SHIFT.IN PRIVACY POLICY

Shift Logistics Pvt. Ltd (from now on called "Shift") offers end-to-end supply chain solutions from storage and order fulfilment to shipping. Shift vast network of warehouses allows you to store your products close to your customers, enabling you to deliver orders faster and cheaper. Our Fulfilment service helps online and retail sellers in order processing by integrating their sales channels into our in-house warehouse management system. Shift helps our clients from storing inventory, picking, packing, and shipping to their customers. With a combination of its fleet of vehicles and partner carriers, Shift provides same-day, 2-day, and inter-state delivery services for discounted prices.

Shift will overcome all the operational challenges facing by the client in a single go and giving the client more space to think about his sales and marketing activities and business expansion. Shift is a complete technology-enabled platform. Shift collects data from clients when they register with us and entrust with us the personal details of their customers, including phone numbers, addresses, and pin codes.

Shift generally deals only with eCommerce entities from India and other countries. However, their clients include many multinational corporations that have operations in many countries, and as a result, Shift has continuous transactions from these corporations as long as they remain our clients.

Shift (“we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how your personal information is collected, used, and disclosed by Shift.

This Privacy Policy applies mainly to our services provided to clients through our website https://shift.in, and its associated, sub associates (collectively, our “Service") alongside our application, Shift by accessing or using our service, you signify that you have read, understood, and agree to our Privacy Policy including collection, storage, use, and disclosure of your personal information as described in this Privacy Policy and our Terms of Service.

DEFINITIONS AND KEY TERMS

To help explain the terms of reference, they are defined herein:

Cookies: small amount of data generated by a website and saved by your web browser. Shift uses it to identify your browser, provide analytics, remember information about you, such as your language preference or login information.

Company: when this policy mentions “Company,” “we,” “us,” or “our,” it refers to Shift, C16, Uppal IDA, Hyderabad 500039, Telangana State, India that is responsible for your information under this Privacy Policy.

Country: means wherever Shift has its offices in India or the owners/founders of Shift are based, in this case in Hyderabad, India.

Customer: refers to the company, organization, or person who signs up using the Shift service to manage the relationships with your consumers or service users.

Device: any internet-connected device such as a phone, tablet, computer, or any other machine used to visit Shift and use the services.

IP address: Every device connected to the Internet is assigned a number known as an Internet protocol (IP) address. These numbers, usually assigned in geographic blocks. We can use an IP address to identify the location from which a device connects to the Internet.

Personnel: refers to those individuals employed by Shift or are under contract to perform a service on behalf of one of the parties.

Personal Data: Any information directly, indirectly, or connected with other information — including a personal identification number — allows for the identification or identifiability of a natural person.

Personal Identifiable Information or Personal Identity Information (PII) is the information that can identify an individual when used alone or with other relevant data.

Service: refers to the service provided by Shift as described in the relative terms (if available) and on this platform.

Data Retention means the process of storing data for compliance or business reasons by Shift.

Data Retention Period means the amount of time that Shift’ keeps a particular type of data.

Archiving means the process of moving data that is not in use to a separate storage device or location for retention, preferably in cold storage.

Cold storage means a storage medium for static and infrequently accessed data.

Backup means a copy of data made in case something happens to the original.

Destruction means physical or technical destruction of data by Shift that makes it irretrievable by ordinary commercially available means.

Third-party service: refers to advertisers, contest sponsors, promotional and marketing partners, and others who provide our content or whose products or services Shift thinks may interest you.

Website: Shift’ site, which is accessible via this URL: https://shift.in/

You/client/customer: a person or entity registered with Shift to use the services offered.

CONDITIONS OF USE, NOTICES AND REVISIONS

If you choose to use Shift’ services, your use and any dispute over privacy are subject to this Notice and our Conditions of Use, including limitations on damages, resolution of disputes, and application of the prevailing law in India. If you have any concerns about privacy at Shift, please contact us with a thorough description of your grievance, and Shift will try to resolve it. Our business changes constantly, and our Privacy Notice will change also. You should check our websites frequently to see recent changes.

Unless stated otherwise, our current Privacy Notice applies to all information that Shift has about you and your account. Shift stands behind the promises it makes; however, it will never materially change its policies and practices to make them less protective of customer information collected in the past without the consent of affected customers.

YOUR CONSENT

Shift has an updated Privacy Policy to provide you with complete transparency when visiting their site and how you use it. Using our website, registering an account, or making a purchase, you are presumed to be consenting to the terms of Shift' Privacy Policy.

WHAT INFORMATION DO WE COLLECT, AND HOW DO WE COLLECT THEM?

Shift collects your personal information in a variety of ways. To clarify the kind of information that is collected, Shift has classified the data collected into two categories: PERSONAL IDENTITY INFORMATION (PII) and NON-PERSONAL INFORMATION (NPI).

PERSONAL IDENTITY INFORMATION (PII): PERSONAL IDENTITY INFORMATION is the personal information that we will be collecting from our customers and clients to achieve the assigned task of delivering the goods, and they include information such as a customer or client's name, address, e-mail, and phone number, etc.

When you create an account with us, we may ask you for information such as your name, date of birth or e-mail address, etc.

If you order a product or paid service from us, we may ask for your name, address, contact information, and shipping and payment information to process your order.

To respond when you contact customer service, we may need the information to verify your identity and the product or service you are inquiring about.

When you communicate with our customer service staff or others, transmit your communications through our systems.

Since Shift' does business with eCommerce entities to store their goods and deliver them, they may collect their customer's personal information such as the customer's name, e-mail, address, phone numbers, etc., for delivery of goods.

If you share your contacts, we may collect their phone numbers and other contact information to facilitate the delivery of goods.

NON-PERSONAL INFORMATION (NPI): NON-PERSONAL INFORMATION is the information other than personal such as inventory, goods, etc. that are left in the care of Shift to achieve the assigned task of delivering them or storing them with Shift.

INFORMATION ABOUT YOUR USE OF OUR SERVICES

In addition to the information you provide, Shift will also collect:

Log information: Diagnostic, technical, error, and usage information such as the time and duration of your use of our services, search query terms when you enter search terms into your device in connection with a particular Shift Service, and any information stored in cookies that Shift have set.

Location information: Your device’s GPS signal or information about nearby wi-fi access points and cell towers that may be transmitted to Shift when you use certain services and enable location function.

FOR WHAT PURPOSES DOES SHIFT USE YOUR PERSONAL INFORMATION?

Shift uses your personal information to operate, provide, develop, and improve the products and services that they offer their customers. These purposes include:

Purchase and delivery of products and services: Shift’ uses your personal information to take and fulfill orders, deliver products and services, process payments, and communicate with you about orders, products and services, and promotional offers.

Provide, troubleshoot, and improve Shift’ services: Shift’ uses your personal information to provide functionality, analyze performance, fix errors, and improve the usability and effectiveness of the Shift’ services.

Recommendations and personalization: Shift’ use your personal information to recommend features, products, and services that might be of interest to you, identify your preferences and personalize your experience with Shift’ services.

Provide voice, image, and camera services: When you use Shift’ voice, image, and camera services, they use your voice input, images, videos, and other personal information to respond to your requests, provide the requested service to you, and improve our services.

Comply with legal obligations: In some instances, Shift’ collects and uses your personal information to comply with laws. For example, Shift’ collects sender information regarding their establishment and bank account information for identity verification and other purposes.

Communicate with you:Shift’ uses your personal information to communicate with you concerning their services via different channels (e.g., by phone, e-mail, chat).

Fraud Prevention and Credit Risks. Shift’ uses personal information to prevent and detect fraud and abuse to protect their customers' security and others. Shift’ may also use scoring methods to assess and manage credit risks.

WHAT ABOUT COOKIES AND OTHER IDENTIFIERS?

To enable Shift’ systems to recognize your browser or device and to provide and improve their services, they use cookies and other identifiers. However, you can control the use of cookies by us by adjusting your system browser settings accordingly. It must be noted that turning off the cookies may have certain unintended consequences such as difficulty in logging in etc.

DOES SHIFT’ SHARE YOUR PERSONAL INFORMATION WITH OUTSIDERS OR THIRD PARTIES?

Information about Shift customers is an integral part of their business. Shift is not in the business of selling or sharing their customers' personal information with others. Shift shares customers' personal information only as described below with their subsidiaries and associates that they control that either is subject to this privacy policy or follow practices that are as protective as those described in this privacy policy.

Third-Party Service Providers: Shift’ employs other individuals, firms, and companies to perform functions and services on their behalf. Examples include fulfilling orders for products or services, delivering packages, sending postal mail and e-mail, removing repetitive information from customer lists, analyzing data, providing marketing assistance, providing search results and links (including paid listings and links), processing payments, transmitting content, scoring, assessing, and managing credit risk, and providing customer service. These third-party service providers may have access to personal information needed to perform their functions, but they are all compliant with our strict Privacy Policy, and they may not use it for other purposes. Further, they must process the personal information as per applicable law.

Business Transfers: As Shift continues to develop our business, we might sell or buy other companies or services. In such transactions, customer information generally is one of the transferred business assets but remains subject to the promises made in any pre-existing Privacy Notice unless, of course, the customer consents otherwise. Also, in the unlikely event that Shift' taken over wholly or substantially or any of its affiliates' business is taken over wholly or substantially, and all their assets are acquired, customer information will, of course, be one of the transferred assets.

Protection of Shift and Others: Shift’ releases account and other personal information when they believe such release is appropriate to comply with the law and this privacy policy; enforce or apply their conditions of use and other agreements; or protect the rights, property, or safety of Shift’, their users, or others. Such a service includes exchanging information with other companies and organizations for fraud protection and credit risk reduction.

Other than as set out above, you will receive notice when Shift shares personal information with third parties, and you shall have an opportunity to choose not to share the information.

LINKS TO OTHER WEBSITES

This Privacy Policy applies only to the services provided by Shift’ through their website https://www.Shift.in/. The Services may contain links to other websites not operated or controlled by https://www.Shift.in/. Shift’ is not responsible for the content, accuracy, or opinions expressed in such websites and cannot investigate such websites, monitor, or checked for accuracy or completeness by us. Please remember that when you use a link to go from our services to another website, Shift’ Privacy Policy is no longer in effect. Your browsing and interaction on any other website, including those that have a link on Shift platform, is subject to that website's own rules and policies. In addition, such third parties may use their cookies or other methods to collect information about you.

HOW DOES SHIFT SECURE AND ENCRYPT THE INFORMATION RECEIVED FROM VARIOUS SOURCES IN INDIA AND ABROAD?

Shift design their systems with your security and privacy in mind. To protect the information received from their clients and customers and maintain the data's integrity, they encrypt the data received at various stages safely and securely using Advanced Encryption Standard (AES) 256-bit encryption as per the best industry practices.

Shift ensures that the encrypted data stored or received by them is used only by the person for whom it is intended. After that, destroy the data after taking sufficient precautions as per law.

Shift works to protect your personal information during transmission by using encryption protocols and software.

All the sensitive/credit information is transmitted via Secure Socket Layer (SSL) technology and then encrypted into Shift' Payment gateway providers database only to be accessible by those authorized with special access rights to such systems and are required to keep the information confidential. After a transaction, your private information (credit cards, social security numbers, financials, etc.) removed from the file.

Shift follow the Payment Card Industry Data Security Standard (PCI DSS) when handling payment card data.

Shift maintains physical, electronic, and procedural safeguards connected with collecting, storing, processing, and disclosing personal customer information. Our security procedures mean that Shift may occasionally request proof of identity before Shift discloses personal information to you.

Shift’ system offers security features to protect them against unauthorized access and loss of data. You can control these features and configure them based on your needs.

You need to protect against unauthorized access to your password and your computers, devices, and applications. Be sure to sign off when finished using a shared computer.

LEVEL CLASSIFICATION OF SHIFT PERSONNEL FOR DATA USAGE

For determining persons who can have authorized access to the data, they are classified as per the requirement for handling the data as under, each level of personnel shall have authorization and restricted access to information as per their need and use of data to finish their respective tasks:

Top Management
Supervisor Managers
Security Personnel
Workmen

Data access will be given to all personnel on a need-to-know basis only

Data to be accessed by each level personnel shall be encrypted using AES 256-bit encryption, which is as per best industry standards and shall be limited to the task for which they need the data.

All personnel must strictly adhere to the Shift Privacy Policy.

Any deviation by any personnel of Shift or anyone working for them as third-party contractors from the standard industry policy shall be deemed as a violation that the management shall act upon as per their service policy.

DATA IN TRANSIT

To finish the task assigned by Shift client, they shall transmit the data received from their client to the relevant persons in an AES 256-bit encrypted form. To share data received by them from their customers and clients to the appropriate persons and ensuring the maintenance of security and integrity of the data Shift shall encrypt the data at all levels using Advanced Encryption System 256-bit encryption as per the best industry practices.

DATA RETENTION AND RECOVERY

Data that is available with Shift that their clients and customers provide shall be retained in an encrypted version to carry out the task assigned to Shift' and maintained as per the policy described hereunder.

Data procured from Shift’ clients shall be retained in an encrypted version using the AES 256-bit encryption for 30 days maximum by Shift from the date of shipping the goods for statutory requirements and internal company's accounting and compliance purposes.

Shift shall, after that, destroy all the copies of the data after retaining one encrypted copy in cold storage or offline backup store, whichever is feasible for them, for their legal and taxation purposes, after the said period of 30 days. The data in cold storage shall be encrypted using the AES 256-bit encryption.

Shift’ computer software systems are programmed to automatically destroy all the data copies after 30 days, except for one encrypted version kept in cold storage as a backup record.

Shift shall maintain this system cycle unless the company changes its policy or is required under law to change it.

HOW LONG DO SHIFT KEEP YOUR INFORMATION?

Shift keeps your information only so long as they need it to provide services to you and to fulfill the purposes described in this policy. This shall also be the case for anyone they share your information with and who carries out services for Shift. When Shift no further need to use your information, they shall either remove it from their systems or depersonalize it so that you cannot be identified you in the following manner

:

Information Data received from third parties such as customer name, e-mail address, phone number, office, or residential addresses, etc., will be purged after 30 days from the date of delivery of goods. This policy aligns with their agreement with all our partners and associates who also conform to this condition.

End Customer Personal Buyer Information such as customer name, e-mail address, phone number, address information, etc., provided by the service provider shall be purged after 30 days from the delivery date. This policy aligns with their agreement with all our partners and associates who also conform to this condition.

If the user or client is not active in the system for 1 year, Shift will purge the information about such user or client.

If the Account Holder is inactive for 3 years, then Shift shall purge his/her/their account from the system.

All Shift' clients' and customers' information shall be kept in an encrypted manner using the AES 256-bit encryption only.

WHAT INFORMATION CAN I ACCESS?

You can access your information, including your name, address, payment options, profile information, Prime membership, household settings, and purchase history in the "Your Account" section of the website or mobile application. Click here for a list of examples that you can access. To request access to personal information that is not available through Your Account you can submit a request here.

WHAT CHOICES DO I HAVE?

If you have any questions about how Shift collects and uses your personal information, please contact their Grievance Officer. In addition, many of our Shift services also include settings that provide you with options as to how they use your information.

As described above, you can always choose not to provide certain information, but then you might not be able to take advantage of many of the Shift services.

You can add or update certain information on pages such as those referenced in What Information Can I Access? When you update information, Shift usually keeps a copy of the prior version for their records.

If you do not want to receive e-mail or other communications from us, please adjust your Customer Communication Preferences.

If you do not want to see interest-based ads, please adjust your Advertising Preferences.

The Help feature on most browsers and devices will tell you how to prevent your browser or device from accepting new cookies or other identifiers, how to have the browser notify you when you receive a new cookie or how to block cookies altogether. However, because cookies and identifiers allow you to take advantage of some essential features of Shift Services, Shift recommends that you leave them turned on. For instance, if you block or otherwise reject our cookies, you will not be able to fully utilize Shift’ services, proceed to checkout, or use any services that require you to sign in. For more information about cookies and other identifiers, see our Cookies Notice.

If you want to browse our websites without linking the browsing history to your account, you may do so by logging out of your account here and blocking cookies on your browser.

You will also be able to opt-out of certain other types of data usage by updating your settings on the applicable Shift’ website (e.g., in "Manage Your Content and Devices"), device, or application. In addition, most non-Shift companies also provide users with the ability to change device permissions (e.g., disable/access location services, contacts). For most devices, these controls are in the device's settings menu.

ARE CHILDREN ALLOWED TO USE SHIFT SERVICES?

Shift does not sell services for purchase by children. Therefore, if you are under the age of 18 years, you may use Shift’ services only with the involvement of a parent or guardian.

WHEN DOES SHIFT USE END-USER INFORMATION FROM THIRD PARTIES?

Shift will collect End User Data necessary to provide our services to our customers. All such data collected from any source shall be stored within Shift using the AES 256-bit encryption.

End-users may voluntarily provide us with the information they have made available on social media websites. If you provide us with any such information, Shift may collect publicly available information from the social media websites you have indicated. You can control how much of your information social media websites make public by visiting these websites and changing your privacy settings.

Shift receives some information from the third parties when you contact us. For example, when you submit your e-mail address to us to show interest in becoming a Shift customer, Shift receives information from a third party that provides automated fraud detection services to Shift. Shift also occasionally collects information that is made publicly available on social media websites. You can control how much of your information social media websites make public by visiting these websites and changing your privacy settings.

COULD MY INFORMATION BE TRANSFERRED TO OTHER COUNTRIES?

Shift is Indian incorporation. Therefore, they are not in the business of transferring the information collected to other places anywhere in the world except as described in this privacy policy and as per Shift’ terms and conditions from time to time our offices in India.

Shift shall transmit the data in encrypted form using their AES 256-bit encryption to be used by their offices and office personnel worldwide as per their clearance level to complete the tasks assigned to them.

Shift strictly complies with all the data protection policies enacted by the government.

GOVERNING LAW

The laws of India govern this Privacy Policy without regard to its conflict of laws provision. The courts in Hyderabad shall have jurisdiction connected with any action or dispute arising between the parties under or connected with this Privacy Policy except for those who may have rights to make claims under Privacy Laws.

The laws of India, excluding its conflicts of law rules, shall govern this agreement and your use of the website. Your use of the website may also be subject to other local, state, national, or international laws.

Using our website https://www.Shift.in/ or contacting us directly, you signify your acceptance of this Privacy Policy. If you do not agree to this Privacy Policy, you should not engage with our website or use our services. However, continued use of the website, direct engagement with us, or following the posting of changes to this Privacy Policy that do not significantly affect the use or disclosure of your personal information will mean that you accept those changes.

CHANGES TO PRIVACY POLICY

Shift Privacy Policy is subject to change without notice to comply with the local and national laws and policies. Therefore, Shift may make changes to this Privacy Policy to accurately reflect their service and procedures and reflect any changes in statutes notified by the government. Unless otherwise required by law, Shift will notify you (for example, through our service) of the changes to this Privacy Policy and allow you to review them before they go into effect. Then, if you continue to use the service, you will be bound by the updated Privacy Policy. If you do not want to agree to this or any revised Privacy Policy, you can delete your account.

GRIEVANCE RESOLUTION SYSTEM

To deal with any unintended policy violations, Shift has put in place a team of dedicated managers, who shall deal with the legal and technical issues related to this Privacy Policy. These are as under:

Technical: Sandeep Kumar Gudupati

E-mail: sandeep.gudupati@Shift.in
Mob: +91-8904291440
Address: C16, UPPAL IDA, HYDERABAD 500039, TS, INDIA

Legal: Raghuram Chadalavada

E-mail: raghuram.chadalavada@Shift.in
Mob: +91-9000143889

Grievance Redressal Officer: Sandeep Mahendarkar

E-mail: msandeep@Shift.in
Phone Number: +91-63091 72020
Address: C16, UPPAL IDA, HYDERABAD 500039, TS, INDIA

The Grievance Officer and other personnel, as identified above, shall act as per to the provisions of applicable laws, including the Information Technology Act, 2000 and the Consumer Protection Act, 2019, and the Rules enacted under those laws to rectify any issues related to any maintenance and legal issues, about Shift and its privacy policy arising out of any inadvertent event.