Cookie Policy

1. Introduction

SIS Group Enterprises (hereinafter ‘SIS’, ‘we’, ‘us’, or ‘our’) is committed to protecting the privacy and personal data of all individuals who visit our website at www.sisindia.com (the ‘Website’). This Cookie Policy explains what cookies are, how we use them, your choices regarding their use, and how this Policy aligns with the Digital Personal Data Protection Act, 2023 (DPDP Act) and applicable Indian law.

By using our Website, you acknowledge that you have read and understood this Cookie Policy. Where cookies process your personal data, your explicit consent will be sought through our cookie consent banner before any non-essential cookies are placed on your device.

2. What Are Cookies?

Cookies are small text files placed on your computer, smartphone, or other device when you visit a website. They are widely used to make websites work efficiently, to remember your preferences, and to provide information to website operators.

Cookies may be classified as:

• Session cookies — temporary files deleted automatically when you close your browser
• Persistent cookies — files that remain on your device for a defined period or until you delete them
• First-party cookies — set directly by sisindia.com
• Third-party cookies — set by external service providers we use (such as analytics or advertising platforms)

3. Cookies We Use

We categorise the cookies deployed on our Website as follows. Each category is described with its purpose, retention period, and whether your consent is required before it is activated.

4. Legal Basis for Cookie Processing

We rely on the following legal bases under the Digital Personal Data Protection Act, 2023:

• Strictly Necessary cookies: deployed on the basis of our legitimate operational need to provide the Website to you. These do not require your consent and cannot be disabled.
• All other cookie categories: deployed only upon your free, specific, informed, unconditional, and unambiguous consent, expressed through an affirmative action on our cookie consent banner — in compliance with Section 6, DPDP Act 2023.
• No conditional access: you will not be denied access to the public areas of our Website solely because you decline non-essential cookies.

5. Your Rights and Choices

5.1 Cookie Consent Banner

When you first visit our Website, a cookie consent banner will be displayed. You may choose from the following options:

• Accept All Cookies — consent to all cookie categories (Preference, Analytics, and Marketing)
• Reject Non-Essential Cookies — allow only Strictly Necessary cookies; your visit is not affected
• Customise Preferences — individually enable or disable each non-essential category

5.2 Modifying Your Preferences

You may update your cookie preferences at any time by clicking the ‘Cookie Settings’ link in the footer of our Website. Changes take effect immediately across our systems.

5.3 Withdrawing Consent

You have the right to withdraw your consent at any time. Upon withdrawal, we will immediately cease the collection and processing of personal data through the relevant cookies — no grace period applies. Withdrawal does not affect the lawfulness of processing based on consent prior to the withdrawal.

5.4 Browser-Level Controls

Most browsers allow you to refuse or delete cookies through their settings. Instructions vary by browser — please refer to your browser’s help documentation. Please note that disabling all cookies may impair the functionality of our Website.

5.5 Data Principal Rights Under the DPDP Act

As a data principal, you have the following rights in respect of personal data processed through cookies on our Website:

• Right to information — know what personal data we hold and why we process it
• Right to correction — request correction of inaccurate or incomplete data
• Right to erasure — request deletion of your personal data when it is no longer required
• Right to withdraw consent — withdraw cookie consent at any time with immediate effect (Section 6(4), DPDP Act)
• Right to grievance redressal — raise a complaint with our Data Protection Officer or escalate to the Data Protection Board of India
• Right to nominate — nominate a person to exercise these rights on your behalf

6. Third-Party Cookies and Service Providers

We use certain third-party services on our Website that may set their own cookies. We do not control these third-party cookies. We encourage you to review the privacy and cookie policies of each third party:

• Google Analytics (Alphabet Inc.) — Analytics cookies tracking site usage
  https://policies.google.com/privacy
• LinkedIn (Microsoft Corporation) — Marketing and retargeting cookies
  https://www.linkedin.com/legal/cookie-policy
• Meta (Facebook, Inc.) — Advertising and campaign measurement cookies
  https://www.facebook.com/policies/cookies/

SIS will update this list as our third-party service relationships change. Where third-party service providers process personal data on our behalf, appropriate data processing agreements are in place.

7. Data Retention

We retain cookie-derived personal data only for as long as necessary for the purpose for which it was collected, consistent with the data minimisation and retention principles of the DPDP Act. Specific retention periods are set out in the cookie table in Section 3.

• Consent records (timestamps, notice version, categories consented to) are retained for as long as necessary to demonstrate compliance with the DPDP Act and respond to any inquiry from the Data Protection Board.
• Cookie preferences automatically expire at the end of the periods specified in Section 3, at which point you will be invited to renew your consent.
• Personal data is not retained beyond the expiry of the associated cookie or consent, whichever is earlier, except where retention is required by applicable law (e.g., tax, financial, or regulatory obligations).

8. Children’s Privacy

Our Website is not directed at children under the age of 18 years. We do not knowingly deploy marketing or behavioural tracking cookies in respect of minors, and we do not permit behavioural monitoring of children.

If verifiable parental or guardian consent has not been obtained, and we become aware that personal data of a minor has been processed through our Website, we will take immediate steps to delete that data. If you believe we have inadvertently processed data relating to a minor without appropriate consent, please contact us immediately using the details in Section 11.

9. Cross-Border Data Transfers

Certain third-party analytics and marketing cookies may result in the transfer of personal data to servers located outside India (including servers in the United States and the European Union). Any such transfers will be subject to the applicable provisions of the DPDP Act 2023 and the safeguards specified under the Digital Personal Data Protection Rules, 2025 (once notified).

We will update this section once the cross-border transfer framework under the DPDP Act is fully notified by the Central Government.

10. Updates to This Policy

We may update this Cookie Policy from time to time to reflect changes in applicable law, technology, or our data practices. The ‘Last Updated’ date at the top of this Policy will be revised accordingly.

• Material changes will be communicated through a prominent notice on our Website prior to the change taking effect.
• Where a change affects the purposes for which we use your personal data through cookies, we will seek fresh consent before placing the relevant cookies on your device.

We encourage you to review this Policy periodically to remain informed of how we use cookies.

11. Contact Us and Grievance Redressal

For any questions or concerns about this Cookie Policy, or to exercise your rights as a data principal under the DPDP Act, please contact us using the details below. We will respond within the timelines prescribed under the DPDP Act.