Privacy Policy

DATA PROTECTION & PRIVACY FRAMEWORK

Dovoy Chemicals India Private Limited

Effective Date: 01/01/2026
Last Reviewed: 20/12/2025

Policy Period: 1 year

1. DEFINITIONS & INTERPRETATION

For the purposes of this document, unless the context otherwise requires:

● “Act” means the Digital Personal Data Protection Act, 2023, and applicable rules thereunder.

● “Company”, “Dovoy”, “We” , “Us”, “Our” means Dovoy Chemicals India Private Limited .

● “Data Principal” shall have the meaning assigned under the Act.

● “Personal Data” means any data about an individual who is identifiable by or in relation to such data.

● “Processing” shall have the meaning assigned under the Act and includes collection, storage, use, disclosure, transfer, and erasure.

● “Consent” means freely given, specific, informed, unconditional, and unambiguous indication of the Data Principal’s agreement.

● “Website” means the official website operated by the Company.

2. DATA FIDUCIARY DETAILS

Legal Name: Dovoy Chemicals India Private Limited
Registered Office: [Registered Address]
Jurisdiction: India

Grievance Officer / Data Protection Officer

Designation: Grievance Officer
Email: india@dovoy.com
Address: 908-909, Tower B, Business Zone, Nirwana, Gurgaon, Haryana, 122018

3. SCOPE OF THIS POLICY

This Policy governs the Processing of Personal Data of Data Principals including, without limitation:

● Website visitors

● Customers and prospective customers

● Distributors, agents, and business partners

● Vendors and service providers

● Event participants and subscribers

This Policy applies to all Processing activities carried out by the Company through its Website, digital platforms, and related communication channels.

4. CATEGORIES OF PERSONAL DATA & PURPOSES OF PROCESSING

4.1 Technical & Log Data

Data Processed:
IP address, browser details, operating system, access time, referrer URLs, page interactions, and security logs.

Purpose:
Website operation, security monitoring, fraud prevention, diagnostics, and performance optimization.

Legal Basis:
Legitimate use under Section 7 of the Act.

Retention:
Maximum of thirty (30) days, unless retention is required by law or for security investigations

4.2 Cookies & Similar Technologies

The Company uses cookies strictly in accordance with its Cookie Policy .

● Strictly Necessary Cookies: Always enabled

● Performance, Functional, and Marketing Cookies: Enabled only upon Consent

Consent may be withdrawn at any time through the Cookie Preference Center.

4.3 Contact & Communication Data

Data Processed:
Name, email address, telephone number, organization name, and communication content.

Purpose:
Responding to inquiries, providing information, and maintaining business communication.

Legal Basis:
Consent, contractual necessity, and legitimate use.

Retention:
For the duration necessary to fulfil the stated purpose or comply with legal obligations.

4.4 Embedded Third-Party Content

Third-party content (including video and social media embeds) is disabled by default and activated only upon explicit Consent.

The Company disclaims responsibility for independent Processing carried out by third-party platforms.

4.5 Marketing & Promotional Communications

Marketing communications shall be sent only upon Consent and shall include a clear opt-out mechanism.

Consent may be withdrawn at any time without prejudice.

5. DISCLOSURE OF PERSONAL DATA

Personal Data may be disclosed strictly on a need-to-know basis to:

● Authorized employees and departments

● Group companies and affiliates

● IT, hosting, analytics, and marketing service providers

● Professional advisors and auditors

● Statutory authorities, where legally mandated

All disclosures are subject to contractual confidentiality and data protection obligations.

6. CROSS-BORDER DATA TRANSFERS

Where Personal Data is transferred outside India, the Company ensures appropriate safeguards consistent with applicable law and regulatory guidance.

7. DATA SECURITY MEASURES

The Company implements reasonable technical and organizational safeguards including:

● Encryption and access controls

● Secure infrastructure and firewalls

● Role-based access management

● Periodic audits and monitoring

These measures are designed to protect Personal Data against unauthorized access, loss, or misuse.

8. RIGHTS OF DATA PRINCIPALS

Subject to applicable law, Data Principals may exercise the right to:

● Access Personal Data

● Request correction or erasure

● Withdraw Consent

● Restrict or object to Processing

● Lodge grievances or complaints

Requests shall be addressed in accordance with statutory timelines.

9. GRIEVANCE REDRESSAL MECHANISM

9.1 Receipt & Acknowledgement

Grievances shall be acknowledged within seven (7) days.

9.2 Resolution

Complaints shall be resolved within thirty (30) days, unless extended for valid reasons.

9.3 Escalation

Unresolved grievances may be escalated to the Data Protection Board of India , when constituted.

10. CHILDREN’S PERSONAL DATA

The Website is not intended for individuals under eighteen (18) years of age. The Company does not knowingly Process children’s Personal Data.

11. COOKIE POLICY (INCORPORATED BY REFERENCE)

The Company’s Cookie Policy forms an integral part of this framework and governs the use of cookies and consent management

12. AMENDMENTS & REVIEW

The Company reserves the right to amend this Policy at any time to reflect legal, regulatory, or operational changes. Updated versions shall be published on the Website.

13. GOVERNING LAW & JURISDICTION

This Policy shall be governed by and construed in accordance with the laws of India. Courts located in India shall have exclusive jurisdiction.