At Meritus Intelytics Private Limited (“Merilytics”), we are
committed to the privacy of our users, and we deeply care about the personal
information that you share with us. We handle and process your data in a secure
manner as per the guidelines mentioned below.

This Privacy Policy is applicable to all Data Subjects (defined below)
(“You” and/or “Your”) who may receive
Information, have access to Information collected or processed, or who provide
Information to Merilytics, regardless of geographic location. All partner
entities and any third-party working with or for Merilytics, and who have or may
have access to Information, will be expected to have read, understood and be in
compliance with this Privacy Policy. No third party may access personal
information held by Merilytics without having first entered into a
confidentiality agreement and bound by the same obligations as Merilytics under
this Privacy Policy.

Please read the Privacy Policy carefully. By using or availing our Services, You
agree to the practices and policies set forth in this Privacy Policy, and You
hereby acknowledge and expressly consent to our collection, use, processing,
storing, disclosure and/ or transfer of Your Information as described
hereinunder. By continuing to use our Services, You confirm that You are 18
years of age or older.

In this Privacy Policy, We set out the types of Information that We may collect,
the purpose of collection of the Information, how We collect, use, disclose,
transfer, and store Your Information, so that you can make an informed decision
in relation to the sharing of Your Information with Us. By visiting our website
or using our Services or by giving us Your Information, You accept the
collection and processing of Your Information as described in this Privacy
Policy.

The terms “we”, “us” and “our” shall mean the website, domain, or platform and
Merilytics, as the context so requires. This privacy policy
(“Policy”) will be applicable to Merilytics to the extent
applicable under applicable laws and the Information Technology (Reasonable
security practices and procedures and sensitive personal data or information)
Rules, 2011 (“SPDI Rules”).

Please note that this Policy does not apply to websites maintained or services
rendered by other companies or organizations with which we partner with and/or
link, and we are not responsible for any personal information you submit to
third parties via our services. Please ensure that you read the privacy policy
of such third parties before submitting your details.

1. DEFINITIONS
   
   1. Data Subject means the subject of PI and/or SPDI and
      includes Employees, contractors, vendors, suppliers, customers,
      researchers, lab assistants, and clinical trial patients.
   2. Employee means a current or former employee or full
      time or part time associate or consultant or intern of Merilytics and
      covers all stages of the employment cycle including recruitment and
      selection, promotion, evaluation and training.
   3. Information: PI and SPDI, collectively.
   4. Personal Information (“PI”) is information that relates
      to an identified or identifiable individual or device, including, but
      not limited to, name, address telephone number, email address, username
      and password, photograph, government-issued identifier, or any other
      data used or intended to be used to identify, contact or precisely
      locate an individual or device.
   5. Processing refers to any action performed on
      Information, such as collecting, recording, organizing, storing,
      transferring, modifying, using, disclosing, uploading or deleting.
   6. Sensitive Personal Data and/or Information (“SPDI”) is
      information relating to (i) financial information such as bank account
      or credit card or debit card or other payment instrument details; (ii)
      physical, physiological and mental health condition and medical records
      or history; (iii) sexual orientation; (iv) genetic or biometric
      information; (v) racial and ethical origin; (vi) political opinions,
      religious or philosophical beliefs; (vii) any other details relating to
      the above provided to Merilytics for rendering its services; and (viii)
      any information received pursuant to the above by Merilytics for
      processing, or storing such information under a lawful contract or
      otherwise;

      Provided that any information that is freely
      available or accessible in public domain or furnished under the Right to
      Information Act, 2005 or any other law for the time being in force will
      not be considered to be SPDI.

2. COLLECTION, USE & PROCESSING OF YOUR PERSONAL INFORMATION:</strong >
   

   Personal Information that we collect:

   For the purposes of this
   Policy, “Personal Information” (with reference to the SPDI Rules) is any
   data which relates to an individual who may be identified from that data,
   that you voluntarily submit it to us (including in relation to enquiring
   about career opportunities or applying for a job through our website), or
   from a combination of a set of data, and other information which is in
   possession of Merilytics.

   You always have the option to not
   provide Information however, by choosing the option of not providing
   information, you may not be able to continue to avail our services or enjoy
   the full extent of Website or seek employment with Merilytics, as the case
   maybe.

   Please note that we collect certain type information automatically when you
   visit our website. This information does not reveal your identity (like
   name, email address etc.) but may include usage and device information like
   IP addresses, browser characteristics, language preference, referring URLs,
   device location etc. We gather this information to maintain security and
   operations of the services rendered and for our internal analytics and
   reporting purposes. We collect this information through cookies and similar
   technologies which is general industry practice.

   Merilytics also gathers various types of Information from its Employees, as
   explained below. Merilytics will take reasonable steps to accurately record
   the information that you provide to us and any subsequent updates we collect
   the following types of information:

   • Information provided by You: We shall receive, store,
     and process the Information you knowingly and willingly provide to us
     which includes name, address, photograph, biometric data, phone number,
     date of birth, email address, pan card, Aadhar card, utility bill
     copies, passport, educational qualification, past employment records,
     health records, past travel records, bank and insurance details, proof
     of income-tax savings, proof of identity, proof of address, details of
     family members, CCTV recordings, audio recordings, and any other such
     details required to perform administrative and legal obligations in
     capacity of an employer or potential employer. You always have the
     option to not provide Information however, by choosing the option of not
     providing information, you may not be able to continue your employment
     with us or seek employment with us, as the case may be.
   • Information collected from other sources: Merilytics
     might receive Information about you from other sources such as when we
     conduct background verification checks on you from your past employers
     or any other third party. You acknowledge and agree that if you provide
     any Information that is untrue, inaccurate, not current or incomplete
     (or becomes untrue, inaccurate, not current or incomplete over a period
     of time), or we have reasonable grounds to suspect that such information
     is untrue, inaccurate, not current or incomplete, we have the right to
     terminate your employment or not offer you employment at our sole
     discretion
3. PURPOSE OF COLLECTING YOUR INFORMATION
   
   1. Personal Information will be used We will use your Information in relation to:
      
      • gathering information such as source of traffic to the website, time
        spent on each page, understanding which parts of the website are
        visited and how frequently;
      • determining what is most effective about our website, and to
        identify ways to improve it by providing better usability,
        troubleshooting and site maintenance;
      • responding to the enquiries made by you;
      • contacting you and responding to your questions or requests; or
      • providing access to desirable content based on your preferences.
   2. Legal basis for processing your Personal Information:

      We
      collect, store, use, share, transfer, analyse, process, or otherwise
      handle Personal Information for the purposes mentioned above, in
      accordance with applicable legal requirements: (a) for legitimate
      business; or (b) compliance purpose; or (c) if individuals have provided
      consent to the same or any relevant basis as defined by the applicable
      laws or regulations; or (d) when it is necessary for the performance of
      a contract to which you are the party.

      The Personal Information shall be retained by us for such periods in
      accordance with applicable law or for legitimate business purposes. When
      Merilytics no longer needs to keep Personal Information for the
      purposes, for which they are held, we will delete the same.

      It is your sole responsibility to ensure that the information being
      shared with us is accurate. Merilytics shall not be responsible for the
      authenticity or correctness of the Personal Information supplied by you.
      Upon becoming aware or being notified about such inaccuracy by you,
      Merilytics will either erase the Personal Information or require you to
      review and rectify the inaccuracy without delay.

   3. The Information collected from Employees is collected for the purposes of recording in/out time, implementing biometric access controls, payroll, bonus, employee benefit and welfare management, appraisals, trainings, promotional and marketing events, background verification, security and safety, insurance policies, travel and hotel bookings and taxation and other administrative and legal obligations/ processes in capacity of an employer.
4. CONSEQUENCES OF NOT PROVIDING PERSONAL INFORMATION:
   

   By using this website or by giving us your Personal Information, you have:
   (a) read and accepted the terms set out hereunder, and (b) provided your
   express informed consent to us collecting, storing, processing,
   transferring, and sharing your Personal Information as set out in this
   Policy.

   You have the option of not providing us with your Personal Information and
   may also withdraw your consent provided by writing to us at:
   info@www.merilytics.com

   Kindly note that if you are unable to share information with us, we will be
   constrained in the level of services provided by us to you as discussed
   above.

5. DISCLOSURE OR SHARING OF PERSONAL INFORMATION:
   

   Your Personal Information will not be sold to third parties
   under any circumstances. We may use and/or share or disclose your
   Information within Merilytics or with any of its subsidiaries, their
   business partners, investors, service vendors, authorized third-party
   agents, contractors, regulatory or governmental authorities (a) for and in
   relation to items as set out in Paragraph 3(ii) above; or (b) if third-party
   service providers engaged by us, require access to your Personal Information
   to perform their functions. We may disclose and/or transfer your information in connection
   with the sale or merger of Merilytics or any transaction that involves the
   sale or assignment of some or all of our assets or for the purposes of
   re-organization, amalgamation, restructuring of business.

   We may also disclose your information to law enforcement offices, government authorities or agencies, third party rights owners, or others in the good faith belief that such disclosure is reasonably necessary to enforce this Policy, respond to claims or protect the rights, property or personal safety of the general public, or as otherwise required by law or permitted by law.

   We may also disclose your information if required to do so by law or in good faith belief that such disclosure is reasonably necessary to respond to summons, court orders, or other legal process, government authorities, courts, dispute resolution bodies, our regulators, auditors, and any party appointed or requested by our regulators to carry out investigations or audits of our activities. In the foregoing circumstances, we shall not be under any obligation to intimate or notify you, or to obtain your consent, for such disclosure, sharing or transfer of your information.

   If Merilytics shares your Information to the third parties as mentioned above for purposes stated in this Policy, Merilytics will use its best endeavours to put in place appropriate controls and safeguards to ensure that your Information is adequately protected and processed only for specified and reasonable purposes in a manner that is fair, transparent and has a lawful basis, and is stored for no longer than is absolutely necessary.

   Further, Merilytics takes steps to ensure that third parties with whom Merilytics shares your information also adopt an adequate, reasonable level of security practices and procedures that are at least as protective as those described in this Policy and obligated by the Information Technology Act, 2000 and the Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011, to ensure the privacy and security of your Information.

6. YOUR RIGHTS WITH RESPECT TO INFORMATION
   

   You also have an option to access your Personal Information in order to
   view, add, alter, update and/or modify Information provided to Merilytics
   and may reach out to our Grievance Redressal Officer, the details of which
   are mentioned below.

7. SECURITY MEASURES:
   

   We have appropriate technical, organizational, and security measures in
   place to prevent your Personal Information from being accidentally lost,
   used, or accessed in an unauthorized way, altered, or disclosed. Further, we
   have robust procedures in place to deal with any suspected data security
   breach and will notify you and any applicable regulator of a suspected
   breach where we are legally required to do so.

8. HOW TO CONTACT US:
   

   If you have a privacy concern or complaint or a question regarding this
   Policy, please direct it to our Grievance Redressal Officer, Aiman Fatima, at
   merilytics_grievancecell@www.merilytics.com indicating your concern in detail.
   The Grievance Redressal Cell shall redress your grievances within one month
   from the date of receipt of the grievance.

   For the purposes of the Information processed under this Policy, the
   controller for the data retained and collected through our website(s) is
   Meritus Intelytics Private Limited, 2nd floor, Gutenberg IT Park, Kondapur,
   Hyderabad 500084, India.

9. CHANGES TO THIS PRIVACY POLICY:
   

   Merilytics may decide to update this Policy from time to time to ensure that
   the same stays relevant and adheres to extant applicable regulatory
   requirements and standards that Merilytics is certified on. The updated
   version of this Policy will be identified by the “Revised Date” and
   “Version” mentioned at the bottom of this document.

Revised Date: April 2023
Version: [1.0]