Legal

Privacy Policy

How BetterPlace collects, uses, and protects your personal data — and the rights you have over it.

Privacy Policy

Last Updated: 10th June, 2025

The privacy policy of the Company is being issued in compliance to the Information Technology Act and Applicable Rules. This electronic record is generated by a computer system and does not require any physical or digital signatures.

The website www.betterplace.co.in is owned and operated by Betterplace Safety Solutions Private Limited ("Company"), a company incorporated and registered under the Companies Act, 2013, having its registered office at 144, 144/1, 1st Floor, Shubharam Complex, M.G. Road, Bengaluru – 560001, Karnataka, India, where such expression shall, unless repugnant to the context thereof, be deemed to include its respective representatives, administrators, employees, directors, officers, agents and their successors and assigns.

The Company has adopted this Privacy Policy to set out the manner in which personal data and other information is collected, received, stored, processed, disclosed, transferred, dealt with and handled by the Company in relation to Your use of our Services through the website www.betterplace.co.in ("Website") (referred to as the "Platform"). Our platform may contain links to other (third party) websites; this Privacy Policy does not apply to information provided to or collected by any third-party through our Platform, or to any third-party websites that You access or use in connection with services offered on our Platform. The Company is not responsible for, and has no control over, any third-party website's practices or content.

For the purpose of this Privacy Policy ("Policy"), wherever the context so requires:

  1. The terms 'You' & 'User' shall mean any legal person or entity accessing or using the services provided on our platform, who is competent to enter into binding contracts, as per the provisions of the Indian Contract Act, 1872;
  2. The terms 'We', 'Us' & 'Our' shall mean our platform and/or the Company, as the context so requires.
  3. The terms 'Party' & 'Parties' shall respectively be used to refer to the User and the Company individually and collectively, as the context so requires.

The User expressly agrees and acknowledges that the Terms of use and Privacy Policy are co-terminus, and the expiration or termination of one will result in the termination of the other.

User shall make sure to read carefully the privacy policy along with the terms of use before registering on the Platform, or accessing any material, information, or availing any services ("Services") through the Platform. You accept this Privacy Policy and agree to be legally bound by it by clicking the "I accept" button on the landing page. Please do not use or access the Platform if you do not agree to the Privacy Policy. The Parties expressly agree that the Company has the exclusive and discretionary right to amend or modify the Policy and the aforementioned Terms without the User's approval or notification, and that any such amendments or modifications shall take effect immediately. If the User continues to use our platform after such a change, the User will be deemed to have agreed to any and all changes made to the Policy and Terms. The User is granted a personal, non-exclusive, non-transferable, revocable, restricted license to enter, access, and use our platform if he or she follows the Policy and Terms.

1. Information that may be collected

a. Personal Identification Information

At many different points of time while using our platform, you may be asked to provide personally identifiable information. We seek or collect, amongst others, information such as your name, mother's name, father's name, password, date of birth, gender, signature, marital status, nominee details, email ID, phone number, educational qualification, bank account details, facial images & facial features with other biometric identifiers ("Facial images & facial features" shall be collectively known as "face data" which shall mean our app collects and processes the following types of face data: Facial biometric data — unique facial features used to generate a mathematical representation for identity verification; Facial images — captured during initial registration and subsequent attendance events), Timestamps and geolocation data — date, time, and location (if applicable) of each attendance event, and any other information that you provide during your registration process or to use any services. This helps us to confirm your identity and facilitate the provision of the Services through the platform. No liability pertaining to the authenticity / genuineness of the information disclosed by you will lie on the Company. Further, the Company will not be in any way responsible to verify any information obtained from you.

  1. In case you are required to provide any proof of identity card (Voter ID, Driving License, Aadhaar, etc.) details to us during account creation, you acknowledge and agree that the act of providing your identity details to us is voluntary.
  2. We collect mobile numbers and e-mail addresses that you provide us and use the same for sending various communications to you. In addition to the above, when you visit our platform or use the Services, we automatically track your device's unique identifier and device information like operating system, operating system version, browser plug-ins, crashes, and system activity, etc.
  3. You represent that the Personal Information you provide to us from time to time is and shall be correct, current, and updated, and that you have all the rights, permissions and consents to provide such information. Data provided by the user as per above and the Company's consequent storage, collection, usage, transfer, access or processing of the same shall not be in violation of any third-party agreement, laws, judgments, orders or decrees.

b. Non-Personal Identification Information

We may collect non-personal user identification information whenever you access our platform. Non-personally identifiable information can include but shall not be limited to the name of the browser, the type of computer, and technical information related to the means of connecting users to our mobile application, such as the operating system and the Internet service providers used, including the IP address and other similar information.

2. How we use the Information

We do not sell or share your personal or other information to anyone. However, notwithstanding anything contained in this Policy, you expressly acknowledge, consent and agree to the following terms on information use and further authorize us to access and use your information in the manner set out below:

  1. To use your information to manage your account, to contact you, and to operate, improve, and deliver our Platform and Services. We use your information to give you a customized, interactive experience as you use our Platform and avail the Services.
  2. To use your information for maintaining a record of such information in a secure and confidential manner, and as required under the applicable laws.
  3. To use services of third parties to provide the Platform and Services for you, who are bound to keep such information confidential.
  4. To use the information provided by you for the services as per the platform as required by you and to share such information with third party organizations if required, for the purposes of rendering the services as required by you.
  5. To troubleshoot software bugs and operational issues, conduct data analysis, testing and research, and to monitor and analyze usage and activity trends. Information collected may also be used to share communications to you about our services, provide additional features through cookies, and to detect and/or prevent any fraudulent / criminal / prohibited activity as per applicable laws.
  6. To use the data in an aggregated / compiled form to produce statistical / demographic analyses for marketing, strategy and other business purposes. However, these will be used in ways that will not be able to identify you or link any specific information to an individual. Such aggregated information and results / analyses shall be our property, and you will not be entitled to any compensation for the use thereof.
  7. To share your information with judicial, administrative and regulatory entities to comply with any legal and regulatory requirements.
  8. To summarize information about your usage and combine it with that of others to learn about the use of the Platform and Services and further to help us develop new products and services.
  9. To use your information to manage your account, contact you, and to operate, improve, and deliver our services, including the Platform. You further acknowledge, agree and authorize us to use your information for market research, project planning, product development, troubleshoot problems, analyze user behavior, marketing purposes, and promotions.
  10. To use the contact information to communicate with you. You further expressly consent and authorize us to send you messages on your mobile number, call you on your mobile number, email you, send you messages and communicate with you in any other manner including for the purpose of providing you Platform and Services and for marketing and promotional purposes.
  11. To conduct an audit of your records without any notice in case of apprehension of fraud.
  12. To retain / store your data and confidential information, of any nature (either wholly or partially), in the Company's servers or cloud or otherwise in any other medium as may be transmitted / processed / passed through our platform.
⚠️ Section pending legal review: The list of entities with whom information may be shared, along with any further clauses such as Cookies, Data Retention, Children's Data, and Governing Law, should be inserted here from the authoritative legal copy.

3. Consent Withdrawal

You have the right to withdraw your consent for the collection, processing, storage, or use of your personal data at any time. Withdrawing consent will not affect the lawfulness of any processing that took place prior to the withdrawal.

How to withdraw your consent

To withdraw your consent, simply send an email to support@betterplace.co.in from the email address associated with your account. Please include the following information so we can verify your identity and process your request promptly:

  • Your full name as registered with us
  • The email address and / or phone number associated with your account
  • A clear statement that you wish to withdraw your consent
  • The specific data or processing activities you are withdrawing consent for (or indicate "all" if you wish to withdraw consent for all processing)

What happens after you withdraw consent?

Once we receive your request, our team will acknowledge it within a reasonable timeframe and process the withdrawal in line with applicable data protection laws (including GDPR where applicable). We may retain certain information where we are required to do so by law, for the establishment, exercise or defense of legal claims, or for legitimate business interests permitted by law. We will inform you if any such retention applies to your data.

Please note that withdrawing consent may limit or prevent your ability to access certain features of our Platform or Services that depend on the processing of the relevant data.

For any questions about your data privacy rights or this Policy, you may contact our Data Protection Officer, Nasir Shaikh, at nasir.shaikh@betterplace.co.in.

Data Protection Agreement

Last Updated: 10th June, 2025

This Data Protection Agreement (the "Agreement") is made on ____ day of _____________ 2025

BY AND BETWEEN:

  1. BetterPlace Safety Solutions Private Limited with registered office at 144, 144/1, 1st Floor, Shubharam Complex, M.G. Road, Bengaluru – 560001, Karnataka, India ("BetterPlace"); and
  2. ______________________ with its registered office at ___________________ (the "Supplier"),

(together the "Parties").

Recitals

  1. At the request of BetterPlace, the Supplier has agreed to provide the Services as defined in the Services Agreement to BetterPlace and will process the personal data of individuals, as more fully described below.
  2. BetterPlace and the Supplier have entered into a separate agreement (the "Services Agreement") to set out the other terms relating to the Services and subscription of software, but have agreed to enter into this data protection agreement to confirm the data protection provisions relating to their relationship and so as to meet the requirements of the Information Technology Act, 2000 and any other Data Protection Legislation.

1. Definitions

  1. Data Protection Legislation means Information Technology Act, 2000 and any other Data Protection Legislation applicable.
  2. BetterPlace Personal Data means all personal data and sensitive personal data processed by the Supplier on behalf of BetterPlace for the purposes of supplying the Services pursuant to the Services Agreement.
  3. The terms "personal data" and "sensitive personal data" shall have the meanings given in the Information Technology Act, 2000 (as amended from time to time) and any other data protection legislation applicable in India.

2. Agreed Terms

2.1 To the extent that the Supplier processes BetterPlace Personal Data on behalf of BetterPlace, the Supplier acknowledges that BetterPlace is a "Data Controller" and the Supplier is the "Data Processor" in respect of BetterPlace Personal Data, and further acknowledges that BetterPlace Personal Data:

  1. relates to data of BetterPlace's directors, officers and employees of BetterPlace;
  2. comprises data of BetterPlace India's customers, consultants & suppliers; and
  3. shall be processed by the Supplier in order to supply the Services only, for the duration of this Agreement or the Services Agreement or for such further time as the Parties shall both agree in writing.
  4. The Parties acknowledge that the designated Data Protection Officer (DPO) for BetterPlace is Nasir Shaikh. Official email ID (nasir.shaikh@betterplace.co.in), Contact number (7700919786).

2.2 Further to clause 2.1, as a Data Processor, the Supplier agrees that it shall:

  1. carry out processing only in accordance with written instructions from BetterPlace from time to time, including as set out in this Agreement and the Services Agreement, unless required to do otherwise under Indian laws in which case, the Supplier shall inform BetterPlace of such legal requirement before processing;
  2. ensure that any staff or personnel authorised to process BetterPlace Personal Data shall be subject to a binding duty of confidentiality in respect of such data;
  3. implement appropriate technical and organisational measures to protect BetterPlace Personal Data against accidental or unlawful destruction, loss, alteration, and unauthorised disclosure or access, and provide a written description within a reasonable timeframe of the technical and organisational measures it employs for processing BetterPlace Personal Data where required by BetterPlace;
  4. not subcontract any processing of BetterPlace Personal Data without BetterPlace's prior written consent which consent BetterPlace may grant or withhold in its sole and absolute discretion. A list of currently approved sub-processors is set out in Schedule A to this Agreement. Where BetterPlace does consent to such subcontracting, the Supplier shall ensure that obligations in relation to the processing of BetterPlace Personal Data that are the same as those imposed on the Supplier under this Agreement are imposed by contract on the sub-contractor;
  5. at no additional cost, provide such information and such assistance to BetterPlace as BetterPlace may reasonably require, and within the timescales reasonably specified by BetterPlace, to allow BetterPlace to comply with any obligations under the Information Technology Act, 2000, Government agencies and any other applicable data protection law including assisting BetterPlace to:
    1. Comply with its own security obligations;
    2. Discharge its obligations to respond to requests for exercising the rights of a BetterPlace's employee, consultant, customer etc.;
    3. Comply with its obligations to inform BetterPlace's employee, consultant, customer etc. about serious personal data breaches;
    4. Comply with its obligations to notify the applicable government or other statutory authority about personal data breaches;
    5. Carry out privacy impact assessments and audit privacy impact assessment compliance.
  6. on expiry or termination of this Agreement or the Services Agreement, at the choice of BetterPlace, either promptly and securely return BetterPlace Personal Data and its back-up to BetterPlace or promptly and securely delete BetterPlace Personal Data unless the continued storage by the Supplier of such copies is required mandatorily under applicable law;
  7. at no additional cost, keep or cause to be kept such information as is necessary to demonstrate compliance with its obligations under this clause 2.2 including full and accurate records relating to the processing of BetterPlace Personal Data and shall, upon reasonable notice, make available to BetterPlace or grant to BetterPlace and its auditors and agents, a right of access to and to take copies of any information or records kept by the Supplier pursuant to this clause;
  8. notify BetterPlace immediately if, in the Supplier's opinion, any instruction issued by BetterPlace pursuant to this clause 2.2 breaches any provision of the Information Technology Act, 2000 and any other applicable data protection legislation;
  9. not transfer any of BetterPlace Personal Data outside of the Indian territory without BetterPlace's prior written consent. Where BetterPlace does consent to the transfer of BetterPlace Personal Data outside of the Indian territory, the Supplier must comply with all applicable provisions of the Information Technology Act, 2000 and any other applicable data protection legislation, and undertakes to take all steps necessary to comply with those provisions, which may include the Supplier (or, where applicable, the Supplier's affiliate, sub-contractor or other relevant third party);
  10. notify BetterPlace promptly after becoming aware of any accidental or unlawful destruction, loss, alteration, or unauthorised disclosure of, or access to BetterPlace Personal Data ("Security Breach") and provide BetterPlace (as soon as possible and no later than 48 hours) with a detailed description of the Security Breach, as well as periodic updates to the information and any other information BetterPlace may reasonably request relating to the Security Breach. In addition, the Supplier shall:
    1. take action at the Supplier's own expense to investigate the Security Breach and to identify the effects of the Security Breach and, with the prior written consent of BetterPlace, take measures to prevent and mitigate further effects and take any other action to remedy the Security Breach;
    2. not release or publish any filing, communication, notice, press release or report concerning the Security Breach, or communicate directly with BetterPlace's consultants / employees / customers / suppliers etc., without BetterPlace's prior written consent; and
    3. continue to promptly provide BetterPlace all assistance requested to investigate the cause of and implement mitigation and remedial measures in respect of the Security Breach;
    4. notify BetterPlace without undue delay in writing if it receives from any BetterPlace's consultants / customer / employee / supplier whose personal data forms part of BetterPlace Personal Data, or any applicable statutory authority:
      1. any communication seeking to exercise rights conferred on BetterPlace's consultants / customer / employee / supplier by the Information Technology Act, 2000 and any other applicable data protection legislation;
      2. any complaint or any claim for compensation arising from or relating to the processing of BetterPlace Personal Data; or
      3. any communication from any statutory authority.
  11. notify BetterPlace without undue delay in writing of any actual or suspected breach of this clause 2.2, and provide full and prompt information and assistance to BetterPlace and any applicable statutory authority in relation to such breach at its cost; and
  12. comply at all times with, and assist BetterPlace in complying with its applicable obligations under, the Information Technology Act, 2000 and any other applicable data protection legislation. The Supplier shall not perform its obligations under this Agreement in such a way as to cause BetterPlace to breach any of its applicable obligations under the Information Technology Act, 2000 and any other applicable data protection legislation.

2.3 The Supplier shall indemnify BetterPlace against any and all claims, actions, liabilities, losses, fines, damages and expenses (including legal expenses) incurred or suffered by or made against any of them which arise directly or indirectly out of, or in connection with, any breach by the Supplier and / or its personnel, agents, contractors or sub-contractors of the obligations contained in clause 2.2, whether or not such claims, actions, liabilities, losses, fines, damages and expenses were foreseeable at the date of entering into this Agreement.

2.4 In the event of any conflict or inconsistency between the provisions of the Services Agreement and the provisions contained in this Agreement, this Agreement shall prevail. Save as specifically modified and amended in this Agreement, all of the terms, provisions and requirements contained in the Services Agreement shall remain in full force and effect and be read in conjunction with this Agreement.

2.5 In case of any dispute, the Parties agree to be governed by the governing law stated in the Services Agreement with non-exclusive jurisdiction of the courts of Bengaluru.

2.6 Electronic Signatures: Parties hereby agree that this agreement may be executed by way of electronic signatures and that the electronic signature has the same binding effect as a physical signature. For the avoidance of doubt, the parties further agree that this agreement, or any part thereof, shall not be denied legal effect, validity, or enforceability solely on the ground that it is in the form of an electronic record.

Schedule A: Approved Sub-processors

As of 20th day of June 2025, the following are the approved sub-processors for the processing of BetterPlace Personal Data under this Agreement:

Sub-processor Purpose / Service Location
AWS Cloud hosting and data storage India / Mumbai
Atlassian Collaboration and project management tools including Confluence, Jira, Bitbucket, and Jira Product Discovery (JPD) for internal planning, documentation, code management, and issue tracking. USA
Freshdesk / Freshservice IT support / helpdesk platform India
Zoho / HRMS Employee data, HR processing India
Hevo / ETL tool Data integration & sync India
Slack Internal communication platform USA
Jumpcloud Single Sign-On (SSO), identity & access management USA
Google GCP Cloud infrastructure and data storage services India
Google Workspace (GWS) Email, productivity tools, and file storage (Gmail, Drive, Docs, etc.) India

Security Practices & Procedures

Last Updated: 27th June, 2025

Your Rights Under the General Data Protection Regulation (GDPR)

If you are located in the European Economic Area (EEA), the United Kingdom, or other regions where GDPR applies, you have certain rights regarding the processing of your personal data. This section outlines your rights under the General Data Protection Regulation (GDPR), how you may exercise them, and what to expect when you do so.

  1. Right to Access: You have the right to request confirmation as to whether we process your personal data, and, where that is the case, access to the personal data along with information such as the purposes of processing, categories of data processed, and recipients of the data. Upon request, we will provide a copy of your personal data in a commonly used format.
  2. Right to Rectification: If the personal data we hold about you is inaccurate or incomplete, you have the right to request correction or completion. We will promptly update any inaccurate or incomplete data upon verification.
  3. Right to Erasure (Right to be Forgotten): In certain circumstances, such as when your data is no longer necessary for the purposes for which it was collected, you can request the deletion of your personal data. This right is not absolute and may be subject to legal or legitimate grounds for retention.
  4. Right to Restrict Processing: You can request that we limit the processing of your personal data if you contest its accuracy, object to processing, or believe the processing is unlawful. When processing is restricted, we will store your personal data but will not use it further except as required by law.
  5. Right to Data Portability: You have the right to receive your personal data that you have provided to us in a structured, commonly used, and machine-readable format. You may also request that we transmit that data directly to another data controller, where technically feasible.
  6. Right to Object: You may object to our processing of your personal data where we rely on legitimate interests as the legal basis. We will cease processing unless we demonstrate compelling legitimate grounds. You always have the right to object to direct marketing.
  7. Right to Withdraw Consent: Where we rely on your consent to process personal data, you may withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out prior to your withdrawal. To withdraw consent, please email support@betterplace.co.in.
  8. Right Not to Be Subject to Automated Decision-Making: You have the right not to be subject to decisions based solely on automated processing, including profiling, which produces legal effects or significantly affects you. This applies unless such processing is necessary for a contract, is authorized by law, or is based on your explicit consent.
  9. Right to Lodge a Complaint: If you believe we have violated your rights under the GDPR, you have the right to lodge a complaint with a supervisory authority in your country of residence, place of work, or the location of the alleged infringement.
  10. How to Exercise Your Rights: To exercise any of the rights described above, please contact us at: Email support@go-better.com. We may request verification of your identity before processing your request. We aim to respond within one month of receiving your request. In some cases, this period may be extended by a further two months if necessary, taking into account the complexity and number of requests.

Need help withdrawing consent or exercising any of your rights?

Email support@betterplace.co.in with your name, registered email/phone number, and a brief description of your request. Our team will acknowledge your request within a reasonable timeframe and process it in line with applicable data protection laws.