraud Prevention

The information collected is instrumental in safeguarding the interests of users and the platform. Key measures include:

  • Detecting and mitigating fraudulent activities, unauthorized transactions, or malicious attacks.
  • Implementing identity verification procedures to protect users' accounts and sensitive data.

User Empowerment and Customization

We strive to empower users to personalize their experience on the platform by:

  • Allowing users to save preferences, such as notification settings and account configurations.
  • Enabling businesses to customize their profiles, trade offerings, and preferred communication channels.

 

Sharing with Third Parties

While we respect your privacy, in some cases, it is necessary to share collected information with third parties to fulfill service obligations. For example:

  • Partnering with payment gateways and logistics providers to process orders and ensure timely delivery.
  • Sharing data with regulatory bodies like FIEO for processing export incentives.
  • Collaborating with marketing agencies to design tailored campaigns.
  • Rest assured, third parties are contractually obligated to handle data securely and in compliance with privacy regulations.

 

Safeguarding User Data in All Use Cases

Across all the scenarios mentioned above, we adhere to strict security protocols to ensure data is protected. This includes:

  • Data encryption during storage and transmission.
  • Restricted access to sensitive information on a need-to-know basis.
  • Regular audits to ensure compliance with privacy laws and internal data protection policies.

How We Share Information

Safeguarding the privacy of our users is paramount. However, certain circumstances require us to share information with authorized third parties or stakeholders to deliver services, ensure regulatory compliance, and enhance our offerings. In this section, we detail the scenarios, parties, and purposes for which data may be shared, along with the safeguards we employ to protect user information.

 

Why We Share Information

We share information with third parties only when necessary for:

  • Service Fulfillment: To enable seamless transactions, secure deliveries, or streamline customer-supplier interactions.
  • Legal Compliance: To adhere to laws, regulations, or requests from regulatory authorities.
  • Operational Efficiency: To partner with reliable service providers, such as payment gateways, logistics companies, and technology partners.
  • Fraud Prevention: To detect and address fraudulent activities, unauthorized transactions, or security breaches.

 

Parties with Whom Information is Shared

a) Authorized Third-Party Service Providers

To deliver our services effectively, we may share relevant user information with:

  • Payment Gateways: For secure processing of financial transactions and refunds.
  • Logistics and Delivery Partners: To coordinate shipping and delivery operations for suppliers and customers.
  • Technology Vendors: To maintain platform functionality, perform data analysis, and enhance user experience.
  • Marketing Agencies: For running targeted campaigns and informing users about relevant offers or opportunities.

b) Government and Regulatory Bodies

We collaborate with authorities like FIEO, DGFT, and other government organizations to

  • Assist customers with documentation and compliance for exports.
  • Facilitate applications for government incentives and trade benefits.
  • Ensure adherence to import/export laws and tax regulations.

c) Legal and Law Enforcement Entities

In situations where required by law or in the interest of public safety, we may disclose information to

  • Comply with court orders, legal proceedings, or statutory requirements.
  • Prevent or address suspected fraud, illegal activities, or violations of our terms and policies.

d) Partner Organizations

To offer value-added services, we may share data with trusted partners who collaborate with us to support users’ business growth. For instance:

  • Export management agencies.
  • Trade fair organizers.
  • Certification bodies like ISO compliance organizations.

e) Users Within the Platform Ecosystem

  • In cases where trade connections are facilitated, relevant data such as business name and product offerings may be shared with potential buyers or suppliers within the platform.
  • Sensitive details such as financial or personal identification data are excluded from such disclosures without explicit consent.

 

Types of Information Shared

The information shared is strictly limited to what is necessary for the purpose and may include

  • Business Information: Company name, GST details, product details, and trade preferences shared for B2B facilitation.
  • Personal Information: Contact details of authorized representatives when necessary for communication purposes.
  • Transaction Information: Records of completed purchases, shipping data, or payment processing details.
  • Analytics Data: Aggregated or anonymized data for platform improvement and partner insights.

Sensitive personal or business information, such as financial records or identification details, is only shared when legally mandated or explicitly authorized by the user.

 

 

Security Measures for Shared Information

  • Data Encryption: All data transmitted to third parties is encrypted to prevent unauthorized access.
  • Contractual Obligations: Third-party service providers and partners are required to comply with strict data protection terms and cannot use user information beyond the agreed purposes.
  • Access Restrictions: Shared data is limited to authorized personnel or systems within the third-party organizations.
  • Monitoring and Audits: Regular evaluations of data-sharing practices are conducted to ensure compliance with privacy laws.

 

User Consent for Data Sharing

  • For any non-essential sharing of information, we seek user consent prior to engaging in such activities.
  • Users have the right to opt-out of certain data-sharing practices, such as sharing data for marketing purposes or third-party collaborations unrelated to core services.

 

International Data Sharing

In cases where our services extend beyond India’s borders, user data may be shared with international entities for trade facilitation. For example

  • Sharing export-related information with buyers, suppliers, or logistics providers in other countries.
  • Ensuring compliance with global trade regulations and international standards.

When data is shared internationally, we ensure that it is protected in accordance with local and global data protection standards, such as GDPR (General Data Protection Regulation) for European Economic Area transactions.

 

 

No Unauthorized Data Sharing or Sale

Yugalinks Global Connect Pvt Ltd strictly prohibits the unauthorized sale or sharing of user data with entities not directly involved in delivering our services. Under no circumstances will data be sold for profit, advertising, or unsolicited commercial use.

 

 

User Rights Regarding Data Sharing

We respect our users' rights concerning the sharing of their data. You may:

  • Request details of the third parties with whom your data has been shared.
  • Restrict or withdraw consent for specific data-sharing activities.
  • Lodge a complaint if you believe your data has been shared improperly.

To exercise these rights, you may contact our Grievance Officer, who will address your concerns and ensure that appropriate measures are taken to resolve your issues.

Data Security Measures

The security of our users’ information is our top priority. We recognize the value of the data entrusted to us and implement stringent measures to ensure its protection against unauthorized access, loss, misuse, or alteration. Our commitment to data security encompasses both technical and organizational safeguards, designed to keep personal, business, and transactional information secure. This section provides a detailed overview of the robust security practices we employ to protect your data.

 

 

Our Security Philosophy

We approach data security with the following guiding principles:

  • 1. Confidentiality: Ensure that sensitive data is accessible only to authorized individuals and entities.
  • Integrity: Prevent unauthorized modification of data, ensuring its accuracy and reliability.
  • Availability: Maintain reliable access to data for authorized users, ensuring seamless operations.

By integrating these principles into our systems and practices, we deliver a secure and trustworthy platform for all stakeholders.

 

 

Layers of Data Security

To secure user data, Yugalinks employs a multi-layered approach:

a) Network Security:

  • Our platform operates within a secure network architecture protected by firewalls to prevent unauthorized intrusion.
  • Advanced monitoring systems detect and respond to potential threats in real time.

b) Data Encryption:

  • All sensitive information, such as financial records, identification numbers, and login credentials, is encrypted using advanced protocols like AES-256 during storage and SSL/TLS during transmission.
  • Encryption ensures that even in the event of a data breach, unauthorized access to the information remains unlikely.

c) Authentication and Access Control:

  • Access to user data is restricted to authorized personnel within Yugalinks, based on job responsibilities and need-to-know criteria.
  • We employ multi-factor authentication (MFA) to secure accounts and prevent unauthorized access to our systems.

d) Application Security:

  • Regular vulnerability assessments and penetration testing are conducted to identify and address potential security weaknesses.
  • The Yugalinks platform is built using secure coding practices that minimize the risk of software vulnerabilities.

 

Security Measures for End Users

We provide features and tools to help users protect their accounts and data:

  • Strong Password Enforcement: Our system requires users to create passwords that meet complexity criteria, ensuring stronger account security.
  • Session Management: Automatic session timeouts help prevent unauthorized access if a user forgets to log out of their account.
  • Login Alerts: Users are notified via email or SMS whenever their account is accessed from a new device or location.

 

Physical Security Controls

In addition to digital security, we take precautions to secure data stored in physical locations:

  • Servers hosting user data are housed in secure data centers with controlled access, surveillance systems, and 24/7 monitoring.
  • Access to our offices and data centers is restricted to authorized personnel using biometric authentication and keycards.

 

Employee Training and Compliance

Data security is an organizational priority, and all employees undergo regular training to understand and implement best practices:

  • Employees are trained to handle user data responsibly and in compliance with privacy laws.
  • We have strict internal policies governing the use and sharing of data within the organization.
  • Staff members handling sensitive data undergo background checks and are required to adhere to confidentiality agreements.

 

Protection Against Threats

To safeguard against cyber threats, we adopt a proactive approach that includes:

  • Antivirus and Anti-Malware Tools: Advanced tools are used to identify and block malicious software.
  • Intrusion Detection Systems (IDS): These systems monitor network traffic for unusual activity or potential threats.
  • Incident Response Plans: We maintain a structured plan to quickly identify, address, and mitigate the impact of security breaches.

 

Regular Security Audits

Our data security infrastructure undergoes periodic audits to:

  • Validate the effectiveness of current security measures.
  • Identify vulnerabilities and implement updates promptly.
  • Ensure compliance with applicable laws and international security standards such as ISO 27001.

 

Third-Party Data Security

When sharing data with third parties, we ensure that they adhere to similar or higher standards of data security:

  • We verify that vendors and partners implement encryption, access controls, and other security measures.
  • Third parties are required to sign data protection agreements that limit their ability to use or share user data beyond agreed purposes.
  • Regular audits of third-party systems are conducted to ensure compliance with these agreements.

 

Handling Data Breaches

In the unlikely event of a data breach, Yugalinks has a clear and effective protocol in place:

  • 1. Immediate Containment: Identify and isolate the source of the breach to prevent further access.
  • 2. Impact Assessment: Determine the scope of the breach, including the type and extent of data compromised.
  • 3. Notification: Notify affected users, regulatory authorities, and other stakeholders promptly, as required by law.
  • 4. Mitigation: Implement corrective actions to strengthen security and prevent recurrence.
  • 5. Post-Incident Review: Conduct a thorough analysis to improve future safeguards and procedures.

 

User Responsibilities in Data Security

While Yugalinks provides robust security measures, users also play an important role in protecting their data. We encourage users to:

  • Keep account passwords confidential and change them regularly.
  • Avoid sharing sensitive account details, such as OTPs or login credentials, with third parties.
  • Monitor their accounts regularly and report suspicious activities immediately.

 

 Adherence to Global Security Standards

We align our security practices with recognized standards, ensuring compliance with frameworks like:

  • General Data Protection Regulation (GDPR): For customers and suppliers in the European Union.
  • Information Technology Act (India): Complying with rules regarding sensitive personal data and security practices.
  • Payment Card Industry Data Security Standard (PCI DSS): For safe handling of payment data.

Data Retention Policy

We are committed to retaining customer, supplier, and transactional data responsibly and for the appropriate duration needed to fulfill our service obligations, comply with legal requirements, and support operational purposes. This policy outlines how long data is kept, the rationale for retention periods, and the steps we take to securely delete information when it is no longer required.

 

Purpose of Data Retention

We retain data to:

  • Fulfill service commitments, such as facilitating trade connections, managing accounts, and completing export-related processes.
  • Comply with applicable legal, regulatory, and tax-related obligations.
  • Provide users with a seamless experience by retaining preferences and historical records for reference or compliance purposes.
  • Support our internal reporting, auditing, and fraud-prevention measures.

 

Retention Periods

The length of time data is retained depends on the type of information and its purpose:

a) Customer and Supplier Data:

  • Account Information: Retained as long as the account remains active or as needed for customer support and operational purposes.
  • Transactional Data: Retained for up to 7 years to meet financial auditing and regulatory reporting requirements.

b) Compliance Data:

  • Documentation related to regulatory compliance, such as IEC, RCMC, and GST details, is kept for the duration mandated by government bodies, typically 7 to 10 years.

c) Communication Records:

  • Email correspondence, chat logs, and support tickets are retained for up to 3 years to maintain service continuity and address disputes if they arise.

d) Analytics and Aggregated Data:

  • Non-identifiable aggregated data may be retained indefinitely for statistical and reporting purposes to improve services without compromising user privacy.

User Rights

we prioritize your control over your data. As part of our commitment to transparency and compliance with privacy laws, we offer a range of rights that allow users to manage how their data is collected, used, and retained. Below, we explain each right and how it enables you to exercise control over your personal and business information.

 

Users have the right to request and receive details about the data we hold. This includes:

  • An overview of personal and business information stored in our systems.
  • Transactional records and their purposes.
  • Information about third-party data sharing, if applicable.

By ensuring accessibility, we empower users to remain informed about their data.

 

Right to Rectification

Accuracy is vital, and users can request corrections to any incorrect or outdated information.

  • Personal details such as phone numbers and addresses can be updated directly or through support.
  • Business records, like company certifications or trade preferences, can be amended with appropriate documentation.
    This ensures that data used by Yugalinks is up-to-date and relevant.

 

Right to Erasure

Users can request the deletion of their data if:

  • The data is no longer necessary for the purpose it was collected.
  • Consent is withdrawn, or the data processing is no longer lawful.
    We respect such requests unless legal or regulatory requirements necessitate retention, such as tax compliance or fraud investigations.

 

Right to Data Portability

This right allows users to obtain their data in a standardized format, facilitating:

  • Easy transfer of information to other service providers.
  • Maintaining personal backups for individual reference.
    This transparency enhances user independence and mobility across platforms.

 

Right to Object and Restrict Processing

Users can:

  • Object to specific types of data processing, such as marketing communications or automated profiling.
  • Request a restriction on data processing if there are disputes about its use or accuracy.

During such cases, the data is only processed with explicit consent, protecting user preferences and choices.

Cookies and Tracking

Technologies

To enhance user experience and improve the performance of our platform, Yugalinks Global Connect Pvt Ltd uses cookies and similar tracking technologies. These tools help us understand user behavior, optimize functionality, and ensure seamless interactions. Below, we explain the different types of cookies we use, their purposes, and how users can manage them effectively.

 

What Are Cookies?

  • Cookies help ensure smoother navigation by storing user preferences and settings.
  • They also assist in identifying and addressing performance issues or errors on the platform.

 

Types of Cookies We Use

We utilize the following types of cookies to enhance your experience:

a) Essential Cookies:

  • These are necessary for the operation of our website and enable core functionalities, such as login authentication and secure payment processes.
  • Without these cookies, certain services cannot function properly.

b) Performance Cookies:

  • Performance cookies collect anonymous data about how users interact with the site, such as pages visited and loading speeds.
  • This helps us identify inefficiencies and optimize the platform's performance.

c) Functional Cookies:

  • These cookies remember user preferences, such as language settings or customized dashboard views.
  • They improve the user experience by tailoring content to individual preferences.

d) Marketing and Analytics Cookies:

  • These track user behavior to deliver personalized ads and measure the effectiveness of marketing campaigns.
  • They may be placed by third-party advertising platforms we partner with.

 

How We Use Cookies

Cookies and tracking technologies enable us to:

  • Enhance Platform Functionality: By remembering user preferences and past activity.
  • Provide Insights: Analyze usage trends to improve navigation and interface design.
  • Deliver Targeted Services: Tailor product recommendations and content based on user behavior.
  • Ensure Security: Detect suspicious activities and ensure safer user experiences.

 

Managing Your Cookie Preferences

Users have control over the cookies stored on their devices:

  • Browser Settings: Most web browsers allow users to accept, block, or delete cookies. Adjust your browser settings to manage cookie behavior according to your preferences.
  • Consent Banners: Upon visiting the Yugalinks platform, users can manage their cookie settings through our cookie consent banner, choosing which types of cookies to enable or disable.
  • Opting Out of Marketing Cookies: Users can disable targeted advertising cookies by adjusting settings or through links provided by third-party advertisers.

Please note that disabling essential or functional cookies may affect certain features or functionalities on the website.

 

Third-Party Tracking Technologies

In addition to cookies, we collaborate with third-party providers who may use tracking technologies for specific purposes:

  • Analytics Tools: Providers such as Google Analytics help us monitor site usage and gather insights to improve our services.
  • Advertising Networks: Marketing platforms may use pixels or tags to ensure effective delivery of promotional content.

All third parties involved in tracking adhere to our strict privacy and security standards to protect user data.

By clearly outlining our cookie and tracking practices, Yugalinks Global Connect Pvt Ltd ensures transparency and offers users the ability to manage their preferences effectively. For further inquiries about cookies, please contact us via our support channels.

Marketing and Communication

We value clear, meaningful, and tailored communication with our users. Our marketing and communication practices aim to provide relevant updates, valuable insights, and promotional content while respecting user preferences and privacy. Below, we detail how we handle marketing and communication, the types of content we send, and how users can manage their communication preferences.

 

Purpose of Marketing and Communication

Our marketing and communication efforts are designed to:

  • Keep users informed about updates to our services, new features, and industry trends.
  • Share insights about export opportunities, compliance tips, and government incentives.
  • Provide personalized recommendations and promotional offers based on user preferences and interests.
  • Strengthen our relationship with customers and suppliers through value-added information.

We aim to deliver only relevant and helpful content that aligns with the needs of our users.

 

Types of Communication We Send

a) Transactional Communication:

  • Includes order confirmations, service updates, and account-related notifications.
  • Essential for ensuring smooth operations and maintaining transparency.

b) Informational Updates:

  • Includes newsletters, blog posts, and updates about policies or platform enhancements.
  • Keeps users informed about industry news, trends, and best practices.

c) Promotional Content:

  • Provides details about discounts, partnerships, or promotional offers on Yugalinks services.
  • Includes product recommendations tailored to user preferences.

d) Event Invitations:

Invitations to webinars, trade expos, and workshops organized by Yugalinks or our partners.

 

e) Surveys and Feedback Requests:

  • Opportunities for users to share their opinions and help improve our offerings.

 

Channels of Communication

We communicate with users through multiple channels to ensure seamless interactions:

  • Email Marketing: For detailed updates, newsletters, and promotional offers.
  • SMS Notifications: For time-sensitive alerts, such as order updates or reminders.
  • Push Notifications: Real-time alerts and recommendations via the Yugalinks app or website.
  • Social Media: Engagement through platforms like LinkedIn, Twitter, and Instagram to share insights and updates.

Each channel is utilized responsibly, with content tailored to its medium.

 

Managing Communication Preferences

We empower users to control how they interact with our marketing and communication efforts:

  • Subscription Settings: Users can manage their email and SMS preferences directly through their account settings.
  • Opt-Out Option: Every marketing communication includes an easy-to-access unsubscribe or opt-out link.
  • Customizing Notifications: Users can choose the types of notifications they wish to receive (e.g., promotional content vs. informational updates).

We respect all opt-out requests and ensure compliance with anti-spam regulations, such as the CAN-SPAM Act and GDPR.

 

Privacy in Marketing and Communication

We prioritize user privacy in all communications:

  • Personal data used for marketing purposes is collected with explicit consent.
  • Data is processed securely and shared with trusted third parties only for delivering relevant and targeted communication.
  • Analytics and feedback from communication campaigns are anonymized and used solely to improve content relevance.

Third Party Services

We collaborate with trusted third-party providers and government entities to deliver seamless services, enhance functionality, and support businesses in global trade. These partnerships are essential to providing advanced tools, maintaining operational excellence, and ensuring regulatory compliance. Below, we detail how we engage with third-party services, including their purpose, scope, and the safeguards we implement.

 

Purpose of Engaging Third-Party Services

  • Platform Optimization: Use analytics to improve user experiences and ensure smooth operations.
  • Marketing: Deliver personalized and effective marketing campaigns to targeted audiences.
  • Regulatory Compliance: Facilitate seamless interaction with government bodies for export documentation and trade processes.

Our partnerships are carefully designed to maintain transparency, security, and adherence to privacy standards.

 

Third-Party Services We Use

a) Google Analytics

  • Tracks user behavior and platform activity to provide insights on performance.
  • Helps us understand user preferences, optimize website usability, and improve service delivery.
  • Processes only anonymized data for trend analysis without compromising individual privacy.

b) Twilio and Segment

Power communication services, such as SMS notifications, email confirmations, and live updates.

  • Power communication services, such as SMS notifications, email confirmations, and live updates.
  • Ensure efficient and real-time interaction with users while maintaining robust data security.

c) AdRoll/Meta (Facebook)

  • Facilitate targeted advertising campaigns to deliver relevant content to users based on their preferences.
  • Track the effectiveness of marketing initiatives using retargeting techniques.
  • AdRoll and Meta ensure compliance with advertising standards and privacy regulations.

d) Microsoft Services

  • Provide productivity and collaboration tools that support our operations and communications.
  • Utilize Microsoft’s secure cloud infrastructure to manage data effectively and reliably.

e) Government Entities (FIEO and DGFT)

  • Facilitate the issuance of export-related documents such as IEC (Importer Exporter Code) and RCMC (Registration Cum Membership Certificate).
  • Ensure compliance with trade regulations and assist businesses in accessing government incentives and support.

 

Data Handling and Safeguards

When working with third parties, we implement the following safeguards to protect user data:

  • Minimized Sharing: We share only the necessary data for a specific purpose, such as user engagement or regulatory compliance.
  • Contractual Obligations: Third-party providers are bound by agreements ensuring compliance with strict data privacy and security policies.
  • Regular Audits: Frequent reviews of third-party activities are conducted to ensure alignment with Yugalinks' privacy standards.

 

Transparency and User Consent

We believe in full transparency about the role of third parties in supporting our services:

  • Users are notified of data-sharing practices, and consent is obtained where required (e.g., for marketing cookies or government registrations).
  • The use of tools like Google Analytics and Meta includes anonymization and aggregation of data for enhanced privacy.
  • Users can manage preferences for certain third-party tools, including opting out of analytics or marketing tracking.

 

Collaboration with Government Bodies

  • We act as a facilitator for exporters to meet regulatory requirements efficiently.
  • Government services provide access to incentives, trade resources, and certifications that are crucial for international trade.
    All data exchanged with these bodies follows strict regulatory protocols to ensure confidentiality and compliance.

International Data Transfer

We recognize the importance of ensuring the security and confidentiality of user data, even when it is transferred across international borders. As part of our services, we may need to process and store data in servers located outside of India or in jurisdictions that offer different levels of data protection. This section explains how and why data may be transferred internationally, the safeguards we implement, and how we protect your rights.

 

Scope of International Data Transfer

Certain services provided by Yugalinks Global Connect Pvt Ltd involve the transfer of user data to countries outside of India. These countries may include locations where our third-party service providers, such as cloud hosting providers, payment processors, or regulatory bodies, maintain their servers or operate their services.

  • Global Hosting and Cloud Services: Some of our operations depend on global hosting providers like Microsoft, whose infrastructure may be based outside India.
  • Third-Party Service Providers: Our partners in marketing, analytics (Google Analytics), payment processing (e.g., Stripe), and communications (e.g., Twilio) may process or store user data in different jurisdictions.

These transfers ensure that you receive the full spectrum of services available through our platform, including payments, personalized marketing, and real-time communication.

 

Safeguards to Protect Data

We take comprehensive steps to ensure that international data transfers adhere to applicable data protection laws and regulations. Our safeguards include:

a) Data Transfer Agreements:

  • We ensure that any international data transfers are governed by contracts that include standard contractual clauses (SCCs), in line with internationally recognized data protection standards.
  • These agreements outline the responsibilities and obligations of the parties involved in processing and protecting user data.

b) Privacy Shield and Adequacy Decisions:

Where applicable, we rely on privacy shield frameworks or adequacy decisions to comply with legal requirements when transferring personal data outside of India. For instance, some jurisdictions, such as the European Union (EU), have deemed certain third-party providers’ practices as offering an adequate level of data protection.

 

c) Encryption and Security Protocols:

  • We use state-of-the-art encryption and secure data storage methods for all data transfers, ensuring that your personal and business information remains safe during transmission.
  • Data exchanged with third parties is transferred using secure transfer methods such as SSL/TLS encryption.

d) Privacy and Data Security Compliance:

  • We ensure that all third-party service providers involved in international data transfers comply with applicable local privacy laws (e.g., GDPR in Europe or CCPA in California).
  • Additionally, these providers must follow strict security and privacy standards to safeguard your information throughout the data transfer process.

User Rights and Control

As a user, you retain control over your personal and business data, even when it is transferred internationally. Some of your rights in this context include:

 

a) Access to Information:

You have the right to request information regarding any data transferred internationally, including the purpose and the recipients of the data.

 

b) Withdrawal of Consent:

You may have the option to withdraw consent for specific data transfers, particularly those related to marketing or analytics tools. This can be done by adjusting your preferences in your account settings.

 

c) Right to Object or Request Restriction:

In certain circumstances, you have the right to object to or restrict the processing of your data, including international transfers. If you object to a data transfer for legitimate reasons, we will make efforts to accommodate your preferences.

 

Risk of International Data Transfers

While we take every possible step to secure your data, we understand that international data transfers may carry some inherent risks. These risks include:

  • Data Privacy Variations: Different countries may have varying standards of data protection, potentially leading to situations where privacy protections may not be as robust as those in India or other highly-regulated regions.
  • Possible Interception or Breach: Although we use strong encryption, there is always a theoretical risk of data interception during transit or a breach while data is stored in a foreign jurisdiction.

 

Managing International Data Transfers

We remain committed to ensuring that your rights are protected during the transfer and processing of your data internationally. To mitigate risks, we:

  • Continually review our practices in light of emerging data protection regulations and ensure our policies remain aligned with global standards.
  • Provide transparency by notifying you whenever international data transfers are involved and outlining the specific third-party providers that will access your data.

Changes to the Privacy Policy

transparency and adaptability are central to our operations. As our platform evolves and as regulations or business practices change, it may become necessary to update this Privacy Policy. These updates help us stay aligned with best practices, comply with new legal requirements, and ensure continued trust in how we handle your information. Below, we outline how such changes are managed, how users are informed, and what your rights are when these updates occur.

 

Reasons for Updates

We may revise our Privacy Policy for several reasons, including:

  • Regulatory Changes: To comply with updated laws, regulations, or guidelines, such as changes to GDPR, CCPA, or India’s data protection laws.
  • Service Enhancements: To reflect new features, technologies, or partnerships (e.g., adding new third-party service providers).
  • Security Improvements: To adapt to emerging threats or enhance the protection of user data.
  • User Feedback: Incorporate suggestions from users to clarify sections or address concerns regarding privacy practices.

Our goal is to ensure that our Privacy Policy remains accurate, comprehensive, and reflective of current practices.

 

Notification of Policy Changes

Whenever updates are made to this Privacy Policy, we prioritize keeping users informed:

  • Advanced Notification: Significant changes to how we collect, use, or share data will be communicated at least 30 days before they take effect.
  • Direct Communication: Notifications of changes will be sent via email, in-app alerts, or posted prominently on our website.
  • Policy Versioning: Each version of the Privacy Policy will include an effective date for reference. Previous versions may be archived and made available upon request.

This process ensures that users have ample time to review changes and adjust their preferences as needed.

 

User Rights Regarding Changes

  • consent Management: If changes involve new data collection or sharing practices requiring consent, we will seek explicit approval before proceeding.
  • Right to Disagree: Users who disagree with updates may contact our support team to discuss concerns or take steps to delete their accounts.
  • Access to Historical Policies: Users can request information about prior versions of the Privacy Policy to understand how their data has been managed over time.

We encourage users to review the updated policy and reach out with any questions or concerns about its implications.

 

Frequently Updated Areas of the Privacy Policy

Certain sections of the Privacy Policy may be revised more frequently than others:

  • Third-Party Services: Updates may include new partnerships (e.g., integrating new analytics tools, payment processors, or communication platforms).
  • Marketing Practices: Changes reflecting new communication channels or expanded personalization features.
  • Security Measures: Adjustments in line with technological advancements or emerging cyber threats.

We remain committed to transparency and user empowerment, ensuring that these updates align with user expectations and legal obligations.

 

How to Stay Informed

To stay informed about updates to our Privacy Policy:

  • Regularly Check Our Policy Page: The latest version of our Privacy Policy will always be accessible on our website.
  • Update Your Contact Information: Ensure your email and notification preferences are up to date, so you don’t miss announcements.
  • Engage With Our Support Team: Reach out if you need clarification on how specific updates might affect you. Contact us at support@yugalinks.com.