segment-pixel
For the best experience, try the new Microsoft Edge browser recommended by Microsoft (version 87 or above) or switch to another browser � Google Chrome / Firefox / Safari
OK

This Privacy Policy outlines the privacy and data protection practices followed by Xoriant Corporation (hereinafter referred to as “Xoriant”), its affiliates and unaffiliated third parties with respect to information gathering, dissemination and protection.

Policy Statement

Xoriant shall ensure that Personal Data relating to natural persons including employees (current as well as former) suppliers, and customers, are obtained and processed fairly and in accordance with the data subjects’ rights under Data Protection Laws and Regulations. Xoriant respects the privacy and is committed to promoting the responsible use of personal information and protecting individual’s privacy rights.

DATA COLLECTION, Onward TRANSFER & PROCESSING

Xoriant may collect, store, use and disclose information about individuals which may constitute personal data (including sensitive personal data under various Government Laws e.g. Indian IT Act Privacy rules, GDPR, etc.) for lawful, explicit and legitimate purposes and for further processing of personal data consistent with those purposes.
Xoriant shall obtain consent from the data subject wherever appropriate and required for the processing of personnel information prior to collecting, storing and processing any personal data.
Xoriant shall not utilize an individual's personal data beyond the scope granted without prior consent from the individual and shall take measures to ensure that this principle is observed. An individual's personal data shall not be provided or otherwise disclosed to third parties other than Xoriant affiliates, investigators, or law enforcement personnel when consent has been obtained from the individual in question or when disclosure is legally mandated. To the extent permitted by applicable law, Xoriant may record and monitor electronic and voice communications to ensure compliance with the legal and regulatory obligations and internal policies and for the purposes outlined above.
Any transfer of personal data to a third party shall take place only if, all necessary controls for Data protection are applied by the third party in order to ensure that the level of protection of personal data is guaranteed.

CONFIDENTIALITY AND SECURITY

Xoriant takes prudent steps to safeguard the confidentiality and security of all personal data including taking procedural and organizational steps to protect personal data. These steps include but are not limited to entering into written agreements with all its vendors who process personal data which confirm with necessary data protection regulations.
In addition, Xoriant strives to protect personally identifiable information that it maintains or disseminate so it is not obtained by unauthorized individuals or used in unauthorized ways, including through the use of appropriate administrative, physical, and technical safeguards. E.g. Policies and procedures, Physical and logical access controls and encryptions.

DATA SUBJECT ACCESS, CORRECTION & DELETION

Xoriant acknowledges that individuals have specific rights under data protection laws concerning their personal data, subject to certain conditions. These rights may include access to their personal data, correction of specific personal data, deletion of personal data, objection to particular processing of personal data, withdrawal of consent to any personal data processing based on consent, restriction of personal data processing, receipt of personal data in portable format, and protection from decisions solely based on automated processing that may have significant legal effects, depending on the location of the individual and the Xoriant entity acting as the data controller for their data. To exercise any of these rights, please complete the DSR Request Form available here.

Xoriant will not store/retain personal data beyond the time required to accomplish the purposes outlined in this privacy statement. After considering any legal, statutory, contractual, or legitimate requirements for retaining data, the personal data will be deleted from the systems.

DEFINITIONS

Personal Data means any information relating to a living individual who can be identified directly or indirectly by an identifier such as:

  • Name, identification number, image, location data or an online identifier.
  • One or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of such individual.
  • Birth date, address, personal phone number personal email address, race, nationality, ethnicity, origin, colour, religious or political beliefs or associations, age, sex, sexual orientation, marital status, family status, identifying number, code, fingerprints, blood type, inherited characteristics, health care history (including information on physical/mental disability); and educational, financial, criminal, history.
  • Photographs of employee and internal gatherings.
Lawful processing means that the activity is conducted in accordance with applicable national or international laws. Specified purpose means being clear from the outset about why we are collecting personal data and are transparent about our purposes with the individuals concerned. Accurate means that the data collected and stored are correct and their integrity is protected. Adequate, relevant and not excessive means that data should be sufficient for the intended purpose and that we should not hold more data than necessary for that purpose.
Data Protection Laws and Regulations means, in the European Union, the Data Protection Directive 95/46/EC and the national statutory legislation passed in each Member State implementing this Directive, the General Data Protection Regulation (GDPR) 2016 / 679, as well as national law that exists outside the EU in each country.
European Union means the current EU Member State countries of: Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, and the United Kingdom.

Changes to the policy

Xoriant reserves the right to modify or amend this Policy at its own discretion. This policy is effective from July 2018. In order to check updates to this policy, please consult this page on a regular basis.

Additional Information

If you would like to know more about Xoriant’s Privacy program, please Email us at DataSubjectResponse@Xoriant.Com.
Also, by continuing to use our website, you consent to the use of cookies. To know more, please refer to our Cookie Policy.