This Data Privacy Policy (Privacy Policy) is made affective as of 13th October 2022
The purpose of the Privacy Policy is to maintain the privacy of and protect the personal information of employees, contractors, vendors, interns, associates, customers and business partners of E-Square Alliance Private Limited (ESAPL) and ensure compliance with laws and regulations applicable to ESAPL.
The Privacy Policy is applicable to all ESAPL employees, contractors, vendors, interns, associates, customers and business partners who may receive personal information, have access to personal information collected or processed, or who provide information to the organization.
This Privacy Policy applies to all ESAPL employees, contractors, vendors, interns, associates, customers and business partners who receive personal information from ESAPL, who have access to personal information collected or processed by ESAPL, or who provide information to ESAPL, regardless of geographic location. All employees/customers of ESAPL are expected to support the Privacy Policy and principles when they collect and / or handle personal information, or are involved in the process of maintaining or disposing of personal information. This Privacy Policy provides the information to successfully meet the organization’s commitment towards data privacy.
All partner firms and any Third-Parties working with or for ESAPL, and who have or may have access to personal information, will be expected to have read, understand and comply with this Privacy Policy. No Third Party may access personal information held by the organization without having first entered into a confidentiality agreement.
The Data Privacy Officer shall be responsible for maintenance and accuracy of this Privacy Policy. Any queries regarding the implementation of this Privacy Policy shall be directed to the Data Privacy Officer.
The Data Privacy Officer shall review this Privacy Policy for updates on an annual basis. Additionally, the Privacy Policy shall be updated in-line with any major changes within the organization’s operating environment or on recommendations provided by internal/ external auditors.
Compliance to the Privacy Policy shall be reviewed on an annual basis by Data Privacy Officer to ensure continuous compliance monitoring through the implementation of compliance measurements and periodic review processes.
In cases where non-compliance is identified, the Data Privacy Officer shall review the reasons for such non-compliance along with a plan for remediation and report them to the Board of Directors of ESAPL. Depending on the conclusions of the review, need for a revision to the Privacy Policy may be identified. In instances of persistent non-compliance by the individuals concerned, they shall be subject to action in accordance with the ESAPL’s Disciplinary Action Policy.
This Privacy Policy describes generally acceptable privacy principles (GAPP) for the protection and appropriate use of personal information at ESAPL. These principles shall govern the use, collection, disposal and transfer of personal information, except as specifically provided by this Privacy Policy or as required by applicable laws:
Notice shall be made readily accessible and available to data subjects before or at the time of collection of personal information or otherwise, notice shall be provided as soon as practical thereafter. Notice shall be displayed clearly and conspicuously and shall be provided through online (e.g. by posting it on the intranet portal, website, sending mails, newsletters, etc.) and / or offline methods (e.g. through posts, couriers, etc.). All the web sites (including Intranet portals), and any product or service that collects personal information internally, shall have privacy notice. In case of any cross-border transfer of personal information, a notice sufficiently prior to the transfer shall inform the data subjects.
Privacy notices may include:
Choice refers to the options the data subjects are offered regarding the collection and use of their personal information. Consent refers to their agreement to the collection and use, often expressed by the way in which they exercise a choice option.
Personal information may be collected online or offline. Regardless of the collection method, the same privacy protection shall apply to all personal information. Personal information shall not be collected unless either of the following is fulfilled:
Data subjects shall not be required to provide more personal information than is necessary for the provision of the product or service that data subject has requested or authorized. If any data not needed for providing a service or product is requested, such fields shall be clearly labeled as optional. Collection of personal information shall be avoided or limited when reasonably possible. Personal information shall be de-identified when the purposes of data collection can be achieved without personally identifiable information, at reasonable cost. When using vendors to collect personal information on the behalf of ESAPL, it shall ensure that the vendors comply with the privacy requirements of ESAPL as defined in this Privacy Policy.
ESAPL shall at minimum, annually review and monitor the information collected, the consent obtained and the notice / SoW / contract agreement identifying the purpose. The project team/support function shall obtain approval from the IT Security team before adopting the new methods for collecting personal information electronically.
ESAPL shall review the privacy policies and collection methods of Third-Parties before accepting personal information from Third-Party data sources.
ESAPL shall establish a mechanism to enable and facilitate exercise of data subject’s rights of access, blockage, erasure, opposition, rectification, and, where appropriate or required by applicable law, a system for giving notice of inappropriate exposure of personal information.
Data Subject shall be informed in the privacy notice / SoW / contract agreement, if personal information shall be disclosed to Third Parties / partner firms, and it shall be disclosed only for the purposes described in the privacy notice / SoW / contract agreements and for which the data subject has provided consent.
Information security policy and procedures shall be documented and implemented to ensure reasonable security for personal information collected, stored, used, transferred and disposed by ESAPL.
Individuals noticing or becoming aware of any breach of personal data shall notify the Data Privacy Officer by emailing at loto@safetylock.net . It shall be the Data Privacy Officer’s responsibility to analyse and act on the intimation of the same within 48 hours.
ESAPL shall maintain data integrity and quality, as appropriate for the intended purpose of personal data collection and use and ensure data is reliable, accurate, complete and current. For this purpose, the Data Privacy Officer and privacy coordinators shall have systems and procedures in place to ensure that personal information collected is accurate and complete for the business purposes for which it is to be used.
ESAPL shall perform an annual assessment on the personal information collected to check for accuracy, completeness and relevance of the personal information.
i. Dispute resolution and recourse
ESAPL shall perform a periodic review of all the complaints related to data privacy to ensure that all the complaints are resolved in a timely manner and resolutions are documented and communicated to the data subjects.
An escalation process for unresolved complaints and disputes, which shall be designed and documented. Communication of privacy incident / breach reporting channels and the escalation matrix shall be provided to all the data subjects.
ii. Dispute resolution and escalation process for employees
Employees with inquiries or complaints about the processing of their personal information shall first discuss the matter with their immediate supervisor. If the employee does not wish to raise an inquiry or complaint with an immediate manager, or if the manager and employee are unable to reach a satisfactory resolution of the issues raised, the employee shall bring the issue to the attention of the Data Privacy Officer
iii. Dispute resolution and escalation process for customer / Third Party
Customers / Third Party with inquiries or complaints about the processing of their personal information shall bring the matter to the attention of the Data privacy Officer in writing. Any disputes concerning the processing of the personal information of non-employees shall be resolved through arbitration.
iv. Compliance review
Data Privacy Officer shall conduct an internal audit annually (at minimum) to ensure compliance with the established Privacy Policy and applicable laws. The review consists of the review of the following:
The Data Privacy Officer shall document all the instances of non-compliance with privacy policies and procedures. The Data Privacy Officer shall take actions on the findings from the internal audit and work on the recommendations for improvement of the privacy posture.
Any changes made to this Privacy Policy shall be communicated to all the employees, the stakeholders and the customers / clients.
We make every effort to give you access to your personal information, to allow you to correct any inaccuracies, or to remove your personal information at your request provided it is not required for genuine business purposes or by law to be retained. We require you identify yourself and the information you request to access, remove, modify or correct before commencing such requests. We may refuse requests that are of unreasonable technical effort or would be highly unfeasible, endanger the privacy of others, or require access that is not normally necessary. When we provide access to your personal information for the purposes of modification, correction or removal, we do so free of charge except where doing so requires a unreasonable effort. To request access, correction or removal of your personal information, please contact loto@safetylock.net . We will remove all of your information and data within 7 business days upon receipt of your request.
We can place cookies and other similar technology on your device, including mobile device, in accordance with your preferences. Depending on your settings in on your mobile device, the following information may be collected through cookies or similar technology: your unique device identifier, mobile device IP address, information about your device’s operating system, mobile carrier and your location information (to the extent permissible under applicable law).
Cookies do a lot of different jobs, such as letting you navigate between pages efficiently, remembering your preferences and generally improving the user experience. They can also help to ensure that the advertisements you see online are more relevant to you and your interests. In addition, cookies can help us to analyze the use of our websites and online content (analytics cookies) and they can also facilitate/track the interaction on our websites and online content with social media (e.g. links to social media sites, like buttons, etc.).
Term | Definition |
Data Subject | A data subject who is the subject of personal and sensitive personal data. |
Personal data or Personally Identifiable Information (PII) | PII is any information about an individual (the data subject) which can
|
Sensitive Personal Information (SPI) | Sensitive personal data means personal data consisting of information but not limited to the following attributes of the data subject:
Personal Information is or may be used:
|
Third Party | All external parties – contractors, interns, summer trainees, and vendors – who have access to ESAPL’s information assets or information systems. |
Data privacy and security | Anyone collecting personal and customer information must fairly and lawfully process it, process it only for limited, specifically stated purposes, use the information in a way that is adequate, relevant and not excessive, use the information accurately, keep the information on file no longer than absolutely necessary, process the information in accordance with your legal rights, keep the information secure and never transfer the information outside the country without adequate protection |
Worldwide Delivery
Via Fastest Mode AvailableWide Choice
1400+ Items availableCustomisation Available
No MOQ for standard productsDirect Technical Support
From our expert LOTO EngineersHi! I'm Pyush, the Technical Director at E-Square
Please write to me here if you have any questions or require any kind of assistance. We will get back with an answer ASAP !