WizCommerce (formerly Sourcewiz) Privacy Policy

Effective Date : 26 Aug 2023

Welcome to WizCommerce(formerly Sourcewiz), a software-as-a-service solution which allows users (“you”, “your”) to create secure and presentable catalogues and view them. WizCommerce(formerly Sourcewiz) is made available by Oritur Technologies Pvt. Ltd., (“we”, “us”, “our”). This Privacy Policy describes the information we collect and explains how we collect, use, disclose, and protect such information, and your choices about the collection and use of your information. This Privacy Policy applies to all users of our Services. For the purpose of this Privacy Policy, our “Services” include (a) provision of a website https://www.wizcommerce.co/ which helps users upload and manage product information and images, create catalogues for their products, share them with their clients/customers and track the performance of the catalogue shared with its clients/customers; and (b) provision of catalogues hosted on the cloud which can be viewed by users.  If you reside in California, then this Policy is supplemented by our California Privacy Notice.

But first, some points to note:

  • The “Section Highlights” in each clause merely provides a highlight of the clause. Reading the highlights is not a replacement for reading the clause. In case of a conflict between the highlights and the clause, the clause will prevail.
  • We may revise this Privacy Policy as well as update the Services from time to time, so please keep visiting this page regularly to take notice of any changes we make.
  • If you do not agree with the processing policies laid out in this Privacy Policy, you should not use our Services. 
  • By using, visiting, or signing-up to our Services, you have agreed to Privacy Policy.

Now, let’s dive in! 

1. Data Collected & Use Cases

Section Highlights: In this section, we detail the data we collect from you, how we collect it, why we collect it, and whom we share your data with. We show you how we use each data point we collect/require access to, in this table.

1.1 We have listed the data we collect from you, and the purpose for such collection, below:

What we collect

Name;
and Address

Phone number;
Account password; and
Email ID.

Other information you input:
Content you upload including product images, details and prices;
Catalogues you create; and
Performance of your catalogues.

How we collect

1. The information you provide during sign-up; and
2. From your use of the Services.

1. The information you provide during sign-up; and
2. From your use of the Services.

1. The information you provide during sign-up;
2. From your use of the Services.

Why we collect it

1. To create your account;
2. To enable creation of catalogues and sharing with end-users and customers; 
3. To facilitate secure payments and raise invoices;
4. To provide you with Services, and your subscription plan; and
5. To communicate with you (e.g., for customer support, grievance redressal, marketing and news, updates on the Services, subscription plans, your interactions with other users, and transaction/ payments related information).

Whom we share it with

If you view a catalogue created using our Services, we may share information such as your email id and your interaction with the catalogues with our users who create such catalogues. We may share this information with the categories of third parties listed out in Clauses 1.4 (Data Collected And Use Cases) of this Privacy Policy.

Payment information (credit/debit card, payment providers account information, GST Number (if applicable), and mode of transfers used and preferred).

1. The information you provide during sign-up; and
2. From your use of the Services.

1. For processing payments;
2. Enabling your use of the Services; and
3. Research and development.

We may use payments providers such as Stax to process your payments and share your data with such providers, if requires and applicable. Please note, you will need to refer to their terms of service and privacy policy in relation to your use of their services. We may share this information with the categories of third parties listed out in Clauses 1.4 (Data Collected And Use Cases) of this Privacy Policy.

If you view a catalogue created using our Services, we may share information such as your email id and your interaction with the catalogues with our users who create such catalogues. We may share this information with the categories of third parties listed out in Clauses 1.4 (Data Collected And Use Cases) of this Privacy Policy.

1. From your usage of the Services. Log file information is automatically reported by your browser each time you access the Services. When you use our Services, our servers automatically record certain log file information. These server logs may include anonymous information such as your web request, Internet Protocol (“IP”) address, browser type, referring / exit pages and URLs, number of clicks and how you interact with links on the Services, domain names, landing pages, pages viewed, and other such information.

We may use third-party analytics providers like Google Analytics and Fullstory to process certain information under a contract in compliance with applicable law. 

1. We use this to personalise your experience on the Services by drawing insights from your usage. 

2. We will directly collect analytics data, or use third-party analytics tools, to help us measure traffic and usage trends for the Services. These tools collect information sent by your browser, including the pages you visit and other information that assists us in improving the Services.

3. To provide customer support and run diagnostics/ troubleshooting/ debugging.

4. We may use the data so collected to improve our Services by using techniques such as machine learning.  When we use machine learning, we either: (1) still have a human being involved in the process (and so are not fully automated); or (2) use machine learning in ways that don’t have significant privacy implications (for example, prioritising elements in our catalogue).

We will not share this information except as provided in Clauses 1.4 (Data Collected And Use Cases) of this Privacy Policy.

Device-related data:
time zone;
the operating system;
hardware and software versions;
available storage space, browser type; 
app and file names and types; and 
plugins.

1. Information you provide during sign-up; and
2. From your use of the Services.

1. To provide the Services, and interactions with other users to you in local timings;

2. To provide payments in your local currency;

3. To optimise and improve our Services;

4. To provide customer support and run diagnostics/ troubleshooting/ debugging

We will not share this information except as provided in Clauses 1.4 (Data Collected And Use Cases) of this Privacy Policy.

1.2 We may collect your personal information in the following ways:  

(a) Information you give us: When you use or access our Services, we may prompt you to share information with us. For instance, we may ask for your name or address when you sign up for any of our Services. 

(b) Information we collect from your use of our Services: When you use or access our Services, we may automatically collect information about you through the use of cookies, web beacons, and other tracking technologies (including third-party tools or services). We may also collect information about your browsing behaviour (such as, information regarding the pages you visit, the time you spent viewing these pages, etc)

(c) Information we receive from third-parties: When you use or access our Services, we may receive personal information about you from third parties through authorization that you may have provided to such third parties for sharing the information with us. 

1.3 The legal bases for processing your personal information may include: (a) the performance of a contract, which we may have with you (like terms of use for any specific Service ); (b) our legitimate interests in protecting our Services from abuse, fraud, or security risks, or to develop, improve, or promote our Services, provided that such legitimate interest is not overridden by your rights; (c) your consent, when we ask for it, for a specific purpose communicated to you; and (d) compliance with our legal obligations. 

1.4 We do not sell or share your data to third parties. We only disclose your personal information with the following categories of third parties, on a need-to-know basis. 

(a) Other users: We may share your personal information with other users of the service. For example. if you view a catalogue created using our Services, we may share information such as your email id and your interaction with the catalogues with our users who create such catalogues. 

(b) Service providers: We may disclose your personal information with our service providers, vendors, consultants, agents, or others, who assist us in our business operations.

(c) Business transfers:
 
We may share your personal information with another business entity if we (or our assets) plan to merge with or be acquired by that business entity – in the event of a re-organization, amalgamation, or restructuring of business.  

(d) Business AffiliatesWe may disclose personal information to our business affiliates. Our affiliates may use the personal information we share in a manner consistent with this Privacy Policy.

(e) Legal purposes or law enforcement authoritiesWe may share your personal information when required by law, such as in response to a court order, subpoena, or law enforcement investigation, or to establish or exercise our legal rights or defend against legal claims.

(f) Other third-Parties: We may share your personal information with other third parties, on a need-to-know basis, such as our accountants, lawyers, auditor, etc.  

2. How We Store, Secure & Transfer Your Data

Section Highlights: Briefly, we use industry best practices to protect your personal information.

2.1 We use appropriate technical and organizational security measures to ensure a level of protection for personal information appropriate to the risk: 

  • We maintain a security and authorisation policy for access to our systems and update it from time to time. 
  • The transfer of personal information between your end device and us is generally carried out in an encrypted form over secured HTTPS connection. You can identify an encrypted connection for example by the lock symbol in the address line of your browser.
  • We maintain strict access controls to prevent unauthorized access to personal information.
  •  If you communicate with us by e-mail, access by third parties cannot be ruled out. In the case of confidential information, we recommend using the physical mail or encrypted e-mail communication (PGP).
  • All our systems responsible for handling user data are equipped with firewalls to prevent unauthorized access and breach.  

However, do note that no method of transmission over the internet, or method of electronic storage is entirely secure and reliable, and we cannot guarantee its absolute security.

2.2 We do not generally transfer your personal information outside your jurisdiction of residence. In the event that we do so, we do it in compliance with applicable law. Transfers of data to these third-party processors are done under contract in compliance with applicable law. If you reside in Europe, we do not transfer your personal information outside Europe except in compliance with the General Data Protection Regulation. 

2.3 In the event that any information under our control is compromised as a result of a breach of security, we will take reasonable steps to investigate the situation and where appropriate, notify those individuals whose information may have been compromised and take other steps, in accordance with any applicable laws and regulations.

3. Your Rights

Section Highlights: Simply put, our use, access, collection, and sharing of your data, depends largely on you. We respect and abide by your preferences to extent possible, without affecting the ability to meet our legal obligations.

3.1. Data Access and Portability: 

You have the right to request a copy of your personal information being processed and/or retained by us. In certain instances (mentioned below), you also have the right to request copies of personal information that you have provided to us in a structured, commonly used, and machine-readable format and/or request us to transmit this information to another service provider (where technically feasible). The instances where you may request a copy of your personal information include:

3.7. Appeal / Lodging Complaints: 

3.1.1. Where you have provided personal information to us;

3.1.2. Where processing of your personal information has been done by automated means; and

3.1.3. Where the processing was based on your consent or for the performance or a contract.

3.2. Rectification: 

You have the right to ask us to correct inaccurate or incomplete personal information about you (and which you cannot update yourself within your account).

3.3. Erasure

3.3.1. We generally retain your personal information for the reasons and time periods specified under Clause 4 (How Long We Keep Your Data) below.

3.3.2. You have the right to ask us to delete your personal information, subject to data retention requirements under applicable laws, and for us to meet our legal obligations. Please note that multiple legal bases for may exist for retention of data. If you ask us to delete your personal information, we will not be able to provide you some or all of our Services, depending on the nature of data requested for deletion. 

3.4. Withdrawing Consent: 

You can withdraw your consent at any time by changing your account settings or by sending a communication to us specifying which consent you are withdrawing. Please note that the withdrawal of your consent does not affect the lawfulness of any processing activities based on such consent before its withdrawal.

3.5. Restriction of Processing: 

You have the right to limit the ways in which we use your personal information, in particular where (i) you contest the accuracy of your personal information; (ii) the processing is unlawful and you oppose the erasure of your personal information;  (iii) we no longer need your personal information for the purposes of the processing, but you require the personal information for the establishment, exercise or defence of legal claims; or (iv) you have objected to the processing pursuant to Section 3.6. (Objection to Processing) and pending the verification whether our legitimate grounds override your own.

3.6. Objection to Processing

3.6.1. You have the right to object to the processing of your personal information based on grounds specific to your situation if such processing is for direct marketing or is for a purpose based on a legitimate interest or public interest. If you object to processing based on legitimate or public interests, we will no longer process your personal information for these purposes unless we can demonstrate compelling legitimate grounds for such processing or where the processing is otherwise required for the establishment, exercise or defence of legal claims.

3.6.2. Where your personal information is processed for direct marketing purposes, you may, at any time ask us to cease processing your data for these direct marketing purposes by sending an e-mail to vikas@wizcommerce.com

If you are dissatisfied with our response on your grievance, then you can raise an appeal by sending an e-mail to vikas@wizcommerce.com. You also have the right to lodge complaints about our data processing activities by filing a complaint with the appropriate regulatory authority     .

3.8. Opting-out: 

You have the right to opt-out of receiving marketing communications from us. This includes communications on offers and promotions based on your use of Services and preferences. In certain circumstances, you also have a right to opt-out of selling, sharing, profiling, or targeting advertisements. 

3.9. Do Not Track:

Finally, because there is no common understanding on what a “Do Not Track” signal is supposed to mean, we don’t respond to those signals in any particular way.

4. How Long We Keep Your Data

We retain personal information for as long as needed or permitted in light of the purpose(s) for which it was obtained and consistent with applicable law. The criteria used to determine our retention periods include, without limitation:

4.1. The length of time we have an ongoing relationship with you and provide the Services to you (for example, for as long as you have an account with us or keep using Services);

4.2. Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them); and/or

4.3. Whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).

5. Our Communications

5.1. We may from time to time send you Services-related announcements when we consider it necessary to do so (such as when we temporarily suspend the Services for maintenance, or security, privacy, or administrative-related communications). We send these to you via SMS or email, as we deem fit. You may not opt-out of such Service-related communications.

5.2. The Services are made available by Oritur Technologies Pvt. Ltd., having its registered office Company address- 24/20 Punjabi Bagh Extension, New Delhi, 110026.  Our grievance officer is Vikas Garg, accessible via email at: vikas@wizcommerce.com (“Grievance Officer”). You can contact them confidentially by email to enquire about the treatment of your data, including the deleting of your personal information  as identified in this document.

6. Children’s Data

6.1. Our Services, are not directed at individuals below the age of 18 years (“Minors”). Minors are not permitted to sign up by themselves to the Services. We do not knowingly collect or solicit personal information from Minors. 

6.2. In the event that we learn that we have collected personal information from a Minor without verification of parental consent where this is required, we will delete that information as quickly as possible. 

6.3. If you believe that we might have any information from or about a Minor, please contact our Grievance Officer as per Clause 6 (Our Communications).