Introduction

This Privacy Policy is formulated in accordance with the Digital Personal Data Protection Act, 2023 (DPDPA), rules made thereunder and Information Technology Act, 2000 (“IT Act”) read along with the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (“IT Rules”), including any amended provisions pertaining to digital data and electronic documents and records in various statutes as amended thereunder. The Privacy Policy is to be read together with the Terms and Conditions and all other policies listed and notified on the Website.

This notice outlines our practices in relation to the collection, storage, usage, processing, and disclosure of personal data in the context of you accessing our website and sets out your privacy rights. If you have any questions or concerns about this Privacy Policy or your personal data, please contact us at dpo@leapgreenenergy.com.

Definitions

  • “Automated” means any digital process capable of operating automatically in response to instructions given or otherwise for the purpose of processing data.
  • “Board” means the Data Protection Board of India established by the Central Government under Section 18 of the Digital Personal Data Protection Act.
  • “Child” means an individual who has not completed the age of eighteen years.
  • “Data Fiduciary” means any person who alone or in conjunction with other persons determines the purpose and means of processing of personal data.
  • “Data Principal” means the individual to whom the personal data relates and where such individual is:
    • a child, includes the parents or lawful guardian of such a child; and
    • a person with disability, includes her lawful guardian, acting on their behalf.
    For this Notice, Data Principal will be “You”.
  • “Data Processor” means any person who processes personal data on behalf of a Data Fiduciary.
  • “Personal Data” means any data about the Data Principal who is identifiable by or in relation to such data.
  • “Personal Data Breach” means any unauthorized processing of personal data or accidental disclosure, acquisition, sharing, use, alteration, destruction or loss of access to personal data, that compromises the confidentiality, integrity or availability of personal data.
  • “Processing” means a wholly or partly automated operation or set of operations performed on digital personal data, and includes operations such as collection, recording, organization, structuring, storage, adaptation, retrieval, use, alignment or combination, indexing, sharing, and disclosure by transmission.

Personal Data Collected

We collect your data for various purposes set out in this Privacy Notice. This data includes, without limitation, the following categories:

  • Personal identifiers such as full name and contact information like phone number, email, address, and postal address.
  • Product and service information such as registration ID, username, password, and any such information shared for our services when you request products and/or services directly from us or participate in marketing programs.
  • Your resume and other details disclosed during the hiring process.

How the Data is Collected

We may, at times, collect your personal data in one of the following ways:

  • When you voluntarily share or provide your explicit consent.
  • Automatically via technologies such as cookies.
  • Via communication channels such as e-mail, phone number, kiosks, subscription channels, etc.
  • Information you previously shared with Leap Green or other entities of the Company for which you have given explicit consent for intra-group transfers and have not subsequently withdrawn.
  • Information about usage of the Website, including crash logs and usage statistics.
  • When you share your data with our authorized third-party agents, sales executives, customer service executives, or any Leap Green employees.
  • When you participate in a survey, offline event, campaign, or promotional activity.
  • Personal data collected by our third parties working on our behalf, including agencies.
  • Social media account details (based on the permissions given by you) when you use them to create login credentials or connect to any account offered by us.

Processing Personal Data of a Child or Person with Disability

  • This Website is not intended for children under the age of 18 years. You should not interact with, register on the Website, or submit your personal information in the absence of parental consent.
  • If you are below the age of 18 years, we recommend that you browse our Website under parental supervision.
  • At any point in our business, we do not directly or knowingly collect personal data from children. If we identify that we have unintentionally collected personal data from a child below the age of 18, we will promptly remove that child’s personal data from our records.
  • We may collect personal data about children under the age of 18 years or persons with disabilities from the parent or legal guardian directly after obtaining their verifiable consent.
  • If you believe we might have any information from or about a child or person with disability in the absence of parental or lawful guardian consent, please contact us at dpo@leapgreenenergy.com.

Purpose of Collection

We collect and process data for the following purposes:

Based on your consent:

  • For order management, including placing the order, shipment, delivery, return or exchange, tracking orders, or any other relevant activity.
  • For profile management, including creating a profile, updating the profile, editing details, deleting the profile, and other relevant activities.
  • To resolve your query, concern, or enquiry when you write to our email address or interact through a chatbot.
  • To enhance our services based on the feedback, opinion, or suggestions shared by you.
  • For customer service purposes.
  • To communicate information to you and to manage your subscription to our newsletter or other promotional communications.
  • To reach out to you about offers from our brands or events and offers relating to our products and brands.
  • To improve our future offerings, including products and services.
  • To enhance your experience on our Website.

Based on legitimate interests:

  • For processing your candidature for relevant job openings.
  • For providing services post-employment.
  • For troubleshooting purposes.
  • To prevent the Website and applications from cyber-attacks.

For compliance with legal obligations:

  • Compliance with applicable labour and other relevant laws.
  • Protecting against and preventing fraud, illegal activity, harm, financial loss, and other legal or information security risks.
  • Defending any claim in a potential or actual investigation or litigation.

Transfer of Data (Across Borders, Intra-Group, Third Parties)

We transfer personal data between our group companies, including our parent company and cloud servers managed by our authorized vendors for the purposes described above based on your consent or to complete any transaction or provide any product or service you have requested or authorized.

We may appoint and engage other companies and individuals to perform functions on our behalf. These functions include fulfilling orders for products or services, delivering packages, sending e-mails, removing repetitive information from customer lists, providing marketing assistance, processing payments, medical support to Leap Green employees, and providing customer service.

We may also share the data when we believe that disclosure is reasonably necessary:

  • To comply with a law, regulation, or compulsory legal request.
  • To protect the intellectual property, intellectual property rights, and employment rights of Leap Green.
  • To defend, protect, and prevent fraud, illegal activity, harm, or financial loss to Leap Green.
  • When we believe disclosure is necessary to protect individuals’ vital interests.
  • In connection with an investigation of suspected or actual fraudulent or illegal activity, including exchanging information with other companies and organizations for fraud protection, risk management, and dispute resolution.

We may also share your data with other third parties where:

  • You request or authorize us to do so.
  • We need to comply with applicable law or respond to valid legal process.
  • We need to operate and maintain the security of our Website, application, and platform, including to prevent or stop an attack on our computer systems or networks.
  • The sharing of your data is in line with the processes set out in this Privacy Policy.

Where we transfer personal data outside of the country, we transfer personal data based on adequacy to other countries (as determined by law), consent with appropriate safeguards in place, and when it is required by law or regulation for the purposes defined in this notice.

Security of Personal Data

We have implemented adequate and applicable technical and organizational measures to keep your personal data secure and confidential, including but not limited to:

  • Secure data servers to store personal data.
  • Restriction of access to your personal data to Leap Green employees, contractors, processors, third parties, or any other authorized party strictly on a need-to-know basis.
  • Implementation of physical, electronic, administrative, technical, and procedural safeguards that comply with all applicable laws and regulations to protect your personal data from unauthorized or inappropriate access, alteration, disclosure, and destruction.
  • Leap Green employees, contractors, and authorized processors who misuse personal data are subject to strict disciplinary action, as such misuse is a violation of Leap Green policy.
  • Measures to deal with any suspected data breach. If you suspect any misuse, loss, or unauthorized access to your data, please let us know immediately by contacting us through e-mail at dpo@leapgreenenergy.com.
  • It is important for you to protect against unauthorized access to your device, application, password(s), and/or PIN while accessing shared systems. Be sure to sign off when you are done using a shared system. It is your responsibility not to share your PIN/password with anyone and to alert us if you believe that the security of your personal data is compromised.

Retention and Storage of Data

We will retain your personal data pursuant to business purposes and in line with our retention policies. We will keep your personal data only for as long as is reasonably necessary, taking into consideration the purposes outlined above, to comply with legal requirements, resolve disputes, enforce our agreements, and as long as processing and retaining your data is necessary for our legitimate interests. Because these needs can vary for different data types and purposes, actual retention periods can vary significantly.

Even if we delete your data, including on account of the exercise of your right to deletion of personal data, it may persist on backup or archival media for audit, legal, tax, or regulatory purposes.

For more information on where and how long your personal data is stored, and for more information on your rights of erasure, please contact our team using the details available in the contact section below.

Rights of Data Principals

You have various rights in relation to the personal data that we hold about you. To get in touch with us about any of your rights under the DPDPA, please use the contact details set out in the section below.

You may be entitled to the following rights in relation to your personal data:

  • Right to access information about personal data.
  • Right to correction of personal data.
  • Right to erasure of personal data.
  • Right of grievance redressal regarding the performance of obligations by Leap Green.
  • Right to nominate in the event of death or incapacity.

Please note that we may keep a record of your communications to help us resolve any issues raised by you. Where we are legally permitted to do so, we may refuse your request.

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal information changes during the period for which we hold it.

Links to Third-Party Websites

Leap Green may redirect you to or share personal data with third parties. Please note that if you follow a link to any of these websites, such websites may apply different terms to the collection and privacy of your personal data, and we do not accept any responsibility or liability for these policies. When you leave our Website, we encourage you to read the privacy policy of every website you visit.

How to Contact Leap Green and the DPO

To exercise your rights related to your personal information or to otherwise reach us, please submit a request by e-mailing us at dpo@leapgreenenergy.com. You may contact us for information on service providers, partners, and group entities with whom we may share your data in compliance with this Privacy Policy and applicable law.

Consent Withdrawal Mechanism

When processing your personal data based on your consent, you have the right to withdraw your consent at any time by writing an e-mail to us at dpo@leapgreenenergy.com. The consequences of such withdrawal shall be borne by you, and such withdrawal shall not affect the legality of processing of personal data based on consent before its withdrawal.

As soon as consent is withdrawn, Leap Green and its processors will cease all processing of your personal data but may retain the data as per our retention and deletion guidelines.

Changes to this Policy

We may change this policy from time to time. If we make any changes to this policy, we will change the “Last Update Date” below. You agree that your continued use of our services after such changes have been published to our services will constitute your acceptance of such revised policy.

We will notify you and seek additional consent before using your personal data for a new purpose that is inconsistent with the original purpose for which we collected it.

Last Update Date

22/04/2026

For Enquiries

Please contact: +91 422 2209500