Crompton Greaves Consumer Electricals  
Limited (“Crompton”)  
Privacy Notice (External)  
Internal  
Privacy Notice  
Effective Date: 1st day of July 2025 Last  
Updated: 1st day of July 2025  
Public  
CGCEL LOGO  
CGCEL Privacy Notice (External)  
External  
Crompton Greaves Consumer Electricals Limited ("CGCEL," "we," "us," or "our") respects your privacy  
and is committed to protecting your personal data. This Privacy Notice explains how we collect, use,  
share, and protect your personal data when you use our website, mobile application, and other online  
services (collectively, the "Services"). This Privacy Notice is in compliance with the Digital Personal Data  
Protection Act, 2023 ("DPDPA") and other applicable data protection laws.  
1. Scope and Applicability  
This Privacy Notice applies to individuals who interact with our Services, including visitors, users, and  
customers ("you" or "your"), including those using CGCEL’s Internet of Things (IoT) enabled devices. It  
is intended for individuals residing in India and is aligned with applicable Indian data protection laws.  
This Privacy Notice does not apply to our employees, interns, or contractors, whose personal data is  
governed under a separate Employee Privacy Notice. It also does not apply to third-party websites,  
applications, or services that may be linked from our platform. We encourage you to review the privacy  
policies of such third parties to understand how they handle your information.  
If you use CGCEL’s IoT devices, this Privacy Notice also applies to any personal data collected through  
such devices, including but not limited to device identifiers, usage logs, location information, and  
environmental or sensor data.  
In situations where a specific privacy notice is not presented at the point of data collection, the most  
recent version of the Privacy Notice available on our official website shall apply and will govern the  
collection, use, and processing of your personal data. We encourage users to review the Privacy Notice  
on our website regularly to stay informed about how we protect and use your data.  
2. Which categories of personal data do we collect and how do we  
process such personal data?  
The Personal Data relating to you which we may collect, use, transfer, disclose or otherwise process,  
includes:  
#
Category of  
Personal Data  
Specific Data Fields  
Requirement  
Purpose of  
Processing  
Goods or Services  
Enabled  
1
Identity and  
Contact  
Information  
Name  
Phone number  
Email  
Postal address  
Date of birth  
Mandatory for  
service  
provision  
Account creation  
Communication  
Identity  
Access to CGCEL  
• •  
services, account  
management, and  
personalized support  
verification  
Public  
Document ID: Internal  
Page 2 of 8  
CGCEL LOGO  
CGCEL Privacy Notice (External)  
External  
2
Transaction  
and Payment  
Data  
Payment method  
details  
Transaction history  
(processed via  
secure thirdparty  
payment  
Mandatory for  
purchases  
Order processing Product purchase,  
Fraud prevention billing, and order  
• •  
Financial  
reporting  
fulfilment  
gateways)  
3
4
5
Device  
Technical  
Data  
and  
IP address  
Automatically  
collected  
Website  
functionality  
Security  
Analytics  
Ensuring secure  
platform usage and  
service optimization  
• •  
Browser type  
Device identifiers  
Log files  
Usage Data  
Interaction with our Optional, user-  
Service  
Enhanced user  
experience and  
tailored content  
website/app  
Preferences  
Feedback  
improvement  
Personalization  
Analytics  
provided  
Marketing  
Preferences  
Subscription status Optional, based  
Marketing opt-ins  
Sending  
promotional  
Providing offers,  
updates, and  
on consent  
content (only with promotional content  
explicit consent)  
6
7
Location  
Data  
applicable)  
Approximate  
location (based on  
IP or GPS, if  
Optional,  
usercontrolled  
Localization of  
services  
Fraud detection  
Regional service  
customization and  
fraud monitoring  
(if  
enabled)  
Cookies and  
Tracking  
Data  
Session cookies  
Persistent cookies  
Tracking pixels  
Analytics data  
Optional, based  
on preferences  
Site performance Personalized  
• •  
• •  
User experience  
enhancement  
Marketing  
browsing experience  
and marketing  
analytics  
optimization  
IoT Device specific  
#
Category of  
Specific Data Fields  
Requirement  
Purpose of Processing  
Goods or  
Personal Data  
Services  
Enabled  
1
Device  
Information  
Device ID  
Model  
Software version  
IP address  
Mandatory  
for device  
functionality  
Ensuring  
Device  
functionality  
Troubleshooting and  
updates  
management,  
software updates,  
and support  
2
Usage Data  
Interaction logs  
Feature usage  
Error reports  
Automatically  
collected  
Enhancing device  
performance and  
resolving  
Performance  
optimization and  
analytics  
technical issues  
Public  
Document ID: Internal  
Page 3 of 8  
CGCEL LOGO  
CGCEL Privacy Notice (External)  
External  
3
4
Location Data  
(if applicable)  
Approximate  
device location  
(with user  
Optional,  
usercontrolled  
Geolocationbased  
features and  
enhanced  
security  
measures  
Personalization and  
security  
enhancements  
permission)  
Children’s Data  
(if applicable)  
Name  
Age  
Linked device  
details  
Parental contact  
Mandatory  
for child users,  
with parental  
consent  
User registration and Child-friendly  
• •  
access to services  
features,  
parental controls,  
and compliant  
service access  
These lists include examples and are not exhaustive.  
3. Which legal basis do we use your personal data?  
Your Personal data is collected and processed by CGCEL based on the following legal grounds  
depending upon the nature of Personal Data and the purposes for which it is processed:  
Consent:  
By using our website, mobile application, or engaging with our services, you provide your free, specific,  
informed, and unambiguous consent for the collection, use, and processing of your Personal Data as  
outlined in this Privacy Notice.  
Where processing is based on consent, you have the right to withdraw consent at any time through  
the mechanisms provided in this Notice. However, withdrawal of consent shall not affect the  
lawfulness of processing carried out prior to such withdrawal. For certain data processing activities  
(such as processing of children’s data, where applicable), parents’ consent will be obtained separately  
at the point of data collection if any data of children be collected, in compliance with the Digital  
Personal Data Protection Act, 2023.  
If we process your Personal Data based on other lawful grounds, like that of legitimate interest, legal  
obligations, or statutory requirements, such processing shall continue as permitted under the  
applicable law.  
4. Disclosure of personal data  
CGCEL does not sell or rent your Personal Data. However, we may share your data with trusted third  
parties in the following circumstances:  
I.  
Service Providers & Business Partners  
We may share your Personal Data with third-party vendors, contractors, or service providers  
who assist us in delivering our services, such as:  
a. Payment processing and transaction services  
Public  
Document ID: Internal  
Page 4 of 8  
CGCEL LOGO  
CGCEL Privacy Notice (External)  
External  
b. Customer support and communication platforms  
c. IT infrastructure, analytics, and security providers  
d. Marketing and advertising partners (where applicable)  
e. Cloud storage and data hosting providers  
f. IoT platform service providers who enable device connectivity, diagnostics, and  
software updates  
II.  
Legal & Regulatory Compliance  
We may disclose your Personal Data if required to:  
a. Comply with applicable laws, regulations, or legal processes (including government  
and law enforcement requests)  
b. Respond to court orders, notices, or regulatory authorities  
c. Protect our legal rights, privacy, safety, or property (including fraud prevention and  
cybersecurity measures)  
III.  
IV.  
Business Transactions  
In the event of a merger, acquisition, restructuring, or sale of assets, your Personal Data may  
be transferred as part of the business transaction, subject to appropriate privacy safeguards.  
Fraud Prevention & Security  
We may share Personal Data with government agencies, financial institutions, or fraud  
prevention organizations to:  
a. Detect, investigate, and prevent fraud, cyber threats, or security breaches  
b. Ensure compliance with anti-money laundering (AML) and other regulatory  
requirements  
V.  
International Data Transfers  
If we transfer your Personal Data outside India, we ensure that such transfers comply with  
applicable laws and are subject to adequate safeguards, such as:  
a. Contractual Clauses wherever applicable with the recipient ensuring data protection  
b. Government-approved mechanisms for secure international data transfers  
c. Transfers to jurisdictions not explicitly restricted by the Government of India  
5. Accuracy of Personal Data  
a. You are responsible for ensuring that the Personal Data you provide to CGCEL is  
accurate, complete, and up to date.  
b. CGCEL takes reasonable steps to verify and maintain the accuracy of your personal  
data. To ensure the information we hold is current and accurate, we may periodically  
request updates where necessary. However, it is your responsibility to promptly  
inform us of any changes to your personal data, including contact details or  
preferences. This collaborative effort helps us provide you with uninterrupted services  
and remain compliant with the Digital Personal Data Protection Act, 2023.  
Public  
Document ID: Internal  
Page 5 of 8  
CGCEL LOGO  
CGCEL Privacy Notice (External)  
External  
c. If you believe any personal data, we hold is inaccurate or incomplete, you may exercise  
your right to request corrections as outlined in the in Contact Us section of this Privacy  
Notice.  
6. Security measures  
a. We implement appropriate technical, organizational, and security measures to protect your  
Personal Data from unauthorized access, loss, misuse, disclosure, or alteration.  
b. While we take reasonable steps to protect your data, no system is completely secure. In case  
of any data breach affecting your Personal Data, we will notify you in compliance with  
applicable laws.  
c. In case you as a user detect or suspect any breach of your data you can inform to us by reaching  
out to dpo@crompton.co.in  
7. Cookies and Tracking Technologies  
We use cookies and similar tracking technologies to enhance user experience, analyze website  
traffic, and personalize content. IoT devices may also use embedded tracking mechanisms to  
optimize functionality, detect malfunctions, and enhance security.  
You can manage cookie preferences through your browser settings or our Cookie Preference  
Centre.  
For more details, refer to our Cookie Policy (https://www.crompton.co.in/pages/cookie-policy)  
8. Retention of Personal Data  
CGCEL will retain your personal data in accordance with its Data Retention Policy and as required  
under applicable laws. We will only store your personal data for as long as necessary to fulfil the  
purposes outlined in this Privacy Notice, unless a longer retention period is required for  
compliance with legal, tax, regulatory, or contractual obligations.  
For IoT device data, retention is determined based on device lifecycle, user settings, and  
compliance obligations. Users may have options to delete or reset data collected by IoT devices,  
subject to technical and legal limitations.  
9. Data Principal Rights and Duties  
Under the Digital Personal Data Protection Act, 2023 (DPDPA), you, as a Data Principal, have the  
following rights concerning your Personal Data:  
i
Your Rights  
a. Right to Access: You have the right to request a summary of the personal data that CGCEL  
holds about you.  
Public  
Document ID: Internal  
Page 6 of 8  
CGCEL LOGO  
CGCEL Privacy Notice (External)  
External  
b. Right to Correction and Erasure: You may request correction, completion, or erasure of  
your personal data if it is inaccurate or no longer necessary for processing.  
c. Right to Grievance Redressal: If you believe your personal data is processed unlawfully or  
in violation of this Privacy Notice, you may file a grievance with CGCEL’s DPO/Grievance  
Officer. If unsatisfied with the resolution, you may escalate the matter to the Data  
Protection Board (DPB).  
d. Right to Nominate: You have the right to nominate an individual who can exercise your  
rights under the Act in the event of your death or incapacity.  
e. Right to Withdraw Consent: Where data processing is based on consent, you may  
withdraw your consent at any time. However, withdrawal will not affect the lawfulness of  
processing conducted before withdrawal.  
f. Right to Be Informed: You have the right to receive clear, concise, and transparent  
information about how your personal data is collected and processed.  
ii Your Duties  
As a Data Principal, you also have certain duties under the DPDPA, 2023:  
Provide accurate information: Ensure that any personal data you provide to CGCEL is accurate  
and up to date.  
Refrain from filing false or frivolous complaints: Misuse of rights under this Act may attract  
penalties as per applicable law.  
Comply with lawful processing: You must not attempt to access or modify personal data that  
you are not authorized to process.  
iii Method to Exercise Your Rights  
As an interim measure, if you wish to exercise any of your rights under this Privacy Notice, please  
contact us directly at dpo@crompton.co.in. We will provide you with the appropriate Data  
Principal Request Form, which you can complete and submit to initiate your request.  
We are currently working to streamline this process. Once available, you will be able to directly  
access all necessary forms online and submit your requests electronically.  
In the future, to exercise your rights, you may complete the Data Principal Request Form available  
at to be updated once the DPB is established and submit it to our Data Protection Officer at  
dpo@crompton.co.in. We will handle your request in accordance with applicable laws and respond  
within the prescribed timeframe within sixty days.  
10. Contact Us  
If you have any concerns regarding the processing of your personal data, you can contact our DPO.  
Contact Details of Data Protection Officer (DPO):  
E-Mail: dpo@crompton.co.in Address:  
Crompton Greaves Consumer Electricals Limited  
Godrej Business District, 05GBD, Crompton Greaves Consumer Electricals Limited, Pirojshanagar,  
Vikhroli West, Mumbai, Maharashtra 400079, www.crompton.co.in  
Public  
Document ID: Internal  
Page 7 of 8  
CGCEL LOGO  
CGCEL Privacy Notice (External)  
External  
11. Grievance Redressal Mechanism  
If you have any concerns regarding the processing of your personal data and you are not satisfied with  
the initial response, you can file a complaint with CGCEL’s Grievance Officer.  
Contact Details of Grievance Officer:  
E-mail: privacy.grievance@crompton.co.in  
Address:  
Crompton Greaves Consumer Electricals Limited  
Godrej Business District, 05GBD, Crompton Greaves Consumer Electricals Limited, Pirojshanagar,  
Vikhroli West, Mumbai, Maharashtra 400079, www.crompton.co.in  
Escalation to the Data Protection Board (DPB)  
If you are not satisfied with the resolution provided by the Grievance Officer, you have the  
right to escalate the matter to the Data Protection Board (DPB) of India, which is the  
regulatory authority established under the DPDPA, 2023 for handling data protection  
disputes and violations.  
For more details on the DPB and how to escalate your complaint, please refer to the official  
government portal <insert DPB link> (To be Updated post DPB is established)  
12. Updates to this Notice  
CGCEL may update this Privacy Notice periodically to reflect changes in legal, regulatory, or operational  
requirements. We will notify you of any significant changes through appropriate means, such as  
updates on our website. The latest version of this Privacy Notice will always be available at  
https://www.crompton.co.in/pages/privacy-notice  
13. Acknowledgment  
By reading this policy you understand and acknowledge  
a. That you have received, read, and understood this Privacy Notice.  
b. That this notice informs you of how CGCEL processes your personal data, and where required,  
your consent will be sought separately for certain processing activities.  
c. That you have the right to withdraw your consent for non-essential processing at any time by  
submitting a request to the Data Protection Officer at dpo@crompton.co.in  
Public  
Document ID: Internal  
Page 8 of 8