Effective Date: September 1, 2025
SandMartin Consultants Pvt. Ltd. (“SandMartin”, “we”, “us”, “our”) is committed to protecting the privacy and security
of personal information entrusted to us. This Privacy Policy explains how we collect, use, disclose, store, and protect personal data when you visit
https://www.sandmartin.com (the “Website”) or otherwise interact with our services.
We align our practices with applicable Indian law and industry standards, including the SOC 2 Trust Services Criteria issued by the AICPA.
This Policy applies to personal information collected by SandMartin through the Website and related online interfaces. It does not extend to external websites
or services that may be linked from our Website; their privacy practices are governed by their own policies.
We collect information that is necessary and proportionate to the purposes described in this Policy. This includes information you provide directly and certain
data collected automatically during your visit.
a) Information Provided by You. When you contact us, submit an inquiry, or subscribe to updates, we may collect your name, designation, organization, email address, telephone number, and any additional information you provide.
b) Information Collected Automatically. Our servers may record technical data such as IP address, browser type, device identifiers, operating system, referral URLs, and date/time of access. We may also collect aggregated usage information to improve Website performance and relevance.
c) Cookies and Similar Technologies. We use cookies and analytics tools to recognize returning visitors, personalize content, and understand traffic patterns. You may disable cookies in your browser; some features may not function optimally if you do so.
We do not intentionally collect sensitive personal data (e.g., financial, health, or biometric information) via the Website unless explicitly provided and required for a stated purpose.
We process personal information for lawful purposes including: responding to inquiries and providing requested information; operating, maintaining, and improving
the Website; ensuring the security and integrity of our systems; complying with legal obligations; and communicating about our services where permitted.
Depending on context, our legal bases may include consent, performance of a contract, legitimate interests, and compliance with legal requirements.
We retain personal information only for as long as necessary to fulfill the purposes set out in this Policy or as required by law. When data is no longer required,
it is securely deleted or irreversibly anonymized in accordance with our internal retention schedules.
We do not sell, rent, or trade personal information. We may disclose data to trusted service providers (such as hosting, analytics, communications, or CRM platforms)
that process data on our behalf subject to written agreements with confidentiality and SOC-2-aligned controls. We may also disclose information where required by law, in connection
with corporate transactions, or to protect our rights and the safety of users.
Personal information may be processed or stored on servers outside India. Where such transfers occur, we ensure that appropriate safeguards are in place so that your information
receives a level of protection substantially equivalent to that under applicable law.
We maintain a layered security framework consistent with the SOC 2 Trust Services Criteria, including encryption in transit and at rest, role-based access controls,
authentication protocols, regular vulnerability assessments, and monitoring. While we take reasonable measures to secure information, no system is completely secure.
In the event of a data incident, we will investigate promptly and notify affected individuals and, where applicable, regulators in accordance with legal requirements.
Subject to applicable law, you may request access to your personal data, seek correction or deletion, withdraw consent, object to specific processing, or request a portable copy of your data.
To exercise these rights, contact our Data Protection Officer using the details below. We may request information to verify your identity before fulfilling a request.
Our Website and services are not intended for individuals under the age of 18, and we do not knowingly collect personal information from minors. If we become aware
that such information has been collected, we will delete it without undue delay.
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or operational needs. The latest version will be posted on this page and identified
by the “Effective Date” shown above. Your continued use of the Website after changes become effective constitutes acceptance of the revised Policy.
Data Protection Officer / Privacy Contact
Name: Sunil Kumar
Designation: Data Protection Officer
Email: datacompliance@sandmartin.com
Address: C-14, Sector 7, Noida -201301, Uttar Pradesh, India
