Privacy Policy

Effective date: 02-01-2025

Contents

Scope & Purpose
Data We Collect
How We Use Your Data
Legal Basis & Lawful Processing
Cookies & Tracking
Your Rights
Data Retention
Third Parties & Processors
Breach Notification
Changes to this Policy
Contact

1. Scope & Purpose

This Privacy Policy explains how NIST Global (“we”, “us”, “our”) collects, uses, stores and discloses personal data when you visit our website nistglobal.com, use our services, or otherwise interact with us. It also outlines your rights and how we protect your personal data through appropriate organizational and technical measures.

2. Data We Collect

We collect personal data necessary to provide services, comply with legal obligations, and operate our website safely and effectively. This may include:

Identity & contact data: name, email address, job title, postal address, phone number.
Account & transaction data: registration data, purchase history, invoices.
Technical & usage data: IP address, browser type, device identifiers, cookies, pages visited, referring URLs, timestamps, and analytics data.
Communications: correspondence with support, enquiry forms, and call records (where lawful and with notice).
Sensitive categories: we do not routinely collect sensitive data. If we do, we will state the lawful basis and obtain explicit consent where required.

3. How We Use Your Data

To provide and maintain our services and website functionality.
To respond to inquiries, deliver notifications and customer care.
To process orders, invoices and payments where applicable.
To improve our site, perform analytics, and tailor content.
To meet legal and regulatory obligations, including recordkeeping.
To detect, prevent and respond to security incidents and misuse.

4. Legal Basis & Lawful Processing

Where applicable (e.g., under the GDPR), we rely on the following legal bases:

Consent — for specific purposes like marketing emails.
Contract — to perform a contract you have entered into with us.
Legal obligation — when required to comply with applicable laws.
Legitimate interests — for business interests such as fraud prevention or website improvement (balanced against your rights).

For users in India, processing of digital personal data complies with the Digital Personal Data Protection Act, 2023 and related rules where applicable.

5. Cookies & Tracking

We use cookies and similar technologies to operate our website, analyze traffic, and serve relevant content. You can manage cookie preferences through your browser or via our cookie banner where shown. Essential cookies required for site operation will be set by default; non-essential cookies (analytics, marketing) will require consent where required by law.

Type	Purpose	Retention
Essential	Site functionality and security	Session or persistent
Analytics	Usage measurement to improve site	13–24 months
Marketing	Personalized content & advertising	Varies by provider

6. Your Rights

Depending on your location and applicable law, you may have some or all of the following rights regarding your personal data:

Right to access and obtain a copy of your data.
Right to correct inaccurate or incomplete data.
Right to request deletion of your data where applicable.
Right to restrict or object to processing.
Right to data portability in a commonly used format.
Right to withdraw consent where processing is based on consent.
Right to lodge a complaint with a data protection authority.

To exercise your rights, contact us at info@nistglobal.com. We will respond within the required legal timeframe.

7. Data Retention

We retain personal data only as long as necessary to provide services, comply with legal obligations, resolve disputes, or enforce agreements. Retention periods vary by data type, for example:

Transactional records and invoices: up to 7 years (per tax law).
Support tickets and correspondence: 2–5 years.
Marketing consent records: until consent is withdrawn plus any legally required period.

When data is no longer required, it is securely deleted or anonymized.

8. Third Parties & Processors

We may share data with trusted third-party service providers (e.g., hosting, analytics, or payment processors) who act on our behalf and under contractual obligations to process data only per our instructions. We do not sell personal data to third parties.

9. Data Breach Notification

In the event of a personal data breach, we will investigate promptly and, if required by law, notify affected individuals and relevant authorities within the applicable timeframe.

10. Changes to This Policy

We may update this Privacy Policy to reflect legal or operational changes. The “Effective date” above indicates when this version became active. If we make significant updates, we will notify users as required by law.

11. Contact

For any privacy-related questions, requests, or concerns, contact:

Privacy Officer — NIST Global
Email: info@nistglobal.com
Address: 574, Anna Salai, opposite to Anna Arivalayam, T.V.K Colony, Teynampet, Chennai, Tamil Nadu 600018
Phone: 96771 11486