Privacy Policy

Welcome, and thank you for your interest in Walkover Web Solutions Pvt Ltd, our product MSG91 (“MSG91,” “we,” or “us”), our website at MSG91.com (the “Site”), and all related websites, downloadable software, mobile applications (including tablet applications), and other services provided by us on which a link to this Privacy Policy is displayed. This Privacy Policy describes the information that we collect through the Service, how we use and disclose such information, and the steps we take to protect it. By visiting the Site or by purchasing or using the Service, you accept the privacy practices described in this Policy.
This Policy is incorporated into, and is subject to, the MSG91 Terms & Conditions. Capitalized terms used but not defined in this Policy have the meanings given to them in the MSG91 Terms & Conditions.

Definitions

  • “Client” means a customer of MSG91.
  • “Client Data” means personal data, reports, addresses, and other files, folders, or documents in electronic form that a User of the Service stores within the Service.
  • “Personal Data” means any information relating to an identified or identifiable natural person.
  • “Public Area” means the area of the Site that can be accessed by both Users and Visitors without needing to log in.
  • “Restricted Area” means the area of the Site that can be accessed only by Users, and access requires logging in.
  • “User” means an employee, agent, or representative of a Client who primarily uses the restricted areas of the Site for the purpose of accessing the Service in such a capacity.
  • “Visitor” means an individual other than a User who uses the public area but has no access to the restricted areas of the Site or Service.
What personal information do we collect from the people who visit our blog, website, or app?

We collect various types of information from or through the Service. The legal bases for MSG91’s processing of Personal Data are primarily that the processing is necessary for providing the Service in accordance with our Terms of Service, and that the processing is carried out in MSG91’s legitimate interests, which are further explained in the section "How do we use your information?" of this Policy. We may also process data upon your consent, asking for it as appropriate.

User-Provided Information

When you use the Service, as a User or as a Visitor, you may provide, and we may collect Personal Data. Examples of Personal Data include name, email address, mobile phone number, and credit card or other billing information. Personal Data also includes other information, such as geographic area or preferences, when any such information is linked to information that identifies a specific individual. You may provide us with Personal Data in various ways on the Service. For example, when you register for an Account, use the Service, post Client Data, interact with other users of the Service through communication or messaging capabilities, or send us customer-service-related requests.

Information Collected by Clients

A Client or User may store or upload Client Data into the Service. MSG91 has no direct relationship with the individuals whose Personal Data it hosts as part of Client Data. Each Client is responsible for providing notice to its customers and third parties concerning the purpose for which Client collects their Personal Data and how this Personal Data is processed through the Service as part of Client Data.

Automatically Collected Information

When a User or Visitor uses the Service, we may automatically record certain information from the User’s or Visitor’s device by using various types of technology, including cookies, "pixels," or “web beacons." This automatically collected information may include an IP address or other device address or ID, web browser and/or device type, the web pages or sites visited just before or just after using the Service, the pages or other content the User or Visitor views or interacts with on the Service, and the dates and times of the visit, access, or use of the Service. We may also use these technologies to collect information regarding a Visitor's or User's interaction with email messages, such as whether the Visitor or User opens, clicks on, or forwards a message. This information is gathered from all Users and Visitors.

Integrated Services

You may be given the option to access or register for the Service through the use of your username and passwords for certain services provided by third parties (each, an “Integrated Service”), such as through the use of your Google account, or otherwise have the option to authorize an Integrated Service to provide Personal Data or other information to us. By authorizing us to connect with an Integrated Service, you authorize us to access and store your name, email addresses, profile picture URL, and other information that the Integrated Service makes available to us, and to use and disclose it in accordance with this Policy. You should check your privacy settings on each Integrated Service to understand what information that Integrated Service makes available to us and make changes as appropriate. Please review each Integrated Service’s terms of use and privacy policies carefully before using their services and connecting to our Service.

Information from Other Sources

We may obtain information, including Personal Data, from third parties and sources other than the Service, such as our partners, advertisers, and Integrated Services. If we combine or associate information from other sources with Personal Data that we collect through the Service, we will treat the combined information as Personal Data in accordance with this Policy.

How do we use your information?

Operations

We use the information, other than Client Data, to operate, maintain, enhance, and provide all features of the Service, to provide the services and information that you request, to respond to comments and questions, and to provide support to users of the Service. We process Client Data solely in accordance with the directions provided by the applicable Client or User.

Improvements

We use the information to understand and analyze the usage trends and preferences of our Visitors and Users, to improve the Service, and to develop new products, services, features, and functionality.

Communications

We may use a Visitor’s or User’s email address or other information, other than Client Data, to contact that Visitor or User:

  1. for administrative purposes such as customer service, to address intellectual property infringement, right of privacy violations, or defamation issues related to the Client Data or Personal Data posted on the Service; or
  2. with updates on promotions and events relating to products and services offered by us and by third parties we work with. You have the ability to opt-out of receiving any promotional communications.

Cookies and Tracking Technologies

We use automatically collected information and other information collected on the Service through cookies and similar technologies to:

  1. Personalize our Service, such as remembering a User’s or Visitor’s information so that the User or Visitor will not have to re-enter it during a visit or on subsequent visits.
  2. Provide customized advertisements, content, and information.
  3. Monitor and analyze the effectiveness of the Service and third-party marketing activities.
  4. Monitor aggregate site usage metrics such as the total number of visitors and pages viewed.
  5. Track your entries, submissions, and status in any promotions or other activities on the Service.

Analytics

We use Google Analytics to measure and evaluate access to and traffic on the Public Area of the Site and create user navigation reports for our Site administrators. Google operates independently from us and has its own privacy policy, which we strongly suggest you review. Google may use the information collected through Google Analytics to evaluate Users' and Visitors’ activity on our Site. For more information, see Google Analytics Privacy and Data Sharing.

We take measures to protect the technical information collected by our use of Google Analytics. The data collected will only be used on a need-to-know basis to resolve technical issues, administer the Site, and identify visitor preferences, but in this case, the data will be in a non-identifiable form. We do not use any of this information to identify Visitors or Users.

To whom do we disclose information?

Except as described in this Policy, we will not intentionally disclose the Personal Data or Client Data that we collect or store on the Service to third parties without the consent of the applicable Visitor, User, or Client. We may disclose information to third parties if you consent to us doing so, as well as in the following circumstances:

Unrestricted Information: Any information that you voluntarily choose to include in a Public Area of the Service, such as a public profile page, will be available to any Visitor or User who has access to that content.

Service Providers (Sub Processors): We work with third-party service providers who provide website, application development, hosting, maintenance, and other services for us. These third parties may have access to, or process Personal Data or Client Data as part of providing those services for us. We limit the information provided to these service providers to that which is reasonably necessary for them to perform their functions, and our contracts with them require them to maintain the confidentiality of such information.

List of Processors
  1. Amazon Web Services
    Hosting services in the US
  2. Stripe
    Payment gateway (PCI compliant)
  3. Paypal
    Payment gateway (PCI compliant)
  4. Razorpay
    Payment gateway (PCI compliant)
  5. FreshWork
    Sales CRM tool
  6. Hotjar
    Business Analytics
  7. Full Story
    Business Analytics
  8. Rollbar
    Error Tracking
  9. Google (Gmail)
    To allow customers to send emails via Gmail
  10. Microsoft365 (Outlook)
    To allow customers to send emails via Outlook
  11. Google (Google Analytics)
    Business Analytics
  12. Google ads
    Marketing
  13. Facebook Ads
    Marketing

Non Personally Identifiable Information

We may make certain automatically collected, aggregated, or otherwise non-personally identifiable information available to third parties for various purposes, including:

  1. Compliance with various reporting obligations,
  2. Business or marketing purposes, or
  3. Assisting such parties in understanding our Clients', Users', and Visitors' interests, habits, and usage patterns for certain programs, content, services, and/or functionality available through the Service.
Law Enforcement, Legal Process, and Compliance

in the good-faith belief that such action is necessary to comply with applicable laws, respond to a valid court order, judicial or other government subpoena, or warrant, or cooperate with law enforcement or other governmental agencies.

We may disclose Personal Data or other information if required by law or

We also reserve the right to disclose Personal Data or other information that we believe, in good faith, is appropriate or necessary to:

  1. Take precautions against liability,
  2. Protect ourselves or others from fraudulent, abusive, or unlawful uses or activities,
  3. Investigate and defend ourselves against any third-party claims or allegations,
  4. Protect the security or integrity of the Service and any facilities or equipment used to make the Service available, or
  5. Protect our property or other legal rights, enforce our contracts, or safeguard the rights, property, or safety of others.
Change of Ownership

Information about Users and Visitors, including Personal Data, may be disclosed and transferred to an acquirer, successor, or assignee as part of any merger, acquisition, debt financing, sale of assets, or similar transaction. This also applies in the event of insolvency, bankruptcy, or receivership, in which information is transferred to one or more third parties as one of our business assets, but only if the recipient of the User or Visitor Data agrees to a Privacy Policy with terms substantially consistent with this Privacy Policy.

Client Data may be physically or electronically transferred to an acquirer, successor, or assignee as part of any merger, acquisition, debt financing, sale of assets, or similar transaction. This also applies in the event of insolvency, bankruptcy, or receivership, in which information is transferred to one or more third parties as one of our business assets, for the sole purpose of continuing the operation of the Service. Again, this is subject to the condition that the recipient of the Client Data agrees to a Privacy Policy with terms substantially consistent with this Privacy Policy.

Your Rights Regarding Use Of Personal Information

Access, Correction, Deletion

We respect your privacy rights and provide you with reasonable access to the Personal Data that you may have provided through your use of the Services. If you wish to access or amend any other Personal Data we hold about you or request that we delete or transfer any information about you obtained from an Integrated Service, you can contact us at [email protected] to make your request. Upon your request, we will delete or block any references to you in our database.

You can update, correct, or delete your Account information and preferences at any time by accessing your Account settings page on the Service. Please note that while any changes you make will be instantly or reasonably reflected in active user databases, we may retain all information you submit for purposes such as backups, archiving, fraud and abuse prevention, analytics, compliance with legal obligations, or where we reasonably believe we have a legitimate reason to do so.

If you choose not to share certain Personal Data with us, it may impact our ability to provide you with some of the features and functionality of the Service.

We will be sending you informative and promotional notifications related to our services via SMS, Emails, WhatsApp, RCS.

Navigation Information

You can opt out of the collection of navigation information about your visit to the Site by Google Analytics using the Google Analytics Opt-out feature.

Opting out from Commercial Communications

If you receive commercial emails from us, you can unsubscribe at any time by following the instructions within the email or by sending an email to [email protected].

Please note that if you opt-out of receiving commercial emails from us or change the nature or frequency of promotional communications you receive from us, it may take up to ten (10) business days to process your request. Even after opting out of receiving commercial messages, you will continue to receive administrative messages from us regarding the Service.

MSG91 has no direct relationship with the Client's customers or third parties whose Personal Data it may process on behalf of a Client. An individual seeking access or requesting corrections, amendments, deletion of inaccurate data, or withdrawal of consent for further contact should direct their query to the Client or User with whom they interact directly. If the Client requests MSG91 to remove the data, we will respond to the request within thirty (30) days. We will delete, amend, or block access to any Personal Data we store only if we receive a written request from the Client responsible for such Personal Data, unless we have a legal right to retain the data. We reserve the right to keep a copy of such data for archiving purposes or to defend our rights in litigation. Any request concerning Client Data should be sent to [email protected] with the email subject "Data Subject Request" and should include sufficient information for MSG91 to identify the Client or its customer or third party and the information to delete or amend.

How do we protect your information?

An external PCI-compliant payment gateway (Stripe, Inc, Razorpay, and PayPal) handles all credit card transactions, and we conduct regular vulnerability checks to prevent security issues.

Your personal information is securely stored behind protected networks and is only accessible by a limited number of individuals with special access rights, who are required to maintain the confidentiality of this information. Additionally, all sensitive information you provide is encrypted using industry-standard protocols and is transmitted via TLS/SSL technology. We offer 2FA (2-factor authentication) for every account, providing an extra layer of security for your personal data. This ensures the confidentiality, integrity, and availability of our customers' personal data in case of data loss or security breaches.

In the event of a security breach, we have a policy to conduct an immediate investigation of the incident and report it to the competent data protection authority within 72 hours or less. We also notify all affected data subjects of a high-risk data breach incident.

Third-party Services

The Service may contain features or links to websites and services provided by third parties. Any information you provide on third-party sites or services is supplied directly to the operators of those services and is subject to the policies, if any, governing privacy and security set by those operators, even if accessed through the Service. We are not accountable for the content, privacy, and security practices and policies of third-party sites or services to which links or access are provided through the Service. We recommend that you familiarize yourself with the privacy and security policies of third parties before sharing your information with them.

Google

Google's advertising requirements can be summed up by Google's Advertising Principles. They are put in place to provide a positive experience for users.https://support.google.com/adwordspolicy/answer/6008942?hl=en

We have not enabled Google AdSense on our site and we don't plan to do so in future.

If you use Chrome Extensions or Google add-ons developed by MSG91, we may collect data such as your name, email address, through connecting to your Google Account (with your consent). This information won't be displayed to the public nor is it ever shared without your explicit consent. As of today, we don't use login or signup based on your Google Account.

MSG91's use and transfer to any other app of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.

Data Transfer

We may transfer, process, and store Personal Data collected through the Services in centralized databases and with service providers located in the US. The US may not have the same data protection framework as the country from which you may be using the Services. When we transfer Personal Data to the US, we will safeguard it as described in this Privacy Policy and the Terms of Service.

The Service is hosted in the United States or Germany. Regardless of the database being hosted within the European Union, if you choose to use the Service from the EU or other regions of the world with laws governing data collection and use that may differ from US law, please note that you may be transferring your Client Data and Personal Data outside of those regions to the United States for storage and processing by our service providers listed in our Terms of Service. We will adhere to GDPR requirements to ensure adequate protection for the transfer of personal information from Europe to the US. Additionally, we may transfer your data to the US, the EEA, or other countries or regions deemed by the European Commission to provide adequate protection of personal data in connection with data storage and processing to fulfill your requests and operate the Service.

Data Controller and Data Processor

MSG91 does not own, control, or directly oversee the utilization of any of the Client Data stored or processed by a Client or User through the Service. Only the Client or Users have the authority to access, retrieve, and govern the use of such Client Data. MSG91 has limited awareness of the specific Client Data being stored or made accessible by a Client or User through the Service. MSG91 does not directly access this Client Data except when authorized by the Client or when necessary to provide Services to the Client and its Users.

As MSG91 neither collects nor determines the usage of any Personal Data within the Client Data, and because it doesn't establish the purposes, methods of collection, or the uses of this Personal Data, MSG91 is not operating as a data controller under the European Union's General Data Protection Regulation (Regulation (EU) 2016/679, "GDPR"). Thus, it does not carry the associated responsibilities stipulated by the GDPR. MSG91 should be regarded solely as a data processor on behalf of its Clients and Users concerning any Client Data containing Personal Data that falls under the GDPR's requirements. Except as outlined in this Privacy Policy, MSG91 does not independently facilitate the transfer or provision of Client Data containing Personal Data to third parties. This is only done through third-party subcontractors who may process such data on behalf of MSG91 while delivering Services to Clients. Such actions are executed or authorized solely by the respective Client or User.

The Client or the User, as per the Regulation, serves as the data controller for any Client Data containing Personal Data. This means that such a party governs the method by which Personal Data is collected and utilized, as well as determining the purposes and means of processing such Personal Data.

MSG91 is not accountable for the content of the Personal Data within the Client Data or other information stored on its servers (or subcontractors' servers) based on the Client's or User's discretion. MSG91 is also not responsible for how the Client or User manages, discloses, distributes, or otherwise processes such information.

Data Retention

We only retain the Personal Data collected from a User for as long as the User’s account is active or otherwise for a limited period of time as long as we need it to fulfill the purposes for which we have initially collected it, unless otherwise required by law. We will retain and use information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements as follows:

  1. the contents of closed accounts are deleted within 6 months of the date of closure.
  2. backups are kept for 2 months.
  3. information on legal transactions between Client and MSG91 is retained for a period of 5 years.
Third-party cookies

We permit third parties, with whom we have a separate agreement, to use cookies and other technologies for collecting information about your use of the Site. These third parties consist of two categories: (1) business partners who gather information when you view or engage with one of their advertisements on the Site, and (2) advertising networks that collect information about your interests when you view or engage with one of their advertisements.

The data collected by these third parties is employed to make predictions about your interests or preferences. This enables them to display advertisements or promotional material on this Site and on other websites across the Internet, customized to your apparent interests. Business partners and advertising networks that serve interest-based ads on the Services have limited access to a small amount of information regarding your profile and your device. This information is necessary to provide you with advertisements tailored to your apparent interests. They may potentially reuse this limited information on other websites or services.

We do not share any information that could readily identify you, such as your email address, with these third parties. However, these third parties may have access to information related to your device, like your IP or MAC address. We do not possess access to or control over the technologies these third parties use to gather information about your interests. The information practices of these third parties are not covered by this Privacy Policy. Apart from what is discussed in this document, we have no authority over these third parties.

The Following Types of Cookies Are Used in the Site:
  1. Strictly necessary/essential cookies: These cookies are indispensable for enabling you to navigate the website and utilize its features, such as accessing secure areas of the site. Without these cookies, the services you've requested cannot be provided. These cookies do not collect information that can identify a visitor.
  2. Functionality cookies: These cookies enable the website to remember choices you make, like your username, language, or your current region, providing enhanced and more personalized features. For example, a website may offer local weather reports or traffic updates by storing your current region in a cookie. These cookies can also remember alterations you've made to text size, fonts, and other aspects of web pages that you can customize. They may also be used to provide services you've requested, such as watching a video or commenting on a blog. The information collected by these cookies may be anonymized, and they cannot track your browsing activity on other websites.
  3. Behaviorally targeted advertising cookies: These cookies are employed to deliver advertisements that are more relevant to your interests. They are also used to limit the frequency of advertisement displays and measure the effectiveness of advertising campaigns. Typically, these cookies are placed by advertising networks with the website operator's permission. They remember that you've visited a website, and this information is shared with other organizations, such as advertisers. Often, targeting or advertising cookies are associated with site functionality provided by other organizations.
Fair Information Practices

The Fair Information Practices Principles form the backbone of privacy law in the United States and INDIA, and the concepts they encompass have played a significant role in shaping data protection laws worldwide. Understanding the Fair Information Practice Principles and how to implement them is crucial for compliance with the various privacy laws that safeguard personal information.

To align with the Fair Information Practices, we will take the following responsive actions in the event of a data breach: We will notify you via email or through an in-site notification within 7 business days. We also commit to the Individual Redress Principle, which grants individuals the right to legally pursue enforceable rights against data collectors and processors who fail to comply with the law. This principle not only ensures that individuals have enforceable rights against data users but also provides them with recourse to pursue legal action through courts or government agencies to investigate and prosecute non-compliance by data processors.

Modifications

We may update this Privacy Policy periodically without prior notice. However, it's important to note that we will not introduce changes leading to significant additional uses or disclosures of your personal information without notifying you via email. In addition, we may implement non-significant changes to this Privacy Policy that generally won't have a significant impact on how we use your personal information, and such changes won't require an email notification.

We recommend checking this page regularly for any updates. If you find any non-significant changes to this Privacy Policy unacceptable, please reach out to us immediately. Until the matter is resolved, please refrain from using the MSG91 website and any services we provide. Your continued use of our services and the MSG91 website after non-significant changes to this Privacy Policy are posted indicates your acceptance of those changes.

Contact Information

If you have any questions or comments about this Privacy Policy or feel that we are not abiding by the terms of this Privacy Policy, please contact our Privacy Agent in any of the following ways:

  1. By emailing us at [email protected]
  2. By postal mail:
    Walkover Web Solutions Pvt Ltd
    405-406, CAPTAIN C.S.NAYUDU ARCADE,
    OLD PALASIA ROAD, INDORE, Madhya Pradesh
    Last Updated: This Privacy Policy was last updated on 2nd November 2021.