top of page

Privacy Policy

​

This Privacy Policy includes important information about your personal data and we encourage you to read it carefully.

[Last Updated: 18th June 2025]

 

Centre for Arbitration and Dispute Resolution (CADR) a brand of Cadration Foundation ("we", "us", or "our") is committed to protecting the privacy and personal data of all individuals who interact with us, including arbitrators, parties to arbitration, legal representatives, and users of our services. This Privacy Policy describes how we collect, use, share, and store your personal data in compliance with the Digital Personal Data Protection Act, 2023 and other applicable laws of India. 

 

1. Introduction


This Privacy Policy governs the manner in which CADR collects and processes personal data through:

  • Our arbitration administration services;

  • Our website, portal, or digital platforms;

  • Communications, interactions, and service delivery involving arbitrators, claimants, respondents, legal representatives, experts, and witnesses.

By using our services or website, you consent to the practices described in this policy. If you do not agree, please refrain from accessing our services.

 

2. Applicability

 

This Privacy Policy applies to:

  • Data Principals (i.e., natural persons to whom personal data relates), including users of the website, parties to arbitration, arbitrators, and associated stakeholders;

  • Processing of personal data, whether collected online or offline;

  • All data processing activities undertaken by or on behalf of CADR in its role as a Data Fiduciary under the DPDP Act

 

3. Definitions

​

  • Personal Data: Any data about an individual who is identifiable by or in relation to such data.

  • Processing: Includes collection, storage, usage, and dissemination of personal data.

  • Data Fiduciary: CADR, as the entity determining the purpose and means of processing.

  • Data Principal: You, the individual to whom the personal data relates.

 

4. Information We Collect 

 

We may collect the following types of personal data:

  • Identity & Contact Data: Names, addresses, email addresses, phone numbers of parties, representatives, arbitrators, witnesses, experts, and website visitors.   

  • Case Information: Details related to disputes submitted for arbitration, including contracts, claims, defences, evidence, submissions, and communications.   

  • Financial Data: Information related to payment of registration fees, administrative fees, and arbitrator fees. Bank or transaction details (if required for fee payments).

  • Professional Information: Details of arbitrators' qualifications, experience, disclosures regarding independence and impartiality. 

  • Technical Data: (If applicable, for website) IP address, browser type, operating system, usage data collected via cookies or similar technologies (See Cookies Policy).

  • Consent Records: Records of your data processing consents and preferences. 

 

We may also collect any other information you voluntarily provide in communications or during proceedings.

 

5. Sources of Personal Data

 

We collect personal data:

  • Directly from you (via forms, emails, case filings)

  • Through your authorized representatives

  • Automatically via our website (for technical data)

  • From third parties (e.g., arbitrators, law firms, or experts)

​

6. Legal Basis for Processing

 

We process your data under one or more of the following grounds, as permitted under Section 4 of the DPDP Act:

  • Consent: For non-essential or sensitive personal data, where your prior consent is necessary.

  • Legal Obligation: Where processing is required by law, regulation, or judicial order.

  • Contractual Necessity: Where data processing is necessary for executing or administering arbitration agreements.

  • Legitimate Use: For core arbitration and institutional functions, including verification, authentication, and case tracking.

​

7. How We Use Your Information

​

We use the collected data for the following purposes:

  • Administering arbitration proceedings under the CADR Domestic Arbitration Rules.   

  • Appointing and managing arbitrators and tribunals.   

  • Facilitating communication between parties, arbitrators, and the Institution.   

  • Processing payments for services.   

  • Maintaining records of proceedings and awards.   

  • Complying with legal and regulatory obligations.   

  • Improving our services and website functionality.

  • Responding to inquiries and providing support.

  • Register and manage arbitration requests

  • Constitute and coordinate with arbitral tribunals

  • Facilitate document exchange and communications

  • Conduct hearings (in-person or virtual)

  • Process payments and manage accounts

  • Issue awards and post-award communication

  • Maintain institutional records and analytics

  • Comply with statutory obligations (e.g., reporting, dispute resolution)

 

We do not use your personal data for marketing purposes.

 

8. Data Sharing and Disclosure

 

We may share your data with:

  • Arbitrators and Tribunal Members: For conducting proceedings

  • Legal Representatives or Experts: As required by the case

  • Service Providers: Including IT service vendors, video conferencing providers, cloud hosting partners, on a need-to-know basis and subject to confidentiality obligations

  • Government and Judicial Authorities: As required under law or court orders

  • Parties to Arbitration: Limited to relevant information necessary for fairness and procedural conduct

​

We implement measures to ensure that data shared is limited to what is necessary and is handled securely. Arbitration proceedings and related information are confidential as per our Rules.

 

We do not sell or trade your personal data to any third party.

​

9. Data Retention Policy

 

We retain personal data:

  • For the duration of arbitration proceedings

  • For a statutory period post-conclusion for audit, enforcement, or regulatory requirements

  • As per any specific retention obligations under the Arbitration and Conciliation Act, 1996. 

 

Once the retention period expires, we ensure secure disposal or anonymisation of data.

​

10. Data Security Measures

 

We implement reasonable security practices, including:

  • Secure servers and encrypted storage

  • Role-based access control

  • Regular data audits and vulnerability assessments

  • Multi-factor authentication and endpoint protection

  • Incident response procedures

 

In case of a personal data breach, we will notify affected parties and relevant authorities as mandated under the DPDP Act.

 

11. Your Rights as a Data Principal

 

You may exercise the following rights under the DPDP Act:

  • Right to Access your personal data

  • Right to Correction or updating of inaccurate data

  • Right to Erasure (subject to legal exceptions)

  • Right to Grievance Redressal

  • Right to Nominate a representative in case of incapacity or death

 

You may exercise these rights by submitting a request to our Grievance Officer. 

 

12.  Cookies and Online Tracking

 

Please refer to our Cookies Policy for detailed information on the use of cookies and tracking technologies used on our website. 

 

13.  Grievance Redressal

 

For questions, requests, or complaints about data processing, please contact:

Grievance Officer: 

Anish Raj
Email: anishraj.0001@gmail.com
Phone: +91 99588 70070

 

We acknowledge all grievances within seven (7) days and aim to resolve them within thirty (30) days.

 

14.  Policy Updates

 

We reserve the right to update or revise this Privacy Policy to reflect legal updates or institutional changes. The updated version will be published on our website with a revised “Last Updated” date. We encourage you to review this policy periodically.

​

bottom of page