Privacy Policy for SYSCO180 Dispute Resolution & Conflict Management Council

At SYSCO180 Dispute Resolution & Conflict Management Council (“SYSCO180,” “we,” “us,” or “our”), we are committed to protecting the privacy and confidentiality of your personal information. This Privacy Policy (“Policy”) outlines how we collect, use, store, disclose, and protect your information when you use our online dispute resolution (ODR) services, including mediation, arbitration, conciliation, negotiation, conflict coaching, or consultation (“Services”), accessible via www.sysco180.in. This Policy applies to all users, including individuals, companies, organizations, banks, and non-banking financial companies (NBFCs), whether based in India or internationally.

By using our Services or website, you consent to the practices described in this Policy, in accordance with the Information Technology Act, 2000, and applicable rules for Indian users, and relevant international data protection laws (e.g., GDPR for EU users) for international users. If you do not agree with this Policy, please refrain from using our Services. We may update this Policy periodically, with changes effective immediately upon posting on our website. The latest version is indicated by the date at the bottom of this document.

We collect the following types of information to provide and improve our Services:

1. Personal Information: Information you provide during registration, Service participation, or communication, including:

• o Name
• o Residential Address
• o Permanent Address
• o Sexuality
• o Date of Birth
• o Email address
• o Phone number
• o Aadhar card details
• o PAN Details (if required)
• o Organizational role or company details (if applicable)
• o Address or country of residence (for international users)
• o Payment information (e.g., credit/debit card details, bank account information for NEFT or international wire transfers)

2. Dispute-Related Information: Information submitted during ODR processes, such as dispute summaries, documents, or communications related to mediation, arbitration, or other Services.

3. Usage Data: Information about how you interact with our website or Services, including:

• o IP address
• o Browser type and version
• o Device information
• o Pages visited and time spent on our website
• o Cookies and similar tracking technologies (see “Cookies and Tracking Technologies” below)

4. Communication Data: Records of your interactions with us, such as emails, SMS, or feedback submitted via Emails or other channels.

For international users, we may collect additional information to comply with local laws (e.g., GDPR-required consent details for EU users).

We collect information:

Directly from You: When you register, complete forms, participate in Services, or contact us.

• Automatically: Through website analytics, cookies, or server logs when you access our platform.

• From Third Parties: From payment processors, financial institutions, or other authorized entities to facilitate Services or verify information, subject to applicable laws

We use your information to:

• Provide and manage Services, including scheduling and conducting mediation, arbitration, or other ODR processes.

• Process payments for paid Services (e.g., advanced training or international arbitration).

• Communicate with you about Service updates, schedules, or training opportunities.

• Ensure compliance with organizational policies, Indian laws, and international regulations.

• Improve our website and Services through analytics and user feedback.

• Protect against fraud, unauthorized access, or security threats.

• Comply with legal obligations, such as court orders or regulatory requirements.

For international users, we process data in accordance with their local laws (e.g., GDPR’s lawful basis for processing, such as consent or contractual necessity).

We use cookies and similar technologies to enhance your experience, analyse website usage, and personalize content. Cookies may include

• Essential Cookies: Necessary for website functionality and Service delivery.

• Analytics Cookies: To track usage patterns and improve our platform.

You can manage cookie preferences through your browser settings. Disabling cookies may limit access to certain features. For EU users, we obtain explicit consent for non-essential cookies in compliance with GDPR.

We do not sell or rent your personal information. We may share your information:

• With Service Providers: With trusted third parties (e.g., payment processors, cloud storage providers) who adhere to confidentiality and data protection standards.

• During ODR Processes: With mediators, arbitrators, or other parties involved in a dispute, only as necessary and with your consent or as permitted by law.

• For Legal Compliance: To comply with applicable laws, regulations, or legal processes (e.g., court orders, RBI guidelines for Indian users, or GDPR for EU users).

• With Your Consent: For purposes you explicitly authorize, such as sharing dispute outcomes with relevant parties. International data transfers (e.g., to servers in India) comply with applicable laws, including GDPR’s safeguards for EU users (e.g., standard contractual clauses).

All information shared during mediation, arbitration, or other ODR processes is strictly confidential, except:

• With Service Providers: With trusted third parties (e.g., payment processors, cloud storage providers) who adhere to confidentiality and data protection standards.

• During ODR Processes: With mediators, arbitrators, or other parties involved in a dispute, only as necessary and with your consent or as permitted by law.

• For Legal Compliance: To comply with applicable laws, regulations, or legal processes (e.g., court orders, RBI guidelines for Indian users, or GDPR for EU users).

• With Your Consent: For purposes you explicitly authorize, such as sharing dispute outcomes with relevant parties. International data transfers (e.g., to servers in India) comply with applicable laws, including GDPR’s safeguards for EU users (e.g., standard contractual clauses).

We implement reasonable security measures to protect your information, in compliance with the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and international standards (e.g., GDPR). These measures include:

• Encryption of sensitive data during transmission and storage.

• Access controls to limit data access to authorized personnel.

• Regular security assessments to identify and address vulnerabilities.

However, no system is completely secure. You use our Services at your own risk, and we are not liable for unauthorized access beyond our reasonable control.

We retain personal information only as long as necessary to:

• Provide Services and fulfil contractual obligations.

• Comply with legal requirements (e.g., tax or regulatory records). Dispute-related data is retained for the duration of the ODR process and a reasonable period thereafter, unless otherwise required by law. For EU users, retention periods align with GDPR principles of data minimization and purpose limitation. You may request deletion of your data by contacting info@sysco180.in, subject to legal obligations.

You have the following rights, subject to applicable laws:

• Access: Request a copy of your personal information.

• Correction: Update inaccurate or incomplete information.

• Deletion: Request deletion of your data, subject to legal retention requirements.

• Objection: Object to certain data processing activities (e.g., promotional communications).

• Portability: Request your data in a structured, machine-readable format (for EU users under GDPR).

• Withdraw Consent: Revoke consent for data processing, where applicable.

To exercise these rights, contact us at info@sysco180.in with your details and request. We will respond within 30 days (or as required by law, e.g., GDPR’s one-month timeframe). International users’ rights are subject to their local regulations.

For users outside India, we process data in compliance with applicable local laws (e.g., GDPR for EU users, CCPA for California residents). Key provisions include:

• GDPR Compliance: For EU users, we process data based on lawful grounds (e.g., consent, contractual necessity) and provide GDPR-specific rights.

• Cross-Border Data Transfers: Data may be stored or processed in India, with safeguards like standard contractual clauses for EU users.

• Local Law Compliance: International users must ensure their use of Services complies with their local laws.

Our website may contain links to third-party sites (e.g., payment gateways). We are not responsible for their privacy practices. Review the privacy policies of third-party sites before sharing information.

Our Services are not intended for individuals under 18. Minors may participate only with the consent and supervision of a parent or guardian. If we inadvertently collect data from a minor without consent, we will delete it upon notification.

For questions, concerns, or to exercise your data rights, contact:

• Email: info@sysco180.in

• Phone: +91 2240779123

• Address: SYSCO180 Dispute Resolution & Conflict Management Council, DBS Heritage House, Office No. 120, Ghanshyam Talwatkar Marg, Prescott Road, Fort, Mumbai - 400001, India.

• Website: www.sysco180.in

If you believe your privacy rights have been violated, you may file a complaint with us at management@sysco180.in. For EU users, you may also contact your local data protection authority (e.g., under GDPR). Indian users may approach the appropriate authority under the Information Technology Act, 2000.

This Policy is governed by Indian law for Indian users, in accordance with the Information Technology Act, 2000. For international users, Indian law applies to the extent it does not conflict with mandatory provisions of their local jurisdiction.