Privacy Policy

Last Updated and Effective: 27th March 2026

This Privacy Policy explains how inFeedo Tech Inc., inFeedo Tech Private Limited and inFeedo Tech LLC- F.Z. (collectively referred to as “inFeedo”, “Company”, “we”, “us”, or “our”) and describes how and why we might collect, store, use and otherwise process personal data when a User/Visitor/ and/or any other third party (hereinafter referred to as “you”, “your”) ,

• access or visit our website www.infeedo.ai (the “Website”), or
• use our employee engagement platform and related software-as-a-service products (the “SaaS Offering”); or
• and/or engage with us in other related ways, including any sales, marketing, or events; or
• provide us information as an employee and/or any other third-party.

This Privacy Policy also explains your rights and choices regarding your personal data. If you see an undefined term in this Privacy Policy, it has the same definition as in our Website Terms of Use and Product T&C, applicable to the SaaS Offering. Please note that this Privacy Policy is read in conjunction with the Website Terms of Use and Product T&C.

We adhere to the data practices described in this privacy policy. We recognize and respect the privacy interests of the individuals about whom we process information, and about whom we maintain information in our database.

1. Who is responsible for your Data:
   1. Depending on your location and how you use our services, the entity responsible for processing your personal data may differ:
      1. inFeedo Tech Private Limited (India): Acts as the Data Fiduciary for individuals (except for our customer/ Platform end users) located in India under the Digital Personal Data Protection Act, 2023 (DPDP Act).
      2. inFeedo Tech Inc. (United States): Acts as the Controller for individuals (except for our customer/ Platform end users) located outside India.
      3. inFeedo Tech L.L.C. (Dubai, UAE): Acts as the Controller for personal data processed in connection with individuals (except for our customer/ Platform end users) located in the United Arab Emirates, in accordance with UAE Federal Decree Law No. 45 of 2021 on the Protection of Personal Data (PDPL)
      4. In certain circumstances, these entities may process personal data jointly in order to provide the SaaS Offering.
   2. When you are our Customer, using our SaaS Offering, then you may submit personal data relating to your employees or workforce (“Customer Data”), in such cases:
      1. you act as the data controller (or equivalent role under applicable law); and
      2. inFeedo acts as a data processor or service provider, processing personal data solely on behalf of the customer and in accordance with the customer’s instructions.

      Our processing of Customer Data is governed by the applicable SaaS agreement, data processing agreement, or other contractual arrangements entered into with the customer organization. Individuals whose data is processed through our SaaS Offering should direct privacy requests (including access or deletion requests) to the organization that provided their data to the platform.

   3. Storage: If you are accessing any of our Website(s) then your connection will be through and to servers located in the United States and India, and all information you provide will be processed and securely maintained in our web servers and internal systems located within the United States and India (as applicable). If you are using our SaaS Services from: (a) The United States, then, your connection will be through and to servers located in the United States and all information you provide will be processed and securely maintained in our web servers and internal systems located within the United States; OR (b) India, then, your connection will be through and to servers located in the United States and all information you provide will be processed and securely maintained in our web servers and internal systems located within India; OR (c) EU/ EEA/ UK, then, your connection will be through and to servers located in Ireland (i.e. the EU region) and all information you provide will be processed and securely maintained in our web servers and internal systems located within Ireland; OR (d) Indonesia, then, your connection will be through and to servers located in Indonesia and all information you provide will be processed and securely maintained in our web servers and internal systems located within Indonesia. Thus, you should be aware that in accessing this website or otherwise communicating with us, the information we collect or receive from you may be subject to laws with lesser or different privacy standards than those in your own country.
2. INFORMATION WE COLLECT
   1. Information You Give to Us. The information that we collect depends on the context of your interactions with us through the Website and the SaaS Offering, the choices you make, and the products and features of the SaaS Offering that you use. The Information we collect may include but is not limited to: name, email, job title, industry, address and telephone number(s).

      Sensitive Information. When necessary, with your consent or as otherwise permitted by applicable law, we process the following categories of sensitive information: information revealing race or ethnic origin; (ii) information revealing political opinions; (iii) information revealing religious or philosophical beliefs; (iv) information revealing trade union membership; (v) social security numbers or other government identifiers; or (v) professional experience data

   2. Communications with Company. When you communicate with Company or use the Website and/or SaaS Offering to communicate with us, we collect information about your communication and any information you choose to provide.
   3. Employee Engagement Data: Because the SaaS Offering provides employee engagement analytics, we may process: employee survey response; feedback submitted through engagement platforms; open-text responses; sentiment indicators derived from feedback; organizational engagement metrics. This information is typically provided by employees of organizations using SaaS Offering.
   4. Other Information. You may otherwise choose to provide us information when you fill in a form, conduct a search, respond to surveys, post to community forums, participate in promotions, or use other features on the Website (if available and applicable).
   5. We also may associate the above information with information we receive from other sources, such as other companies that compile datasets from public and private sources: this additional information includes information about consumer’s demographics, IP address, interest, likely purchasing preferences, hobbies or other lifestyle data.
   6. Geo-location Information. When you use certain features of the Website and/or the SaaS Offering, we may collect information about your precise or approximate location as determined through data such as your IP address or mobile device’s GPS to offer you an improved user experience. Most mobile devices allow you to control or disable the use of location services for applications in the device’s settings menu. The Website and the SaaS Offering may also collect this information even when you are not using the Website and the SaaS Offering if this connection is enabled through your settings or device permissions.
   7. Usage Information. We collect information about your interactions with the Website and/or SaaS Offering such as the pages or content you view, your searches for a product/service that is provided by the Company, and other actions while you are on our Website.
   8. Log Data and Device Information. We automatically collect log data and device information when you access and use the Website, even if you have not created an account with Company and/or the SaaS Offering. That information includes, among other things: details about how you’ve used the Website (including if you clicked on links to third party applications), IP address, access dates and times, hardware and software information, device information, device event information, unique identifiers, crash data, cookie data, and the pages you’ve viewed or engaged with before or after using the Website.
   9. Cookies and Similar Technologies. We use cookies and other similar technologies. We may also allow our business partners to use these tracking technologies on the Website and/or the SaaS Offering or engage others to track your behavior on our behalf. Our detailed Cookie Policy is available for your information in Section 6 of this Privacy Policy.
   10. Information We Collect from Third Parties. Company may collect information, including information, which others provide about you when they use the Website and/or SaaS Offering or reach the Website through a third-party, or obtain information from other sources and combine that with information we collect through the Website and/or the SaaS Offering. We do not control, supervise or are responsible for how the third parties providing your information process your personal data, and any information request regarding the disclosure of your information to us should be directed to such third parties.
   11. Do Not Track Disclosure. We do not support Do Not Track (“DNT”). Do Not Track is a preference you can set in your web browser to inform websites that you do not want to be tracked. You can enable or disable Do Not Track by visiting the “Preferences” or “Settings” page of your web browser.
   12. Social Media. Information collected from the use of our Website may be hashed and shared with social media platforms such as Facebook or Google for marketing and promotional activities. This processing is based on inFeedo's legitimate interest in offering SaaS Offering that may align with your preferences. It's crucial to understand that inFeedo does not supervise or control the data processing by social media platform providers
   13. We do not sell your personal information for processing by direct marketing agencies. We may however use your personal information for certain specific purposes (including profiling) where such processing is based on legitimate interest. If you object to such processing by us, we will no longer process your personal information for these purposes unless we can demonstrate compelling legitimate grounds for such processing or such processing is required for the establishment, exercise or defence of legal claims. Please note that you may, at any time, ask the Company to cease processing your data for these direct marketing purposes by sending an e-mail to privacy@infeedo.com.
3. HOW WE USE INFORMATION WE COLLECT
   1. To facilitate account creation and authentication and otherwise manage user accounts. We may process your information so you can create and log in to your account, as well as keep your account in working order.
   2. To deliver and facilitate delivery of SaaS Offering to the User. We may process your information to provide you with the requested SaaS Offering, specifically if the User has been designated as an “administrator” for the purposes of the use and access of the SaaS Offering.
   3. To respond to user inquiries/offer support to users. We may process your information to respond to your inquiries and solve any potential issues you might have with the SaaS Offering, pursuant to the requested service.
   4. To fulfill and manage your subscriptions. We may process your information to fulfill and manage your subscriptions, payments, etc for the SaaS Offering.
   5. To evaluate and improve our SaaS Offering, products, marketing, and your experience. We may process your information when we believe it is necessary to identify usage trends, determine the effectiveness of our promotional campaigns, and to evaluate and improve our SaaS Offering, products, marketing, and your experience.
   6. To identify usage trends. We may process information about how you use our SaaS Offering to better understand how they are being used so we can improve them.
   7. To comply with our legal obligations. We may process your information to comply with our legal obligations, respond to legal requests, and exercise, establish, or defend our legal rights.
   8. To promote the SaaS Offering other member content may be displayed on other websites, in applications, within emails, and in online and offline advertisements.
   9. To facilitate payments. We may collect data necessary to process your payment, such as your payment instrument number, and the security code associated with your payment instrument. In that case, we may use third-party services for payment processing (e.g. payment processors). We will not store or collect your payment card details. That information is provided directly to our third-party payment processors whose use of your information is governed by their Privacy Policy.
   10. We may review, scan, or analyze your communications on the SaaS Offering for fraud prevention, risk assessment, regulatory compliance, investigation, product development, research, and customer support purposes. In some cases, we may also scan, review, or analyze messages to debug, improve, and expand product offerings. We will not review, scan, or analyze your communications to send third party marketing messages to you.
   11. To analyze and process aggregated data to improve the accuracy of our AI-powered recommendations and insights.
   12. To send you relevant communications, offers, and product recommendations, unless you opt out.
4. LEGAL BASIS FOR PROCESSING
   1. Depending on your location and applicable law, we process personal data based on one or more of the following legal bases:
      • your consent
      • performance of a contract, including to provide services under an employment agreement to you as an employee of an inFeedo entity.
      • our legitimate business interests
      • compliance with legal obligations
   2. Additional jurisdiction-specific information regarding the legal bases for processing may be found in the country-specific privacy notices attached to this policy.
5. SHARING AND DISCLOSURE:

   We may need to share your information in the following situations:

   1. Business Transfers. We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
   2. Business Partners. We may share your information with our business partners to offer you certain products, services, or promotions.
   3. Third-Party Authorization: Information we collect is shared as per your consent. For instance, when you authorize third-party applications or websites to access your registered account or participate in promotional events hosted by our partners or third parties.
   4. Legal Compliance: We may disclose your information to legal or governmental authorities or authorized third parties if required or permitted by law. This includes situations involving compliance with legal obligations, claims asserted against us, or verified requests related to a criminal investigation, illegal activity, or any activity that may pose legal liability or harm to us and/or to you.
   5. Protection and Compliance Assurance: These disclosures are critical for legal compliance, protection of interests or safety, enforcing terms and conditions, and maintaining the security and safety of our Services.
   6. Notification of Legal Requests: Unless restricted by law, court order, or for reasons such as creating risk or harm, we may notify you about legal requests unless: (i) providing notice is prohibited by the legal process itself, by court order we receive, or by applicable law, or (ii) we believe that providing notice would be futile, ineffective, create a risk of injury or bodily harm to an individual or group, or create or increase a risk of fraud upon inFeedo. In instances where we comply with legal requests without notice for these reasons, we will attempt to notify that guest about the request after the fact where appropriate and where we determine in good faith that we are no longer prevented from doing so.
   7. To investigate, prevent, or act regarding suspected or actual prohibited activities, including but not limited to, fraud and situations involving potential threats to the physical safety of any person or to prevent financial loss to any person or entity, including inFeedo, its customers, clients, and other parties.
   8. Engagement with Sub-Processors: We engage various third-party service providers to aid in delivering Website-related services and SaaS Offering. These providers assist in the development, maintenance, debugging, and other supportive roles, limiting access to information and ensuring its protection in line with this Policy. You can find the list of sub-processors here- and they shall be governed by the privacy policies and terms of use as are available. By using the Website and the SaaS Offering, you consent to the use of the sub-processors. In the event of any changes to the sub-processors, we will intimate you about the same. If you would like to get intimated of any changes in our sub-processors, please register here. In the event you have an objection to the use of such a sub-processor, please send the same within 15 (fifteen) days of intimation, failing which, it shall be assumed that you have agreed to the engagement with such sub-processors. You may send your objections to privacy@infeedo.com.
   9. Where required under applicable data protection laws, inFeedo enters into Data Processing Agreements (DPAs) with some of our customers that govern the processing of personal data on their behalf. These agreements establish the responsibilities of each party and include provisions relating to: confidentiality; security safeguards; sub-processor engagement; cross-border data transfers; data subject rights assistance.
6. COOKIES AND SIMILAR TECHNOLOGIES
   1. Cookies and How We Use Them: We use certain industry-standard technologies, including cookies and similarly functional technologies, which we describe below. We use these technologies on the Websites listed here, for instance, and our partners, data sources and customers may use these technologies to market to you.
   2. We may work with third parties to provide or enhance our Website and/or our SaaS Offerings (e.g. for purposes of tailoring ads, or placing browser cookies), or to offer marketers ways to access or use our information, often in de-identified form. These partners may set and access their own cookies, pixel tags and similar technologies on your device, which may have cookies with varying expiration periods. Those partners may likewise use cookies to collect various types of information about your browser, device, or browsing activities.
   3. We may use cookies to, among other things, “remember” you, determine visitor patterns and trends, collect information about your activities on our clients’ sites, or interact with the advertising you see. Cookies are used in this way to provide relevant content to you and ads that better match your interests.
   4. Types of Cookies Used by inFeedo: inFeedo uses the following types of cookies:
      • Strictly Necessary Cookies: Some cookies are required for technical reasons in order for our Website and/or our SaaS Offering to support functions such as logging in, and payment transactions
      • Targeting Cookies: These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store direct personal information but are based on uniquely identifying your browser and internet device.
      • Functional Cookies: Functional cookies enable us to provide additional functions to you on our site such as personalization and remembering your saved preferences.
      • Performance Cookies: Performance cookies are cookies used specifically for gathering data on how visitors use a website, which pages of a website are visited most often, or if they get error messages on web pages. These cookies monitor only the performance of the site as the user interacts with it. These cookies don’t collect identifiable information on visitors, which means all the data collected is anonymous and only used to improve the functionality of a website.
      • Any cookie, whose purpose has not been identified by us or is unknown to our current understanding is classified together as “Unclassified Cookies”. Such cookies may or may not adhere to our policy, and we cannot take ownership of said cookies; however, we would periodically and actively try to investigate them and categorize them in their respective cookie categories for the benefit of our users, partners and customers.
      • We may continue to update the category based cookies. You may review the list of cookies along with their usage:
        • Hubspot
        • Microsoft UET Tag
        • Facebook Pixel
        • Google Analytics
        • LinkedIn Insight Tag
        • Hotjar
        • Apollo
   5. Cookies are not the only way to recognize or track visitors on a website. We may use other similar technologies from time to time, like web beacons (sometimes called “tracking pixels” or “clear gifs”). These are tiny graphics files that contain a unique identifier that enables us to recognize when someone has visited our websites or opened an e-mail including these. In many instances, these technologies are reliant on cookies to function properly, and hence, declining cookies will impair their functioning.
   6. Disabling Cookies: Most web browsers are set up to accept cookies. You may be able to set your browser to warn you before accepting certain cookies or to refuse certain cookies. However, if you disable the use of cookies in your web browser, some features of our Website and other services may be difficult to use or become inoperable. You may select the cookies applicable to cookies from our cookie banner.
7. DATA RETENTION. We retain your data for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. If you wish to request the deletion of your data, please contact us at the following e-mail id: privacy@infeedo.com.
8. SECURITY AND DATA INTEGRITY.
   1. We have implemented appropriate and reasonable technical and organizational security measures designed to protect the security of any information we process, consistent with applicable data protection laws including the GDPR, the UAE PDPL, and the Digital Personal Data Protection Act, 2023.
   2. We implement appropriate administrative, technical, and organizational measures designed to protect personal data against unauthorized access, disclosure, alteration, or destruction. These safeguards may include: encryption of data in transit and at rest; access controls and authentication mechanisms; monitoring and incident response procedures; regular security assessments.
   3. However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information. Although we will do our best to protect your information, transmission of information to and from our SaaS Offering is at your own risk. You should only access the SaaS Offering within a secure environment.
9. AI USE AND TRANSPARENCY NOTICE. We are committed to responsible and ethical use of Artificial Intelligence (AI) in our SaaS Offering. These features are intended to support, not replace, human judgment in decision-making. We also ensure that all AI systems used in our SaaS Offering comply with applicable local data protection laws and ethical guidelines.
   1. Where We Use AI: Our SaaS Offering uses AI technologies to improve user experience and support organizational engagement goals, includes, (i) analyzing employee sentiment from survey responses and feedback; (ii) Summarizing open-text input using natural language processing (NLP); (iii) Generating data-driven insights and engagement recommendations; (iv) Detecting trends and patterns across organizational engagement metrics. (v) enabling conversational engagement during employment through AI features that interact with employees to collect feedback, and/or support HR teams by summarizing feedback, generating insights, and providing recommendations, recommendations, in cases where inFeedo acts as a data controller.
   2. How We Use AI: The AI systems we use are trained on historical and anonymized data to help surface actionable insights. We do not use AI: (i) to make automated decisions that have legal or significant personal effects on individuals; (ii) to monitor employee behavior in real-time or for disciplinary purposes. Where feasible, employee feedback data is aggregated or pseudonymized before analysis to reduce the identification of individual employees.
   3. All AI-generated outputs are advisory in nature and are reviewed by authorized human users, i.e. the administrators appointed by the customer before any action is taken.
   4. Your Rights and Choices: Depending on your jurisdiction, you may have the right to:
      • Know when AI is being used to process your data;
      • Request human review of decisions influenced by AI;
      • Object to profiling or automated processing
      • Access, correct, or delete your personal data (see our relevant, “Other Rights” Section)
   5. You can contact privacy@infeedo.com for more information or to exercise any of these rights.
   6. Our Commitment: We conduct internal reviews of our AI tools for (i) fairness and bias mitigation; (ii) security and data minimization; (iii) transparency and accountability
10. YOUR INFORMATION PROTECTION RIGHTS: We respect the various rights available to you, as a user of our Platform. The rights provided to you are as listed below. To exercise these rights, please contact us at the following email ID: privacy@infeedo.com.
    1. Right to Access: You can request access to the information we hold about you.
    2. Right to Rectification: You are responsible for keeping your personal information up-to-date. You have the right to ask us to correct inaccurate or incomplete personal information concerning you.
    3. Right to Erasure: You can request the deletion of your information.
    4. Right to Restrict Processing: You can restrict the processing of your information.
    5. Right to Data Portability: You can request an export of the information that we hold about you.
    6. Right to Object: You can object to the processing of your information.
    7. Right not to be Subject to Automated Processing: We do not conduct automated processing of any information. Human intervention is involved, making this right inapplicable to our processes.
    8. Right to refuse or withdraw consent: You can withdraw your consent at any time (to the extent we base processing on consent), without affecting the lawfulness of the processing based on such consent before its withdrawal.
11. YOUR OPT-OUT AND DELETION CHOICES: You have certain choices regarding how your personal data is used.
    1. Marketing Communications: You may opt out of receiving marketing communications from us at any time by:
       1. clicking the “unsubscribe” link included in marketing emails; or
       2. contacting us at privacy@infeedo.com.
       3. Even if you opt out of marketing communications, we may still send you service-related or transactional communications relating to your account or the SaaS Offering.
    2. Cookies and Tracking Technologies: You may manage or disable cookies through your browser settings or through the cookie preferences available on our Website. Please note that disabling certain cookies may affect the functionality of the Website or SaaS Offering.
    3. Employee Data Processed Through the SaaS Offering: If you are an employee whose personal data is processed through an organization using the inFeedo platform, your employer is the data controller for that information. Requests relating to such data should generally be directed to your employer or organization that uses the platform. inFeedo will assist customers in responding to such requests where required under applicable law.
12. INTERNATIONAL DATA TRANSFER: Personal data may be transferred to and processed in jurisdictions where inFeedo or its service providers operate, including the United States, India, the European Union, and the United Arab Emirates. When personal data is transferred across borders, we implement appropriate safeguards designed to ensure the protection of personal data in accordance with applicable data protection laws.
13. CHILDREN’S PRIVACY. Our Website and/or SaaS Offering are not directed at children. We do not knowingly collect data from children under 18 years of age. By using the SaaS Offering, you represent that you are at least 18. If we learn that information from users less than 18 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of any data we may have collected from children under age 18, please contact us using the details provided in Section 7, and we will take steps to delete their data.
14. LINKS. The Website may provide links to other websites (or we may otherwise provide information about companies or events) that we think users will find interesting or useful. We are not responsible for the privacy practices of these other sites or companies.
15. CHANGES AND UPDATE: We may update this Privacy Policy from time to time. The updated version will be indicated by an updated "Revised" date, and the updated version will be effective as soon as it is accessible. If we make material changes to this Privacy Policy, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this Privacy Policy frequently to be informed of how we are protecting your information.
16. CONTACT:
    1. If you have questions or comments about this Privacy Policy or want to exercise your rights, you may email us at privacy@infeedo.com. Please note that we may refuse to act on requests to exercise information protection rights in certain cases, such as where providing access might infringe someone else’s privacy rights or impact our legal obligations.
    2. In accordance with the Digital Personal Data Protection Act, 2023, individuals located in India may contact our Grievance Officer.
       1. Name: Seema Pathak
       2. Email: privacy@infeedo.com

    We aim to respond to grievances within 7 working days.

    ***

    Country specific privacy notices follow

U.S. STATE PRIVACY LAW STATE RESIDENTS

Some U.S. states have privacy laws providing privacy rights to their residents. These laws include the; Texas Data Privacy Security Act (TDPSA), California Consumer Privacy Act (CCPA), Colorado Privacy Act, Connecticut Data Privacy Act, Montana Consumer Data Privacy Act, Oregon Consumer Privacy Act, Utah Consumer Privacy Act, and Virginia Consumer Data Protection Act. However, these rights are available to all Users located in the U.S.

1. The Right to Opt Out of the Processing for Purposes of Sale and Targeted Advertising/“Share”: You have the right to opt out of the processing of your personal data for purposes of the sale of your personal data. Your personal data is “sold” when provided to a third party for monetary or other valuable consideration. Valuable consideration is a broad term and may cover the InFeedo entities listed above sharing data with their affiliates (if applicable). You have the right to opt out of the processing of your personal data for purposes of targeted advertising (also known as share under CCPA). InFeedo uses targeted advertising to more effectively optimize our advertising and to show our users job ads that are more relevant to them.
2. The Right to Opt Out of Profiling in Furtherance of a Legal or Similarly Significant Effect: You have the right to opt out of the processing of personal data for purposes of profiling in furtherance of a decision that produces a legal or similarly significant effect. To opt out, please send an email to the e-mail id listed in Section 16 of this Privacy Policy from the email address associated with your account.
3. The Right to Limit the Use of Your Sensitive Personal Data: Some states require InFeedo Entities listed above to obtain consent prior to the collection of sensitive personal information. All sensitive data collected by respective InFeedo Entities is with your consent, or as permitted or required under applicable laws. This includes collection of some demographic data as part of our commitment to inclusivity and fairness. You can update or remove your demographic data at any time by sending an email listed in Section 16 of this Privacy Policy from the email address associated with your account. Some states provide users the right to limit the use and disclosure of sensitive personal information beyond what is necessary to perform the services as reasonably expected by users and those other activities allowed under its regulations.
4. The Right to Non-discrimination: You have a right to not be discriminated against for exercising any of your rights.

   If you have been denied a request to exercise your rights as described in this section, you may appeal our decision by sending an email to the e-mail ids listed in Section 16 of this Privacy Policy from the email address associated with your account. If your appeal is declined, you may submit a complaint with your state’s Attorney General.

   1. Categories of Personal Data Shared with Third Parties: Company shares your personal data with third parties for a variety of reasons, and include employers, affiliates and/or advertisers.
   2. Cookies and Tracking technologies : See above (Section 6)
   3. AI use Notice under CPRA: Residents of California have the right to:
      • Know when AI or automated decision-making is used to process their personal information;
      • Access, correct, or delete their data;
      • Opt out of the use of automated decision-making technologies in certain circumstances;
      • Request meaningful information about the logic and outcome of such automated tools.
      • We do not use AI to make decisions that result in legal or similarly significant effects without human involvement. Any profiling or inference is used strictly for internal purposes and subject to your privacy rights.

      Please contact us at the e-mail id listed in Section 16 of this Privacy Policy from the email address associated with your account, for any questions relating to this section.

       

EU/ EEA/ UK RESIDENTS

This notice provides additional information for users in the European Union (EU) and the United Kingdom (UK). Users in the EU and UK have certain privacy rights as specified under EU and UK law, including the General Data Protection Regulations (GDPR) and the UK Data Protection Act 2018. This notice ensures we cover the EU and UK-specific requirements. This notice should be read in conjunction with the rest of this Privacy Policy.

Data Controller: If you are a visitor to our Platform and a resident in the EU or UK, you should know that we are the processor of your personal data, you are a data subject, and your data is controlled by your employers through whom you have received access to our Platform.

Bases for using your information: We have a lawful basis to process your personal data, the purposes for processing personal data are described in this Privacy Policy under “How We Process Your Information”. You shall be required to determine the applicability based on whether you are a visitor or a user. In some cases, we may also have a legal obligation to collect personal data from you or may otherwise need the personal data to protect your vital interests or those of another person. We may disclose the following categories of personal data to third parties: identifiers/contact information, demographic information (such as gender and age), commercial information, internet or other electronic network activity information, geolocation data, audio, electronic, visual or similar information, and inferences drawn from the above. We share each category with third-party business partners and service providers, third-party sites or platforms such as social networking sites, and other third parties as described in the “When And With Whom We Share Your Information” section of this Privacy Policy.

Your information protection rights: We respect the various rights available to you, as a user of our Services. The rights provided to you are as listed below:

1. Right to Access: You can request access to the information we hold about you.
2. Right to Rectification: You can request us to rectify or correct any information about you.
3. Right to Erasure: You can request the deletion of your information.
4. Right to Restrict Processing: You can restrict the processing of your information.
5. Right to Data Portability: You can request an export of the information that we hold about you.
6. Right to Object: You can object to the processing of your information.
7. Right to refuse or withdraw consent: You can withdraw your consent at any time (to the extent we base processing on consent), without affecting the lawfulness of the processing based on such consent before its withdrawal.

AI Transparency Notice under the European Union Artificial Intelligence Act

1. In accordance with the European Union Artificial Intelligence Act and related data protection legislation (including the GDPR), we are committed to providing transparency around our use of Artificial Intelligence (AI) systems in our SaaS Offering.
   1. Use of AI in Our Platform We use AI technologies within our SaaS Offerings to support and enhance the following functionalities:
      • Sentiment analysis of employee feedback and survey responses;
      • Automated suggestion of engagement initiatives or pulse check topics
      • Natural language processing to summarize open-text feedback
      • Trend detection and predictive analytics related to engagement levels
   2. These AI systems are designed to assist HR professionals and managers in understanding workforce sentiment, identifying potential concerns, and enabling timely and targeted action.
   3. Purpose and Justification: The AI systems are used for
      • Improving the employee experience and organizational engagement;
      • Enhancing the quality and efficiency of HR decision-making;
      • Generating insights based on aggregated, anonymized employee data;
      • We do not use AI to make fully automated decisions that produce legal or similarly significant effects on individual employees.
   4. Human Oversight All insights generated by our AI systems are subject to human review and interpretation by your organization's HR teams. Decisions affecting individual employees are not made solely based on AI output.
2. Your Rights: In accordance with applicable EU laws, individuals (Data Subjects) have the right to:
   1. Be informed when AI systems are used in processing their data
   2. Understand the logic and purpose behind such systems (to the extent reasonably possible)
   3. Object to certain kinds of profiling or automated processing under GDPR Articles 21 and 22
   4. Request human intervention where decisions may involve automated processing
3. To exercise these rights or request more information, please contact us at the e-mail ids listed in Section 16 of this Privacy Policy from the email address associated with your account, for any questions relating to this section.
4. AI System Classification and Risk: Our AI systems are categorized as limited-risk systems under the EU AI Act. They are not used for surveillance, biometric identification, or high-risk applications as defined in Title III of the EU AI Act.

    

United Arab Emirates Privacy Notice

This notice provides additional information for users located in the United Arab Emirates (UAE). Personal data is processed in accordance with UAE Federal Decree Law No. 45 of 2021 on the Protection of Personal Data (PDPL).

1. Legal Basis for Processing: We may process personal data where (i) consent has been provided; (ii) processing is necessary to perform a contract; (iii) processing is required to comply with legal obligations; (iv) processing is necessary to protect legitimate interests.
2. Your Rights: Subject to applicable law, individuals located in the UAE may have the right to:
   1. Right to Access: You can request access to the information we hold about you.
   2. Right to Rectification: You can request us to rectify or correct any information about you.
   3. Right to Erasure: You can request the deletion of your information.
   4. Right to Restrict Processing: You can restrict the processing of your information.
   5. Right to Data Portability: You can request an export of the information that we hold about you.
   6. Right to Object: You can object to the processing of your information.
   7. Right to refuse or withdraw consent: You can withdraw your consent at any time (to the extent we base processing on consent), without affecting the lawfulness of the processing based on such consent before its withdrawal.

Please contact us at the e-mail id listed in Section 16 of this Privacy Policy from the email address associated with your account, to request any action to be taken as per the rights hereinabove or for any questions relating to this section.

Notice for Data Principals under Digital Personal Data Protection Act, 2023

This notice applies to individuals located in India whose personal data is processed by inFeedo Tech Private Limited. Personal data is processed in accordance with the Digital Personal Data Protection Act, 2023 (“DPDP Act”). This Notice shall be read in conjunction with the Privacy Policy.

For the purposes of the DPDP Act:

• inFeedo Tech Private Limited acts as the “Data Fiduciary.”
• Individuals whose personal data is processed are referred to as “Data Principals.”

1. Applicability. This notice applies to personal data processed by inFeedo relating to:
   • visitors to our Website
   • users of our SaaS Offering
   • employees of organizations using the inFeedo platform
   • employees and workforce members of inFeedo
   • job applicants and candidates
   • contractors, consultants, and service providers
   • representatives of vendors, partners, or customers
2. Purpose of Processing Personal Data. Personal data may be processed for the following purposes, it is imperative to remember that Personal data will be processed only for lawful purposes consistent with applicable law.
   • providing and operating the SaaS Offering
   • communicating with users regarding accounts, services, or support requests
   • improving our products and services through analytics and research
   • managing relationships with customers, partners, and vendors
   • recruiting and evaluating job applicants
   • administering employment or workforce-related processes
   • complying with applicable legal or regulatory obligations
   • sending marketing or promotional communications where consent has been provided
3. Categories of Personal Data Processed. Depending on the nature of your interaction with inFeedo, we may process the following categories of personal data:
   • Account and Contact Information
   • Name
   • email address
   • phone number
   • company or organization name
   • job title
   • Platform Usage Information
   • account credentials
   • user activity and engagement data
   • feedback or survey responses submitted through the platform
   • support communications
   • Technical Information
   • IP address
   • browser and device information
   • system logs and usage data
   • Employment or Professional Information. Where applicable, we may process:
   • employment details (designation, department, tenure)
   • professional contact information
   • recruitment and application information
   • share the information with third parties who undertake background verification, and/or who provide services to inFeedo for providing benefits pertaining to your employment.
   • Vendor or Partner Information.
   • contact information of representatives of vendors or partners
   • communications relating to services or contractual relationships

   inFeedo does not process Sensitive Personal Data unless required by law or with appropriate consent and safeguards.

4. Processing of Customer Employee Data. Where organizations use our SaaS Offering to collect employee feedback or engagement data:
   • the customer organization acts as the Data Fiduciary for such employee data;
   • inFeedo acts as a data processor, processing such personal data solely on behalf of the customer and in accordance with contractual instructions.
   • Individuals whose data is processed through an organization’s use of the platform should generally direct privacy requests to that organization.
   • inFeedo will assist customers in responding to such requests where required under applicable law.
5. Data Sharing and Transfers. We may share personal data with:
   • trusted service providers or sub-processors who support delivery of our services
   • professional advisors such as auditors or legal advisors
   • government or regulatory authorities where required by law

   All such disclosures occur subject to appropriate contractual and security safeguards. We do not sell personal data.

6. Retention of Personal Data. Personal data is retained only for as long as necessary to fulfill the purposes for which it was collected, including:
   • providing services
   • complying with legal obligations
   • resolving disputes
   • enforcing contractual agreements

   Personal data that is no longer required will be securely deleted or anonymized.

7. Rights of Data Principals. Under the DPDP Act, Data Principals may have the right to:
   • obtain information about personal data being processed
   • request correction or completion of inaccurate personal data
   • request erasure of personal data
   • withdraw consent where processing is based on consent
   • nominate a representative in the event of incapacity or death
   • file a grievance regarding personal data processing

      

     In addition to the above rights, Data Principals are expected to adhere to the following duties:

   • Duty to Provide Accurate Information: Ensure that the personal data provided is accurate and up to date.
   • Duty Not to Impersonate: Not to impersonate another individual while providing personal data.
   • Duty Not to File False Complaints: Data Principals shall not file false or frivolous grievances or complaints with respect to personal data processing.

Please contact us at the e-mail id listed in Section 16 of this Privacy Policy from the email address associated with your account, to request any action to be taken as per the rights hereinabove or for any questions relating to this section.

If you are not satisfied with our response, you may escalate the matter to the Data Protection Board of India.