Legal

Privacy Policy

How BetterPlace collects, uses, and protects your personal data — and the rights you have over it.

Privacy Policy

Last Updated: 10th June, 2025

The privacy policy of the Company is being issued in compliance to the Information Technology Act and Applicable Rules. This electronic record is generated by a computer system and does not require any physical or digital signatures.

The website www.betterplace.co.in is owned and operated by Betterplace Safety Solutions Private Limited ("Company"), a company incorporated and registered under the Companies Act, 2013, having its registered office at 144, 144/1, 1st Floor, Shubharam Complex, M.G. Road, Bengaluru – 560001, Karnataka, India, where such expression shall, unless repugnant to the context thereof, be deemed to include its respective representatives, administrators, employees, directors, officers, agents and their successors and assigns.

The Company has adopted this Privacy Policy to set out the manner in which personal data and other information is collected, received, stored, processed, disclosed, transferred, dealt with and handled by the Company in relation to Your use of our Services through the website www.betterplace.co.in ("Website") (referred to as the "Platform"). Our platform may contain links to other (third party) websites; this Privacy Policy does not apply to information provided to or collected by any third-party through our Platform, or to any third-party websites that You access or use in connection with services offered on our Platform. The Company is not responsible for, and has no control over, any third-party website's practices or content.

For the purpose of this Privacy Policy ("Policy"), wherever the context so requires:

  1. The terms 'You' & 'User' shall mean any legal person or entity accessing or using the services provided on our platform, who is competent to enter into binding contracts, as per the provisions of the Indian Contract Act, 1872;
  2. The terms 'We', 'Us' & 'Our' shall mean our platform and/or the Company, as the context so requires.
  3. The terms 'Party' & 'Parties' shall respectively be used to refer to the User and the Company individually and collectively, as the context so requires.

The User expressly agrees and acknowledges that the Terms of use and Privacy Policy are co-terminus, and the expiration or termination of one will result in the termination of the other.

User shall make sure to read carefully the privacy policy along with the terms of use before registering on the Platform, or accessing any material, information, or availing any services ("Services") through the Platform. You accept this Privacy Policy and agree to be legally bound by it by clicking the "I accept" button on the landing page. Please do not use or access the Platform if you do not agree to the Privacy Policy. The Parties expressly agree that the Company has the exclusive and discretionary right to amend or modify the Policy and the aforementioned Terms without the User's approval or notification, and that any such amendments or modifications shall take effect immediately. If the User continues to use our platform after such a change, the User will be deemed to have agreed to any and all changes made to the Policy and Terms. The User is granted a personal, non-exclusive, non-transferable, revocable, restricted license to enter, access, and use our platform if he or she follows the Policy and Terms.

1. Information that may be collected

a. Personal Identification Information

At many different points of time while using our platform, you may be asked to provide personally identifiable information. We seek or collect, amongst others, information such as your name, mother's name, father's name, password, date of birth, gender, signature, marital status, nominee details, email ID, phone number, educational qualification, bank account details, facial images & facial features with other biometric identifiers ("Facial images & facial features" shall be collectively known as "face data" which shall mean our app collects and processes the following types of face data: Facial biometric data — unique facial features used to generate a mathematical representation for identity verification; Facial images — captured during initial registration and subsequent attendance events), Timestamps and geolocation data — date, time, and location (if applicable) of each attendance event, and any other information that you provide during your registration process or to use any services. This helps us to confirm your identity and facilitate the provision of the Services through the platform. No liability pertaining to the authenticity / genuineness of the information disclosed by you will lie on the Company. Further, the Company will not be in any way responsible to verify any information obtained from you.

  1. In case you are required to provide any proof of identity card (Voter ID, Driving License, Aadhaar, etc.) details to us during account creation, you acknowledge and agree that the act of providing your identity details to us is voluntary.
  2. We collect mobile numbers and e-mail addresses that you provide us and use the same for sending various communications to you. In addition to the above, when you visit our platform or use the Services, we automatically track your device's unique identifier and device information like operating system, operating system version, browser plug-ins, crashes, and system activity, etc.
  3. You represent that the Personal Information you provide to us from time to time is and shall be correct, current, and updated, and that you have all the rights, permissions and consents to provide such information. Data provided by the user as per above and the Company's consequent storage, collection, usage, transfer, access or processing of the same shall not be in violation of any third-party agreement, laws, judgments, orders or decrees.

b. Non-Personal Identification Information

We may collect non-personal user identification information whenever you access our platform. Non-personally identifiable information can include but shall not be limited to the name of the browser, the type of computer, and technical information related to the means of connecting users to our mobile application, such as the operating system and the Internet service providers used, including the IP address and other similar information.

2. How we use the Information

We do not sell or share your personal or other information to anyone. However, notwithstanding anything contained in this Policy, you expressly acknowledge, consent and agree to the following terms on information use and further authorize us to access and use your information in the manner set out below:

  1. To use your information to manage your account, to contact you, and to operate, improve, and deliver our Platform and Services. We use your information to give you a customized, interactive experience as you use our Platform and avail the Services.
  2. To use your information for maintaining a record of such information in a secure and confidential manner, and as required under the applicable laws.
  3. To use services of third parties to provide the Platform and Services for you, who are bound to keep such information confidential.
  4. To use the information provided by you for the services as per the platform as required by you and to share such information with third party organizations if required, for the purposes of rendering the services as required by you.
  5. To troubleshoot software bugs and operational issues, conduct data analysis, testing and research, and to monitor and analyze usage and activity trends. Information collected may also be used to share communications to you about our services, provide additional features through cookies, and to detect and/or prevent any fraudulent / criminal / prohibited activity as per applicable laws.
  6. To use the data in an aggregated / compiled form to produce statistical / demographic analyses for marketing, strategy and other business purposes. However, these will be used in ways that will not be able to identify you or link any specific information to an individual. Such aggregated information and results / analyses shall be our property, and you will not be entitled to any compensation for the use thereof.
  7. To share your information with judicial, administrative and regulatory entities to comply with any legal and regulatory requirements.
  8. To summarize information about your usage and combine it with that of others to learn about the use of the Platform and Services and further to help us develop new products and services.
  9. To use your information to manage your account, contact you, and to operate, improve, and deliver our services, including the Platform. You further acknowledge, agree and authorize us to use your information for market research, project planning, product development, troubleshoot problems, analyze user behavior, marketing purposes, and promotions.
  10. To use the contact information to communicate with you. You further expressly consent and authorize us to send you messages on your mobile number, call you on your mobile number, email you, send you messages and communicate with you in any other manner including for the purpose of providing you Platform and Services and for marketing and promotional purposes.
  11. To conduct an audit of your records without any notice in case of apprehension of fraud.
  12. To retain / store your data and confidential information, of any nature (either wholly or partially), in the Company's servers or cloud or otherwise in any other medium as may be transmitted / processed / passed through our platform.
⚠️ Section pending legal review: The list of entities with whom information may be shared, along with any further clauses such as Cookies, Data Retention, Children's Data, and Governing Law, should be inserted here from the authoritative legal copy.

3. Consent Withdrawal

You have the right to withdraw your consent for the collection, processing, storage, or use of your personal data at any time. Withdrawing consent will not affect the lawfulness of any processing that took place prior to the withdrawal.

How to withdraw your consent

To withdraw your consent, simply send an email to support@betterplace.co.in from the email address associated with your account. Please include the following information so we can verify your identity and process your request promptly:

  • Your full name as registered with us
  • The email address and / or phone number associated with your account
  • A clear statement that you wish to withdraw your consent
  • The specific data or processing activities you are withdrawing consent for (or indicate "all" if you wish to withdraw consent for all processing)

What happens after you withdraw consent?

Once we receive your request, our team will acknowledge it within a reasonable timeframe and process the withdrawal in line with applicable data protection laws (including GDPR where applicable). We may retain certain information where we are required to do so by law, for the establishment, exercise or defense of legal claims, or for legitimate business interests permitted by law. We will inform you if any such retention applies to your data.

Please note that withdrawing consent may limit or prevent your ability to access certain features of our Platform or Services that depend on the processing of the relevant data.

For any questions about your data privacy rights or this Policy, you may contact our Data Protection Officer, Nasir Shaikh, at nasir.shaikh@betterplace.co.in.

Data Protection Agreement

Effective Period: January 2026 – December 2026  ·  Last Updated: 12 May 2026

This Data Protection Agreement (the "DPA" or "Addendum") forms part of the Terms of Use (or other similarly titled written or electronic agreement addressing the same subject matter) (the "Agreement") between the Customer (as defined in the Agreement) and BetterPlace Safety Solutions Private Limited under which BetterPlace (as Processor) provides the Controller with software and services (the "Services").

The Controller and the Processor are individually referred to as a "Party" and collectively as the "Parties". The Parties have implemented this DPA to comply with the requirements of the EU General Data Protection Regulation (EU GDPR), the Standard Contractual Clauses (Module Two: Controller to Processor), EEA data transfer obligations, and Indian data protection legislation including the Information Technology Act, 2000 and the Digital Personal Data Protection Act, 2023.

1. Definitions

Terms not otherwise defined herein shall have the meaning given to them in the EU GDPR or the Agreement. The following terms shall have the corresponding meanings assigned below:

Term Definition
EU GDPR Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data.
Standard Contractual Clauses (SCCs) The contractual clauses pursuant to the European Commission's Implementing Decision (EU) 2021/914 of 4 June 2021 (Module Two: Controller to Processor), attached hereto as Schedule 1.
EEA European Economic Area, comprising all EU Member States, Iceland, Liechtenstein and Norway.
Controller The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
Processor A natural or legal person, public authority, agency or other body which processes personal data on behalf of the Controller.
Sub-processor A processor / sub-contractor appointed by BetterPlace for the provision of all or parts of the Services who processes Personal Data as provided by the Controller.
Personal Data Breach A breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.
Data Transfer A transfer of Personal Data from the Controller to the Processor, between two establishments of the Processor, or with a Sub-processor by the Processor.
DPA Legislation EU GDPR, the Information Technology Act 2000 (India), the Digital Personal Data Protection Act 2023 (India), and any other applicable data protection law.

2. Purpose, Scope and Duration

2.1 This DPA sets out the obligations of the Processor in relation to the Processing of Personal Data and is limited to the Processor's obligations under the Agreement. If there is a conflict between the provisions of the Agreement and this DPA, the provisions of this DPA shall prevail.

2.2 This DPA applies to all Personal Data processed by BetterPlace as Processor on behalf of the Controller during the effective period January 2026 – December 2026.

2.3 The Processor will Process Personal Data for the duration of the Agreement, unless otherwise agreed in writing by the Controller.

3. Categories of Personal Data and Data Subjects

Category Details
Data Subjects Customer's authorised users of the Services, directors, officers, employees, consultants, and customers of BetterPlace.
Categories of Personal Data Name, Address, Date of Birth, Age, Education, Email, Gender, Image, Job Title, Language, Phone Number, Related Person, Related URL, User ID, Username.
Sensitive Data No sensitive personal data is collected or processed under this Agreement.
Transfer Frequency Continuous basis throughout the term of the Agreement.
Retention Period As described in the Agreement and accompanying order forms. Data will be deleted or returned within 30 days of termination.

4. Data Controller's Obligations

The Data Controller warrants and undertakes that it shall:

  1. have all necessary rights to provide Personal Data to the Processor for the Processing to be performed in relation to the agreed Services and, where required, obtain lawful consents from data subjects;
  2. provide all natural persons from whom it collects Personal Data with the relevant privacy notice;
  3. immediately advise the Processor in writing if it receives or learns of any complaint, regulatory request, data subject request, or legal process relating to the processing of Personal Data;
  4. communicate any revocation of data subject consent to the Processor without undue delay; and
  5. request the Processor to purge Personal Data when required by the Controller or any Data Subject, unless otherwise required by applicable law.

5. Data Processor's Obligations

BetterPlace, as Data Processor, agrees to:

  1. process Personal Data only on documented instructions from the Controller (including instructions given via email) and inform the Controller if an instruction infringes applicable legislation;
  2. ensure that all personnel authorised to process Personal Data have committed themselves to confidentiality;
  3. implement and maintain appropriate technical and organisational security measures as set out in Schedule 1, Annex II;
  4. assist the Controller in responding to Data Subject requests and regulatory enquiries, at no additional cost;
  5. obtain consent where necessary and provide notices to Data Subjects in accordance with applicable Data Protection Laws;
  6. where Personal Data is transferred outside the Processor's territorial boundaries, ensure the recipient is under contractual obligations to protect such data to the same or higher standards;
  7. assist the Controller in conducting Data Protection Impact Assessments (DPIAs) as required under Article 35 of the EU GDPR;
  8. maintain records of all processing activities carried out on behalf of the Controller; and
  9. acknowledge that the designated Data Protection Officer (DPO) for BetterPlace is Nasir Shaikh — email nasir.shaikh@betterplace.co.in, telephone +91-7700919786.

6. EEA Standard Contractual Clauses (SCCs) — Cross-Border Data Transfers

The following provisions apply wherever Personal Data is transferred outside the EEA.

6.1 Any Data Transfer for the purpose of Processing by the Processor in a country outside the European Economic Area (EEA) shall only take place in compliance with this Section and Schedule 1 (EU SCCs).

6.2 The Parties hereby incorporate the Standard Contractual Clauses (Module Two: Controller to Processor) pursuant to European Commission Implementing Decision (EU) 2021/914 of 4 June 2021 ("EU SCCs") into this DPA by reference. The EU SCCs shall apply to any transfers of Personal Data from the Controller (data exporter) to BetterPlace (data importer) where such transfer is to a country outside the EEA that does not benefit from an adequacy decision.

6.3 The following optional clauses of the EU SCCs are selected:

  • Clause 7 — Docking clause: Applicable.
  • Clause 11 — Redress: The optional language is NOT included.
  • Clause 17 — Governing law: The law of the Republic of Ireland shall apply.
  • Clause 18 — Choice of forum and jurisdiction: Courts of the Republic of Ireland.

6.4 In Annex I of the EU SCCs (List of Parties, Description of Transfer, Competent Supervisory Authority) the details set out in Schedule 1, Annex I of this DPA apply.

6.5 In Annex II of the EU SCCs (Technical and Organisational Measures), the measures set out in Schedule 1, Annex II of this DPA apply.

6.6 Where the Processor transfers Personal Data to Sub-processors outside the EEA (as listed in Schedule 1, Annex III), such transfers shall be governed by back-to-back Standard Contractual Clauses or an equivalent approved transfer mechanism.

6.7 BetterPlace shall not transfer EEA Personal Data to any country outside the EEA without (a) the prior written consent of the Controller, (b) ensuring an appropriate safeguard is in place (SCCs, adequacy decision, or Binding Corporate Rules), and (c) notifying the Controller of any change to the applicable transfer mechanism.

7. Data Secrecy and Confidentiality

  1. Personnel who access Personal Data are informed of its confidential nature and are bound by confidentiality obligations.
  2. BetterPlace conducts regular privacy and security training for all personnel with access to Personal Data.
  3. BetterPlace maintains appropriate technical and organisational measures for the protection of the security, confidentiality, and integrity of Personal Data in line with ISO/IEC 27001:2022 standards.

8. Audit Rights

8.1 Upon the Controller's reasonable written request, BetterPlace will make available information as is reasonably necessary to demonstrate compliance with its obligations under the EU GDPR and applicable laws.

8.2 The Controller shall provide at least fifteen (15) days' prior written notice before conducting an on-site audit. BetterPlace will provide reasonable cooperation and assistance.

8.3 The Controller shall bear the cost of any such audit unless the audit reveals a material breach of this DPA, in which case costs shall be borne by BetterPlace.

9. Sub-processors

9.1 The Controller acknowledges and agrees that BetterPlace may engage the sub-processors listed in Schedule 1, Annex III. BetterPlace shall notify the Controller at least thirty (30) calendar days in advance of any intended changes to sub-processors.

9.2 BetterPlace shall impose the same data protection obligations on any sub-processor as set out in this DPA, in accordance with Article 28(4) of the EU GDPR.

9.3 Where a sub-processor fails to fulfil its data protection obligations, BetterPlace shall remain fully liable to the Controller.

10. Personal Data Breach Notification

10.1 BetterPlace shall notify the Controller without undue delay (and no later than 48 hours) after becoming aware of a Personal Data Breach.

10.2 The notification shall include, to the extent possible:

  1. a description of the nature of the breach, including categories and approximate number of data subjects and records concerned;
  2. the name and contact details of the Data Protection Officer;
  3. the likely consequences of the breach; and
  4. measures taken or proposed to address the breach.

10.3 BetterPlace shall provide reasonable assistance to the Controller in notifying the relevant Supervisory Authority and/or Data Subjects.

11. Return and Deletion of Personal Data

11.1 Upon termination or expiry of the Agreement, BetterPlace shall, within thirty (30) days and at the choice of the Controller, either:

  1. securely return all Personal Data to the Controller in a commonly used, machine-readable format; or
  2. securely delete all Personal Data and all copies thereof.

11.2 BetterPlace shall provide written confirmation of deletion upon the Controller's request.

12. Indemnification

BetterPlace shall indemnify the Controller against any and all claims, actions, liabilities, losses, fines, damages and expenses (including reasonable legal expenses) which arise directly or indirectly out of any breach by BetterPlace and/or its personnel, agents, contractors or sub-contractors of the obligations contained in this DPA.

13. Governing Law and Jurisdiction

13.1 This DPA shall be governed by the laws as stated in the Services Agreement.

13.2 For EEA-related SCCs, the governing law shall be the law of the Republic of Ireland (Clause 17 of EU SCCs).

13.3 In case of any dispute, the Parties agree to the non-exclusive jurisdiction of the courts of Bengaluru, India for matters related to Indian data protection law.

13.4 Electronic Signatures: The Parties agree that this DPA may be executed by way of electronic signatures and that an electronic signature has the same binding effect as a physical signature. For the avoidance of doubt, this DPA shall not be denied legal effect, validity, or enforceability solely on the ground that it is in the form of an electronic record.

Schedule 1 — EU Standard Contractual Clauses

(Module Two: Controller to Processor  ·  EU Commission Decision 2021/914)

Annex I — List of Parties and Description of Transfer

A. List of Parties

Field Data Exporter (Controller) Data Importer (Processor — BetterPlace)
Name Customer (as set forth in the relevant Order Form) BetterPlace Safety Solutions Private Limited
Address As set forth in the relevant Order Form 144, 144/1, 1st Floor, Shubharam Complex, M.G. Road, Bengaluru – 560001, Karnataka, India
Contact / DPO As set forth in the relevant Order Form Nasir Shaikh  ·  nasir.shaikh@betterplace.co.in  ·  +91-7700919786
Role Controller Processor
Activities Recipient of Services provided by BetterPlace in accordance with the Agreement. Provision of Services to the Customer in accordance with the Agreement.

B. Description of Transfer

Element Details
Data Subjects Customer's authorised users, employees, consultants and customers.
Categories of Personal Data Name, Address, Date of Birth, Age, Education, Email, Gender, Image, Job Title, Language, Phone Number, Related Person, Related URL, User ID, Username.
Sensitive Data No sensitive data collected.
Frequency Continuous basis.
Nature of Processing Collection, storage, use, retrieval, disclosure and deletion of Personal Data for the purpose of providing the Services as described in the Agreement.
Purpose of Transfer To facilitate the performance of the Services more fully described in the Agreement and accompanying order forms.
Retention Period As described in the Agreement. Deleted within 30 days of termination.
Sub-processor Transfers Subject matter, nature, and duration as described in the Agreement and Annex III below.

C. Competent Supervisory Authority

The competent supervisory authority shall be determined by application of Clause 13 of the EU SCCs based on the country in which the data exporter (Controller) is established. Where the data exporter is established in an EEA country, the relevant national supervisory authority shall apply.

Annex II — Technical and Organisational Measures (TOMs)

BetterPlace implements the following technical and organisational security measures as the data processor / importer:

1. Security Management

  • Qualified security personnel responsible for development, implementation and maintenance of the Information Security Programme.
  • Management-approved security policies, reviewed at least annually.
  • Annual risk assessments by reputable independent third parties.
  • Formal risk treatment programme including penetration testing, vulnerability management and patch management.
  • Effective vendor management programme.
  • ISO/IEC 27001:2022 compliant Information Security Management System.

2. Personnel Security

  • All personnel execute confidentiality agreements at the time of hire.
  • Background checks conducted on employees with access to client data, to the extent legally permissible.
  • Privacy and security training provided to all personnel; additional role-specific training for personnel handling Personal Data.
  • Personnel will not process Personal Data without authorisation.

3. Access Controls

  • Formal access management process for request, review, approval and provisioning of access to Personal Data.
  • Periodic access reviews to ensure continued need for access.
  • Multi-Factor Authentication (MFA) or Single Sign-On (SSO) required for all administrators and end users.
  • Least privilege and need-to-know principles enforced.
  • Unique user IDs, strong passwords, account lockout policies.
  • All access changes tracked via workflow tools with full audit logs.

4. Data Centre and Network Security

  • Infrastructure hosted on Amazon Web Services (AWS) with Multi-Availability Zone configuration.
  • Regular Backup Restoration Testing to ensure resiliency.
  • Hardened server operating systems with regular patching.
  • Code review process to enhance security of production environments.
  • Disaster recovery programme — regularly planned and tested.
  • Security logging enabled across all systems.
  • Regular vulnerability scans; Critical / High / Medium patches applied as soon as commercially possible.
  • AWS Security Groups (virtual firewalls) in place for the Production environment.
  • HTTPS / TLS encryption for all data in transit.
  • Data stored in multi-tenant environment on AWS; logically isolated per customer.
  • Secure data disposal through defined data destruction processes.

5. Incident Response

  • Defined incident management policies and procedures with detailed escalation procedures.
  • Continuous monitoring of security infrastructure.
  • Prompt response to suspected or known incidents; documentation of all security incidents and outcomes.
  • Personal Data Breach notification to Controller within 48 hours of becoming aware.

Annex III — List of Approved Sub-processors

As of January 2026, the following sub-processors are approved for processing BetterPlace Personal Data:

Sub-processor Purpose / Service Location
Amazon Web Services (AWS) Cloud hosting and data storage — Production Environment India (Mumbai)
Atlassian Collaboration and project management (Confluence, Jira, Bitbucket, JPD) USA
Freshdesk / Freshservice IT support and helpdesk platform India
Zoho / HRMS Employee data, HR processing India
Hevo / ETL Tool Data integration and synchronisation India
Slack Internal communication platform USA
JumpCloud Single Sign-On (SSO), identity and access management USA
Google GCP Cloud infrastructure and data storage services India
Google Workspace (GWS) Email, productivity tools, and file storage (Gmail, Drive, Docs, etc.) India

BetterPlace shall notify the Controller at least thirty (30) calendar days in advance of any intended changes or additions to the above list of Sub-processors.

End of Data Protection Agreement  ·  Effective Period: January 2026 – December 2026  ·  BetterPlace Safety Solutions Private Limited

Security Practices & Procedures

Last Updated: 27th June, 2025

Your Rights Under the General Data Protection Regulation (GDPR)

If you are located in the European Economic Area (EEA), the United Kingdom, or other regions where GDPR applies, you have certain rights regarding the processing of your personal data. This section outlines your rights under the General Data Protection Regulation (GDPR), how you may exercise them, and what to expect when you do so.

  1. Right to Access: You have the right to request confirmation as to whether we process your personal data, and, where that is the case, access to the personal data along with information such as the purposes of processing, categories of data processed, and recipients of the data. Upon request, we will provide a copy of your personal data in a commonly used format.
  2. Right to Rectification: If the personal data we hold about you is inaccurate or incomplete, you have the right to request correction or completion. We will promptly update any inaccurate or incomplete data upon verification.
  3. Right to Erasure (Right to be Forgotten): In certain circumstances, such as when your data is no longer necessary for the purposes for which it was collected, you can request the deletion of your personal data. This right is not absolute and may be subject to legal or legitimate grounds for retention.
  4. Right to Restrict Processing: You can request that we limit the processing of your personal data if you contest its accuracy, object to processing, or believe the processing is unlawful. When processing is restricted, we will store your personal data but will not use it further except as required by law.
  5. Right to Data Portability: You have the right to receive your personal data that you have provided to us in a structured, commonly used, and machine-readable format. You may also request that we transmit that data directly to another data controller, where technically feasible.
  6. Right to Object: You may object to our processing of your personal data where we rely on legitimate interests as the legal basis. We will cease processing unless we demonstrate compelling legitimate grounds. You always have the right to object to direct marketing.
  7. Right to Withdraw Consent: Where we rely on your consent to process personal data, you may withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out prior to your withdrawal. To withdraw consent, please email support@betterplace.co.in.
  8. Right Not to Be Subject to Automated Decision-Making: You have the right not to be subject to decisions based solely on automated processing, including profiling, which produces legal effects or significantly affects you. This applies unless such processing is necessary for a contract, is authorized by law, or is based on your explicit consent.
  9. Right to Lodge a Complaint: If you believe we have violated your rights under the GDPR, you have the right to lodge a complaint with a supervisory authority in your country of residence, place of work, or the location of the alleged infringement.
  10. How to Exercise Your Rights: To exercise any of the rights described above, please contact us at: Email support@go-better.com. We may request verification of your identity before processing your request. We aim to respond within one month of receiving your request. In some cases, this period may be extended by a further two months if necessary, taking into account the complexity and number of requests.

Need help withdrawing consent or exercising any of your rights?

Email support@betterplace.co.in with your name, registered email/phone number, and a brief description of your request. Our team will acknowledge your request within a reasonable timeframe and process it in line with applicable data protection laws.