Privacy Policy

Understand how Recivo collects, uses, and protects your personal data. Review our privacy practices and your rights regarding your information.

General Information

This privacy policy (“Policy”) applies to Recivo INC herein called as Recivo and was last updated in August 2024. We may change or update this policy at any time, and the same will be updated here. If you are a Recivo user or customer, we shall notify the changes or updates either by sending an email. Please ensure to read such notices carefully. We sincerely believe that you should always know what data we collect from you, the purposes for which such data is used, and that you should have the ability to make informed decisions about what  you want to share with us.  Therefore, we want to be transparent about: (i) how and why we collect, store and use your personal data in the various capacities in which you interact with us; and (ii) the rights that you have to determine the contours of this interaction. While we would strongly advise you to read the Policy in full, the following summary will give you a snapshot of the salient points covered herein:

This Policy details the critical aspects governing your personal data relationship with iSTAR Skill Development Pvt. Ltd. and its subsidiaries (collectively, Recivo);

Your personal data relationship with Recivo varies based on the capacity in which you interact with us/avail of our products and solutions (“Services”). You could be: (i) a visitor to https://www.recivo.ai/ (“Website”) or any pages thereof (“Visitor”); (ii) a person/entity availing of one of our Services (“Customer”); or (iii) an employee/agent/representative/appointee of a customer who uses the said Service (“User”);

Based on whether you are a Visitor, Customer or User, the type of data we collect and the purpose for which we use it will differ and this Policy details such variations;

This Policy is a part of and should be read in conjunction with our https://www.recivo.ai/terms-of-use and

This Policy will clarify the rights available to you vis-à-vis the personal data you share with us.If you have any queries or concerns with this Policy, please contact our Grievance Officer (refer Section 12). If you do not agree with the Policy, we would advise you to not visit/use the Website or the Recivo application(s)/platform(s) (collectively “App”).

INFORMATION WE COLLECT AND HOW WE USE IT

Type of User Visitor Customer User
What Data We May Collect 1. How you behave on the Website (what pages you land on, how much time you spend etc)
2. What device you use to access the Website and its details (model, operating system, etc.)
3. Cookies and Web Beacon data
4. Name and e-mail. 		1. The name and e-mail of your representative who signs up for a Service on your behalf.
2. Credit Card/ Debit Card/Other Payment Mode information to check your financial qualifications, detect fraud and facilitate payments for our Services. 		1. Your name, e-mail
2. How you behave in the relevant product environment and use the features
3. What device you use to access the Website/App and its details (model, operating system, etc
4. Cookies and Web Beacon data
How and Why We Use It We use this information to analyse and identify your behaviour and enhance the interactions you have with the Website. If you submit your details and give us your consent, we may send you newsletters and e-mails to market other products and services we may provide. We collect this data in order to help you register for and facilitate provision of our Services. We also use this data to enable you to make payments for our Services. We use a third-party service provider to manage payment processing. This service provider is not permitted to store, retain, or use information you provide except for the sole purpose of payment processing on our behalf. If you give us your consent, we may send you newsletters and e-mails to market other products and services we may provide. We collect this data in order to facilitate provision of our Services. We will occasionally send you e-mails regarding changes or updates to the Service that you are using. In the event you report an issue with a Service, we may also screen/video record your device only when you use the App for a limited time period to help us better understand how to address the issue. If you give us your consent, we may send you newsletters and e-mails to market other products and services we may provide.

YOUR RIGHTS & PREFERENCES AS A DATA SUBJECT

Subject to the GDPR and applicable law’s limitations, the rights afforded to you as a data subject are:

RIGHT TO BE INFORMED: You have a right to be informed about the manner in which any of your personal data is collected or used which we have endeavoured to do by way of this Policy.

RIGHT OF ACCESS: You have a right to access the personal data you have provided by requesting us to provide you with the same.

RIGHT TO RECTIFICATION: You have a right to request us to amend or update your personal data if it is inaccurate or incomplete.

RIGHT TO ERASURE : You have a right to request us to delete your personal data.

RIGHT TO RESTRICT : You have a right to request us to temporarily or permanently stop processing all or some of your personal data.

RIGHT TO OBJECT : You have a right, at any time, to object to our processing of your personal data under certain circumstances. You have an
absolute right to object to us processing your personal data for the purposes of direct marketing.

RIGHT TO DATA PORTABILITY : You have a right to request us to provide you with a copy of your personal data in electronic format and you can transmit that personal data for using another third-party’s product/service.

RIGHT NOT TO BE SUBJECT TO AUTOMATED DECISION-MAKING : You have a right to not be subject to a decision based solely on automated decision making, including profiling.

In case you want to exercise the rights set out above you can contact our DATA PROTECTION OFFICER whose details are set out below.The data provided by you as a Visitor, or when you sign up as a Customer / User or register for our Services will be processed by us for the purpose of rendering Services to you or in order to take steps prior to rendering such Services, at your request. Where such data is not being used by us to render Services to you, we shall explicitly seek your consent for using the same. You can choose to withdraw this consent at any time.Additionally, we may process your data to serve legitimate interests.Accordingly, the grounds on which we can engage in processing are as follows:

NATURE OF DATA GROUNDS
Visitor Data
  • Consent;
  • Performance of a Contract
  • Legitimate Interest
Account Registration Data
  • Compliance with applicable laws
  • Legitimate Interest
Service Usage Data
  • Performance of a Contract
  • Legitimate Interest
Data for Marketing our Services
  • Consent
  • Legitimate Interest

YOUR RIGHTS UNDER INFORMATION TECHNOLOGY (REASONABLE SECURITY PRACTICES AND PROCEDURES AND SENSITIVE PERSONAL DATA OR INFORMATION) RULES, 2011

Rights Description
The right to be informed and give consent Before Recivo collects any of your personal data, we will clearly explain what information we need, why we need it, and how we will use it. We will only collect your personal data with your explicit consent.
The right to access your data You have the right to request access to the personal information Recivo holds about you. This includes the ability to review and verify its accuracy and completeness.
The right to correct mistakes If you find any errors or missing information in your data held by Recivo, you have the right to request corrections. We will take reasonable steps to update your information promptly upon verification of your request.
The right to withdraw consent You can withdraw your consent for Recivo to process your sensitive personal data at any time. Once you withdraw consent, we will stop using your data for the purpose originally agreed upon, unless there's a legal reason for continued processing (like a court order).


To exercise these rights, please contact our Grievance Officer (details in Section 12).

TOOLS USED BY OUR CUSTOMERS

If you are a Customer, you are empowered to use proprietary or other third party technologies and integrate with our App. If you do, you agree and acknowledge that it is your sole obligation to inform your stakeholders about any data you collect by using such technologies and the policies by which such collection is bound.

TRANSFER OF INFORMATION - In order for us to facilitate our operations, we may transfer and store the data we collect and process in accordance with this Policy, to our database server in a third-country for Disaster Recovery purpose. Your rights and protections will, under no circumstances, be diluted by this transfer. Further, in the ordinary course of business, we may employ other companies and people to assist us in providing certain components of our Services in compliance with the provisions of this Policy. To do so, we may need to share your data with them. Where applicable – if the entities to which these transfers are affected are not situated in countries deemed ‘adequate’ by the European Commission, we shall enter into appropriate Data Protection Addendums with the transferee parties that comprehensively protect your data. We shall also put in place industry-standard technical and organizational measures (including robust data handling policies) to ensure that such transfers are completed in accordance with applicable laws. Some of the examples of where we may sub-contract processing activities to third parties include—data analysis, marketing assistance, processing credit card payments, and providing customer service.

COMPELLED DISCLOSURE - In addition to the purposes set out in the Policy, we may disclose any data we collected or processed from you if it is required:
Under applicable law or to respond to a legal process, such as a search warrant, court order, or subpoena;
To protect our safety, your safety or the safety of others or in the legitimate interest of any party in the context of national security, law enforcement, litigation, criminal investigation or to prevent death or imminent bodily harm;
If required in connection with legal proceedings brought against recivo, its officers, employees, affiliates, customers or vendors; or
To establish, exercise, protect, defend and enforce our legal rights.

SECURITY OF YOUR PERSONAL INFORMATION

We implement industry-standard technical and organisational measures by using a variety of security technologies and procedures to help protect your data from unauthorized access, use, loss, destruction or disclosure. When we collect particularly sensitive data it is encrypted using industry-standard cryptographic techniques including but not limited to SSL, TLS, RSA, and AES. We adhere to the ISO/IEC 27001:2022 standard, an internationally recognized framework for Information Security Management Systems (ISMS). Our commitment to ISO 27001 ensures that we follow rigorous security practices and maintain high standards for information security.  In compliance with the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, we adhere to the following reasonable security practices and procedures to protect your personal data:

Access Control We ensure that access to personal data is granted only to authorised personnel on a need-to-know basis and that such access is logged and monitored.
Data Encryption Sensitive personal data is encrypted both in transit and at rest using strong encryption methods such as AES-256.
Network Security We employ secure network architecture, including firewalls and intrusion detection systems, to prevent unauthorised access.
Regular Audits We conduct regular security audits and assessments to identify potential vulnerabilities and ensure compliance with our security policies.
Incident Management We have established protocols for managing and responding to security incidents, including data breaches, to mitigate any potential impact on your personal data.
Employee Training We conduct regular training programs for our employees to ensure they are aware of and comply with our security policies and procedures.
Third-Party Compliance We ensure that any third-party service providers who handle personal data on our behalf adhere to equivalent security standards and practices.
Physical and Environmental Security We have implemented robust physical security controls to protect our data centres and other facilities from unauthorised access, damage, and interference.
Business Continuity Management We have developed and tested business continuity plans to ensure the availability of critical information and systems in the event of a disruption.
Risk Assessment and Treatment We conduct regular risk assessments to identify potential security threats and vulnerabilities, and implement appropriate risk treatment plans to mitigate identified risks.
Audit and Compliance We conduct regular internal and external audits to ensure compliance with ISO 27001 standards and continuously improve our ISMS.

DATA PROTECTION

ADDRESS: 16192 Coastal Highway, Lewes, DE 19958 United States of America
EMAIL: hello@recivo.ai