Privacy Policy
How Zlicc handles personal information when you brief us, attend an event we power, or browse this website. Written to comply with the India DPDP Act 2023 and the EU GDPR — and to be readable by humans.
Who we are
Zlicc Global Private Limited ("Zlicc", "we", "us") is a Delhi NCR-headquartered platform that builds digital and AI-powered infrastructure for events, exhibitions, brand activations, and corporate engagements. We operate across India, with headquarters in Delhi NCR and supporting offices in Mumbai and Hyderabad.
This Privacy Policy explains how we handle personal information when you visit www.zlicc.com, brief us on a project, or attend an event powered by our platform. It covers your rights under the India Digital Personal Data Protection Act, 2023 (DPDP Act) and the EU General Data Protection Regulation (GDPR), where applicable.
If you have questions, write to contact@zlicc.com.
What we collect
We collect personal information in three contexts: when you contact us about working together, when you attend an event we operate, and when you browse our website.
When you contact us
- Identity — name, designation, organisation
- Contact — email address
- Brief details — event type, scale, sector, timeline, budget range, anything else you tell us
When you attend a Zlicc-powered event
- Registration data — provided by you to the event organiser, who acts as the data controller for that event
- Engagement signals — poll responses, Q&A entries, badge scans, session attendance, where applicable to the event configuration
- Optional content — selfie images, audio recordings, video footage, only where you actively participate in such moments
For event data, the brand or organiser running the event is the data controller. Zlicc is the data processor and handles your information per their instructions and per applicable law.
When you browse the website
- Usage data — pages visited, time spent, referring source
- Device data — browser type, operating system, approximate location (city-level)
- Cookies — see our Cookie Policy
How we use it
We use personal information for clearly-defined purposes. We do not sell personal information to third parties under any circumstances.
- To respond to your enquiry — preparing a proposal, scheduling a call, sending follow-ups
- To deliver event experiences — running registration, badge access, audience engagement, broadcast, post-event reporting per the event organiser's brief
- To improve our work — analysing aggregate engagement signals to refine our platform and services
- To meet legal obligations — including statutory record retention for regulated events such as listed-company AGMs
We process personal information based on one of the following lawful bases: your consent, the performance of a contract with you, our legitimate business interests, or a legal obligation.
How long we keep it
We retain personal information only for as long as we need it for the purpose it was collected, or as required by law.
- Enquiry data — 24 months from last contact, then deletion or anonymisation
- Event data — per the event organiser's retention policy and our data-processing agreement with them; for regulated events (AGMs, congresses), per statutory retention schedules
- Recordings & transcripts — per the event organiser's instructions; default is one year for non-regulated events
- Aggregate engagement data — anonymised after 24 months
Your rights
Under the DPDP Act, GDPR, and other applicable laws, you have rights over the personal information we hold about you.
- Access — request a copy of the personal information we hold
- Correction — ask us to correct inaccurate or incomplete information
- Erasure — ask us to delete your personal information, subject to retention obligations
- Portability — receive your data in a machine-readable format
- Withdrawal of consent — withdraw consent for any processing based on consent
- Objection — object to processing based on legitimate interests
- Grievance redressal — under the DPDP Act, contact our Grievance Officer (details below)
To exercise any of these rights, write to contact@zlicc.com. We will respond within 30 days.
How we protect it
We use industry-standard security measures appropriate to the sensitivity of the data we hold.
- Encryption — data in transit (TLS 1.2+) and at rest (AES-256) where applicable
- Access control — role-based access, multi-factor authentication for staff
- Operational standards — ISO 27001 aligned operations, SOC 2 Type II controls in progress
- Incident response — defined breach-response procedures, statutory notifications where required
No system is perfectly secure. We will notify you and the relevant data-protection authority of a breach affecting your personal information without undue delay, where required by law.
Children
Our services are designed for business and event-industry use. We do not knowingly collect personal information from anyone under 18. If you believe a minor has provided us with personal information, write to contact@zlicc.com and we will delete it promptly.
Changes to this policy
We may update this policy from time to time. The "last updated" date at the top of this page reflects the latest revision. For material changes, we will notify you through the website or by email where appropriate.
How to reach us
Grievance Officer (DPDP Act)
Anubhav Bajpai
Zlicc Global Private Limited
Delhi NCR, India
Email: contact@zlicc.com
Or use the brief form on the website.
If you are not satisfied with our response, you may approach the Data Protection Board of India under the DPDP Act, or your local data-protection authority under GDPR.
Questions about this policy?
We try to write our legal pages in plain language. If anything here is unclear, or you want to exercise your rights, write to us directly — a real person will respond within five working days.
contact@zlicc.com