Terms and Conditions
These Terms and Conditions (“Terms”) govern the use of the services, products, and solutions provided by Impiger Technologies Private Limited (“Impiger,” “we,” “us,” or “our”). By accessing or using our services, you (“Client,” “you,” or “your”) agree to be bound by these Terms.
1. Introduction
Impiger Technologies Private Limited is committed to protecting the confidentiality, integrity, and availability of Client Data. These Terms provide a clear framework for how we manage, protect, and process data in compliance with international standards, including the General Data Protection Regulation (GDPR) and India’s Digital Personal Data Protection Act, 2023 (DPDPA).
2. Our commitment to data protection
We adhere to the principles of Confidentiality, Integrity, and Availability (CIA Triad) in all data handling processes:
Confidentiality: Client Data is disclosed only to authorized personnel bound by strict confidentiality obligations.
Integrity: Data accuracy and reliability are ensured through technical and organizational safeguards.
Availability: We use commercially reasonable efforts to maintain at least 99.8% availability of our services, supported by robust disaster recovery and continuity plans.
3. Compliance with data protection regulations
3.1. GDPR
For Clients subject to the GDPR, Impiger acts as a Data Processor. Our commitments include:
- Processing personal data only on the documented instructions of the Client (the “Data Controller”).
- Assisting Clients in fulfilling their obligations regarding Data Subject rights (e.g., access, rectification, erasure).
- Using Client Data strictly for contractual purposes.
- Applying appropriate safeguards for international transfers, including transfers from the European Economic Area (EEA) to India.
3.2. India’s DPDPA
Impiger fully complies with the DPDPA, 2023, including:
- Processing personal data with clear and informed consent.
- Implementing reasonable safeguards to prevent unauthorized use or breaches.
- Respecting Data Principal rights (access, correction, erasure).
- Notifying the Data Protection Board of India and affected individuals in the event of a data breach.
4. Data security measures
We employ a multi-layered approach to security, including:
- Encryption of Client Data both in transit and at rest.
- Role-based Access Controls ensuring data access is limited to authorized personnel.
- Regular Audits and Penetration Testing to detect and remediate vulnerabilities.
- Incident Response Plans to mitigate the impact of security events, with timely notification to affected Clients.
5. Data lifecycle management
- Ownership: Clients retain full ownership of their data.
- License to Use: By using our services, Clients grant Impiger a limited license to use, reproduce, and store Client Data solely for service delivery, improvement, and analytics (in anonymized/aggregated form).
- Retention: Data will be retained only as required by law or per the service agreement.
- Deletion: Upon termination, Impiger will securely delete or return Client Data, including backup archives, upon the Client’s instruction.
6. Third-party sub-processors
Impiger may engage vetted third-party sub-processors to deliver services. All sub-processors are contractually obligated to comply with standards equal to or more stringent than those in this Agreement.
7. Client responsibilities
Clients agree to:
- Provide accurate, lawful, and non-infringing data.
- Ensure their own compliance with applicable laws in providing data to Impiger.
- Maintain the confidentiality of login credentials and system access.
- Notify Impiger promptly of unauthorized use of accounts or security incidents.
8. Limitation of liability
To the maximum extent permitted by law:
- Impiger shall not be liable for any indirect, incidental, consequential, or punitive damages, including but not limited to lost profits, data loss, or business interruption.
- Impiger’s total liability for any claim under these Terms shall not exceed the total fees paid by the Client to Impiger in the preceding twelve (12) months.
9. Indemnity
The Client shall indemnify, defend, and hold harmless Impiger, its directors, employees, and affiliates from and against all claims, damages, losses, liabilities, costs, and expenses (including reasonable legal fees) arising out of:
- Client’s unlawful use of the services;
- Violation of applicable laws;
- Inaccurate, unlawful, or infringing data supplied by the Client.
10. Termination and suspension
- Either Party may terminate the Agreement for material breach, provided that the breaching Party fails to cure such breach within thirty (30) days of receiving written notice.
- Impiger reserves the right to suspend services immediately in the event of:
- Non-payment of fees;
- Breach of confidentiality or security obligations;
- Use of services in violation of applicable law.
11. Force Majeure
Impiger shall not be liable for any delay or failure to perform obligations caused by events beyond its reasonable control, including natural disasters, acts of government, labor disputes, internet outages, or cyberattacks.
12. Audit rights
Impiger undergoes regular independent audits. Upon reasonable written request, Clients may request audit reports or, under agreed terms, conduct audits to verify Impiger’s compliance with contractual data protection obligations.
13. Governing law and dispute resolution
These Terms shall be governed by and construed under the laws of India. Any disputes shall be resolved through arbitration in Chennai, in accordance with the Arbitration and Conciliation Act, 1996. The arbitral tribunal shall consist of a sole arbitrator, and the proceedings shall be conducted in English.
14. Amendments to these terms
Impiger reserves the right to amend these Terms periodically. Updates will be notified by posting revised Terms on our website with the updated “Last Updated” date. Continued use of services constitutes acceptance of the revised Terms.
