Policies related to various data protection and IT laws applicable to Scaled Holdings India Private Limited based on its global operations.

Indian Information Technology Act, 2000 (IT Act)

Compliance with the IT Act, 2000
Scaled Holdings India Private Limited adheres to the provisions of the Indian Information Technology Act, 2000, ensuring the protection of digital information and secure communication.

Key Highlights:

  1. Data Protection:
    • We follow stringent measures to ensure the security and confidentiality of user data as mandated by Section 43A of the Act.
    • We implement reasonable security practices and adhere to internationally accepted standards for the collection, storage, and processing of sensitive information.
  2. Prohibited Activities:
    • We do not engage in or permit cyber offenses, including hacking, phishing, or unauthorized access to systems, as outlined under Sections 65–66D.
    • Any abuse of our platform for illegal activities will result in immediate action and legal recourse.
  3. Grievance Redressal:
    • We have a designated Grievance Officer to address issues related to data breaches, privacy, or misuse of our services. For complaints, email us at grievance@scaled.co.in.

Jurisdiction and Enforcement:
All disputes arising under the IT Act will be subject to the jurisdiction of Srinagar, Jammu & Kashmir.

General Data Protection Regulation (GDPR)

GDPR Compliance (European Union)
As part of our global operations, Scaled Holdings India Private Limited ensures compliance with the EU General Data Protection Regulation (GDPR) for clients and users within the European Union.

Key Principles We Follow:

  1. Transparency:
    • We provide clear information on how personal data is collected, processed, and stored.
    • Users have access to our Privacy Policy detailing the purpose and scope of data usage.
  2. Data Rights:
    • Right to Access: Users can request access to the personal data we store.
    • Right to Erasure: Users may request data deletion if it is no longer necessary for processing purposes.
    • Right to Portability: Users can request a copy of their data in a portable format.
  3. Legal Basis for Processing:
    • Data processing is based on consent, contracts, legal obligations, or legitimate interests as defined under Article 6 of GDPR.
  4. Data Transfers:
    • Data transferred outside the EU is done following appropriate safeguards, such as standard contractual clauses.

For inquiries or data-related requests, email gdpr@scaled.co.in.

Australian Privacy Act, 1988

Compliance with Australian Privacy Principles (APPs)
Scaled Holdings India Private Limited adheres to the Australian Privacy Principles (APPs) under the Privacy Act, 1988, ensuring the protection of personal information for individuals in Australia.

Key Points:

  1. Collection of Personal Information:
    • We collect personal data only when necessary for service delivery, with clear consent.
    • Examples of data collected: Name, contact information, and payment details.
  2. Use and Disclosure:
    • Data is used strictly for the purpose for which it was collected.
    • We do not share user data with third parties without prior consent unless required by law.
  3. Access and Correction:
  4. Data Security:
    • We implement technical and organizational measures to protect personal data from unauthorized access, misuse, or loss.

For complaints related to privacy in Australia, you may contact the Office of the Australian Information Commissioner (OAIC).

Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA)

Compliance with PIPEDA
Scaled Holdings India Private Limited ensures compliance with Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) for data protection and electronic transactions.

Key Principles:

  1. Accountability:
    • We have appointed a Privacy Officer to oversee compliance with PIPEDA principles.
  2. Consent:
    • We obtain explicit consent before collecting, using, or disclosing personal data.
  3. Data Accuracy:
    • Personal information is kept accurate, complete, and up-to-date to fulfill its intended purpose.
  4. User Rights:
    • Individuals can request access to their data or file a complaint about its handling by emailing privacy@scaled.co.in.

For privacy complaints in Canada, users may contact the Office of the Privacy Commissioner of Canada (OPC).

United Kingdom General Data Protection Regulation (UK-GDPR)

Compliance with UK-GDPR
Scaled Holdings India Private Limited complies with the UK-GDPR and the Data Protection Act 2018 for protecting the personal data of individuals in the United Kingdom.

Key Practices:

  1. Lawful Data Processing:
    • Data is processed lawfully, fairly, and transparently in accordance with Article 5 of UK-GDPR.
    • We ensure all processing activities align with user rights and the lawful basis for processing.
  2. Data Subject Rights:
    • Right to be informed about data collection and usage.
    • Right to object to processing for direct marketing purposes.
    • Right to restrict or withdraw consent at any time.
  3. Data Breaches:
    • In the event of a data breach, affected users will be notified within 72 hours as mandated by UK-GDPR regulations.
  4. International Data Transfers:
    • Transfers outside the UK are conducted with adequate safeguards under appropriate transfer mechanisms.

For data protection queries in the UK, email us at privacy@scaled.co.in.

United States Data Protection & IT Laws

Compliance with U.S. Federal and State Privacy Regulations

Scaled Holdings India Private Limited complies with applicable United States federal and state-level data protection and cybersecurity laws for users, customers, and partners based in the United States.

Key Regulations We Align With:

California Consumer Privacy Act (CCPA) & California Privacy Rights Act (CPRA)

For users residing in California, we adhere to the CCPA and CPRA requirements.

Key Rights Ensured:

  • Right to Know: Users may request disclosure of personal data collected and its usage.
  • Right to Delete: Users may request deletion of personal information, subject to legal obligations.
  • Right to Opt-Out: Users can opt out of the sale or sharing of personal data (where applicable).
  • Non-Discrimination: Users exercising their rights are not subject to discrimination.

Requests may be sent to privacy@scaled.co.in.

Federal Trade Commission (FTC) Act

  • We ensure fair, transparent, and lawful handling of personal data.
  • We do not engage in deceptive or unfair data practices.
  • Security safeguards are implemented to prevent unauthorized access or misuse.

Children’s Online Privacy Protection Act (COPPA)

  • We do not knowingly collect personal data from children under 13 without verifiable parental consent.
  • Any such data identified is promptly deleted.

United Arab Emirates (UAE)

Compliance with UAE Data Protection Laws

Scaled Holdings India Private Limited complies with the UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (PDPL) for individuals and businesses located in the United Arab Emirates.

Key Compliance Measures:

Lawful Processing:

  • Personal data is processed only for clear, lawful, and specified purposes.
  • Processing is based on consent, contractual necessity, or legal obligation.

Data Subject Rights:

  • Right to access personal data.
  • Right to correction or erasure of inaccurate or outdated data.
  • Right to restrict processing under applicable circumstances.

Data Localization & Transfers:

  • Cross-border data transfers are conducted only where adequate protection mechanisms are in place.
  • Transfers comply with UAE-approved safeguards and international standards.

Security Measures:

  • We implement technical and administrative safeguards to protect personal data from breaches or unauthorized access.

For UAE-specific data protection inquiries, contact privacy@scaled.co.in.

Europe (Non-EU Jurisdictions & EEA Alignment)

Compliance with European Data Protection Frameworks

In addition to GDPR compliance, Scaled Holdings India Private Limited aligns with broader European Economic Area (EEA) and regional data protection frameworks applicable to non-EU European jurisdictions.

Key Practices:

Data Minimization & Purpose Limitation:

  • Only necessary personal data is collected and processed.
  • Data is retained strictly for the duration required to fulfill its purpose.

Security & Confidentiality:

  • Encryption, access control, and audit logging mechanisms are in place.
  • Regular security assessments are conducted.

Cross-Border Processing:

  • Data transfers follow internationally recognized safeguards such as:
    • Standard Contractual Clauses (SCCs)
    • Adequacy decisions where applicable

Accountability:

  • Internal data governance policies ensure compliance across all European operations.

For European data protection queries, email privacy@scaled.co.in.

Global Data Protection Governance

Unified Compliance Framework

Scaled Holdings India Private Limited maintains a global privacy governance framework that ensures:

  • Consistency across jurisdictions
  • Regular policy updates aligned with evolving laws
  • Employee training on data protection and cybersecurity
  • Vendor and partner compliance through contractual safeguards

For more information about our global compliance practices, please contact us:

Scaled Holdings India Private Limited
Level 2, BlackInk Towers,
Gousia Market Kathidarwaza,
Srinagar, Jammu & Kashmir 190003, India
Email: hey@scaled.co.in