Effective Date: May 25, 2018Document Purpose
This Policy applies to all business units, processes and systems in all countries in which Indecomm conducts business and has dealings or other business relationships.
This Policy applies to all employees, directors, contractors, consultants, advisors or service providers that may collect, process, or have access to Personally Identifiable Information of individual data subjects. It is the duty of all the above to familiarize with this Policy and ensure adequate compliance with it.
I) Introduction & notice
Indecomm respects individual privacy and values the confidence of its customers, employees, job applicants, business partners/ vendors. The Company collects, uses and discloses Personal Identifiable Information in a manner consistent with the laws of the countries in which it does business. The Company also has a tradition of upholding the highest ethical standards in its business practices.
We have implemented industry-standard security safeguards designed to protect the Personal Identifiable Information that you may provide. We also periodically monitor our system for possible vulnerabilities and attacks, consistent with industry standards.
- “Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
- “Data Subject” means an identifiable natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
- “Joint Controller” means two or more controllers jointly determining the purposes and means of processing Personal Data.
- “Personal Data” and “Personal Information” means any information relating to an individual that can be used to identify that individual either on its own or in combination with other readily available data.
- “Pixels” means small, graphic images on web pages, web-based documents, or in email messages that allow us or third parties to monitor who is visiting our Sites (or other third-party sites) or if an email has been read.
- “Processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
- “Respondent” means individuals who provide responses to sample, sample panel or survey questions.
- “Special Categories of Data” means Personal Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.
II) Collection of Personal Identifiable Information
a) Authorized Users
The Sites are not intended for children under the age of 18. If you are under 18 years old, please do not provide information of any kind whatsoever on the Sites. If you are the parent of a child under 18 and believe your child has provided us with personal information, please contact us via Section XI below and we will remove that information.
b) Information you actively submit
- Any Personal Identifiable Information we collect is used only to respond to your inquiry, process an order or allow you to access specific account information, and is not shared with third parties.
- We do not seek to collect or otherwise process your sensitive Personal Identifiable Information for any other purpose other than what is legitimate; and we do so in accordance to applicable law.
- We do not collect or otherwise process Personal Identifiable Information about race, religion, sexual orientation, health or any other information that is deemed to be sensitive in the ordinary course of business with the exception of employees and job applicants.
PII collected either electronically or physically, including but not limited to emails, cold calls, resumes, social media networking sites, subscription to databases and prospective candidate search engines, etc.
- Indecomm shall protect its customers, employees and job applicants’ information / data deemed as ‘Personal’ and / or ‘Private’.
- ‘Customers’ records shall not be sold, traded or disclosed to any third party except as may be required by law.
- Any information that is provided to us in the course of interacting with our project staff or support departments shall be held in strict confidence. This includes information (including, but not limited to email addresses, phone numbers, postal addresses, bank account details, credit card numbers and medical history), as well as any data that is supplied to us in the course of business engagement.
You can visit most of our sites without registering or actively submitting Personal Data to us. If you do not register, general technical user data such as your device’s Internet Protocol (IP) address, operating system and browser type, and the date and time of your visit, may be automatically collected through the use of “cookies”.d) Combination & synchronization
We may combine and synchronize information that your device transmits, information that you actively submit and information that we obtain from third party sources (including suppliers of market research sample and data marketing platforms that may direct you to our sites to answer demographic questions about yourself in preparation for your completion of surveys, and web publishers, advertisers, data brokers and online service providers that may have obtained information from you or your devices via cookies, Pixels, and other tracking technologies).e) Business information
We do collect employee contact names, addresses, phone numbers and email addresses of our business partners, including buyers, suppliers and vendors, for the administration of our business relationships. If you feel that your Personal Data or personally identifiable information is being collected inappropriately, please notify us at email@example.com.III) Purpose & use of collected Personal Identifiable Information
Indecomm uses the data collected for two main purposes, described in detail below to operate its business including the official website and to send communications, including promotional communications.
To operate our business including the official website: We use data collected to assess queries, requirements, and process requests for services as well as to assess website usage analysis.
Communications: We use data collected to communicate with you and personalize our communications with you. Additionally, you can sign up for email subscriptions and choose whether you wish to receive promotional communications from Indecomm by email, SMS, post and telephone or other means of communication.
We may process your Personal Identifiable Information to contact you via email, telephone, SMS or other methods of communication to provide you with information regarding our offerings that may be of interest to you. We may send information to you regarding our offerings that may be of interest to you, using the contact details that you have provided to us and always in compliance with applicable law.IV) European data protection rights – GDPR
Below, you will find additional privacy information that you may find important. Indecomm adheres to applicable data protection laws viz GDPR in the European Union, which if applicable, includes the following rights:
- If the processing of Personal Data is based on your consent, you have a right to withdraw consent at any time for future processing;
- You have a right to request us to rectify your Personal Data;
- You have a right to access your Personal Data;
- You have a right to request us that your Personal Data be erased, subject to certain exceptions;
- You have a right to object to the processing of your Personal Data; and
- You have a right to lodge a complaint with a data protection authority.
We take reasonable steps to ensure that Personal Identifiable Information we receive, process, or maintain is accurate, complete, and reliable for its intended use. We rely on the accuracy of the information provided directly to us but accept responsibility for the management and confidentiality of the Personal Identifiable Information collected.
In general, we keep Personal Identifiable Information only as long as we need it to provide you the services you requested. We may also process data on behalf of third parties who have engaged us. We keep Personal Identifiable Information processed on behalf of third parties for as long as needed to provide services to third party in question. However, we reserve the right to retain Personal Identifiable Information for any period required by law or to comply with our legal obligations, resolve disputes, and enforce our agreements.VI) Data Minimization
We take every reasonable step to ensure that your Personal Identifiable Information that we process is limited to the purposes set out in this policy or as required to provide you services or access to the services.
VII) Sharing of Personal Information and Accountability for Onward Transfer
a) Information associated with your name is shared in accordance with the procedures stated as follows:
- With your consent.
- We use affiliated and unaffiliated service providers all over the world that help us deliver our service and run our business subject to confidentiality agreements.
- We will disclose data as required by law including to meet national security requirements or to protect you, other users, us or third parties from harm, including fraud, data security breaches or where someone’s physical safety seems at risk.
We share aggregated demographic information about our users with third parties. This information is linked to randomly assigned user IDs and survey responses. Your user ID is linked to demographic information about you (excluding your first name and last name) that potentially could include Special Categories of Data. You consent to us collecting and sharing this information with our customers and other third parties.
When Indecomm does share your Personal Information with third party service providers and/or sub-processors, Indecomm will:
- transfer such data only for limited and specified purposes;
- ascertain that the sub-processor is obligated to provide at least the same level of privacy protection as is required by these Principles;
- take reasonable and appropriate steps to ensure that the sub-processor effectively processes the Personal Information transferred in a manner consistent with the organization’s obligations under these Principles;
- require the sub-processor to notify Indecomm if it makes a determination that it can no longer meet its obligation to provide the same level of protection as is required by these Principles;
- upon notice, including under;
- take reasonable and appropriate steps to stop and remediate unauthorized processing; &
- provide a summary or a representative copy of the relevant privacy provisions of its contract with that sub-processor to the Department of Commerce upon request.
If you are visiting this website from a country other than the country in which our servers are located, your communications with us will result in the transfer of information across international boundaries. By visiting this website and communicating electronically with us, you consent to such cross-border transfers.
VIII) Security of Personal Data Indecomm is committed to protecting the security of your Personal Data. We use a variety of security technologies and procedures to help protect your Personal Data from unauthorized access, use or disclosure.
IX) Protection of Personal Data Indecomm uses reasonable security measures in an effort to prevent loss, misuse and alteration of information under our control. However, we cannot guarantee the security of information on or transmitted via the Internet. We rely on various security procedures and systems to ensure the secure storage and transmission of data, including encryption and authentication technology licensed from third parties, to effect secure transmission of confidential information. Additionally, we have absolutely no control over the security of other sites you might visit, interact with or do business with.
If we learn of a security systems breach, then we may attempt to notify you electronically so that you can take appropriate protective steps. Indecomm may post a notice on the Indecomm Site if a security breach occurs. We may also send an email to you at the email address you have provided to us in these circumstances. Depending on where you live, you may have a legal right to receive notice of a security breach in writing. To receive a free written notice of a security breach (or to withdraw your consent from receiving electronic notice) you should notify us.
XI) Choice Regarding Collection, Use & Distribution of Personal Information
You can choose to opt-out whenever your Personal Information is (i) to be disclosed to a third party or (ii) to be used for a purpose that is materially different from the purpose(s) for which it was originally collected or subsequently authorized by the individuals.
If you have any comments, questions or concerns about any of the information in this Policy, or any other issues relating to the processing of user information carried out by us, or on our behalf, please contact us by email at firstname.lastname@example.org.