Effective Date: August 1, 2018
Sooryen Inc (‘Sooryen’ or ‘the Company’ or ‘we’) believes in the using the personal information collected on its website (www.sooryen.com) (Website) responsibly as the same is critical to its business objectives and reputation.
This Policy applies to all business units, processes and systems in all countries in which Sooryen conducts business and has dealings or other business relationships.
This Policy applies to all employees, directors, contractors, consultants, advisors or service providers that may collect, process, or have access to PII of individual data subjects. It is the duty of all the above to familiarize with this Policy and ensure adequate compliance with it.
- I) Introduction & notice
- a) Introduction
Sooryen respects individual privacy and values the confidence of its customers, employees, job applicants, business partners/ vendors. The Company collects, uses and discloses PII in a manner consistent with the laws of the countries in which it does business. The Company also has a tradition of upholding the highest ethical standards in its business practices.
We have implemented industry-standard security safeguards designed to protect the PII that you may provide. We also periodically monitor our system for possible vulnerabilities and attacks, consistent with industry standards.
- b) Definitions
- “Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
- “Data Subject” means an identifiable natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
- “Joint Controller” means two or more controllers jointly determining the purposes and means of processing Personal Data.
- “Personal Data” and “Personal Information” means any information relating to an individual that can be used to identify that individual either on its own or in combination with other readily available data.
- “Pixels” means small, graphic images on web pages, web-based documents, or in email messages that allow us or third parties to monitor who is visiting our Sites (or other third-party sites) or if an email has been read.
- “Processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
- “Respondent” means individuals who provide responses to sample, sample panel or survey questions.
- “Special Categories of Data” means Personal Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.
- II) Collection of PII
- a) Authorized Users
The Websites are not intended for children under the age of 18. If you are under 18 years old, please do not provide information of any kind whatsoever on the Webites. If you are the parent of a child under 18 and believe your child has provided us with personal information, please contact us via Section XI below and we will remove that information.
- b) Information you actively submit
- Any PII we collect is used only to respond to your inquiry, process an order or allow you to access specific account information, and is not shared with third parties.
- We do not seek to collect or otherwise process your sensitive PII for any other purpose other than what is legitimate; and we do so in accordance to applicable law.
- We do not collect or otherwise process PII about race, religion, sexual orientation, health or any other information that is deemed to be sensitive in the ordinary course of business with the exception of employees and job applicants.
- c) Modes of collection of data
PII collected either electronically or physically, including but not limited to emails, cold calls, resumes, social media networking sites, subscription to databases and prospective candidate search engines, etc.
- Sooryen shall protect its customers, employees and job applicants’ information / data deemed as ‘Personal’ and / or ‘Private’.
- ‘Customers’ records shall not be sold, traded or disclosed to any third party except as may be required by law.
- Any information that is provided to us in the course of interacting with our project staff or support departments shall be held in strict confidence. This includes information (including, but not limited to email addresses, phone numbers, postal addresses, bank account details, credit card numbers and medical history), as well as any data that is supplied to us in the course of business engagement.
You can visit most of our sites without registering or actively submitting Personal Data to us. If you do not register, general technical user data such as your device’s Internet Protocol (IP) address, operating system and browser type, and the date and time of your visit, may be automatically collected through the use of “cookies”.
- d) Combination & synchronization
We may combine and synchronize information that your device transmits, information that you actively submit and information that we obtain from third party sources (including suppliers of market research sample and data marketing platforms that may direct you to our sites to answer demographic questions about yourself in preparation for your completion of surveys, and web publishers, advertisers, data brokers and online service providers that may have obtained information from you or your devices via cookies, Pixels, and other tracking technologies).
- e) Business information
We do collect employee contact names, addresses, phone numbers and email addresses of our business partners, including buyers, suppliers and vendors, for the administration of our business relationships. If you feel that your Personal Data or personally identifiable information is being collected inappropriately, please contact firstname.lastname@example.org.
- f) Information Tracking Technologies
A technology called cookies may be used to provide you with tailored information. A cookie is a tiny element of data that a web site can send to your browser, which may then be stored on your hard drive, so we can recognize you when you return.
If you prefer to not receive cookies while browsing the website, you can set your browser to warn you before accepting them and refuse the cookie(s) when your browser warns you, or you can set your browser to refuse all cookies from the website (or certain parts of the website), and/or you can delete cookies received from the website using your browser, for instance. Cookie handling instructions vary depending on the particular browser being used, and Sooryen does not assume responsibility for any undesired results arising from altering your browser's cookie handling settings.
We may use, and allow third parties to use, Pixels (sometimes called web beacons) on our Sites (or other third-party sites). Pixels may be linked to your Personal Information, and they collect the IP address of the device to which the web beacon is sent (for geolocation lookup), the URL of the page the web beacon comes from, the user agent string (for device lookup), and the time it was viewed. Sooryen may use a Pixel or cookie to examine what is happening on third-party websites, including programs and sites with marketing and advertising partners, to improve the understanding of site traffic at a granular level and other services provided.
- III) Purpose & use of collected PII
Sooryen uses the data collected for two main purposes, described in detail below to operate its business including the official website and to send communications, including promotional communications.
To operate our business including the official website: We use data collected to assess queries, requirements, and process requests for services as well as to assess website usage analysis.
Communications: We use data collected to communicate with you and personalize our communications with you. Additionally, you can sign up for email subscriptions and choose whether you wish to receive promotional communications from Sooryen by email, SMS, post and telephone or other means of communication.
We may process your PII to contact you via email, telephone, SMS or other methods of communication to provide you with information regarding our offerings that may be of interest to you. We may send information to you regarding our offerings, that may be of interest to you, using the contact details that you have provided to us and always in compliance with applicable law.
- IV) European data protection rights – GDPR
Below, you will find additional privacy information that you may find important. Sooryen adheres to applicable data protection laws viz GDPR in the European Union, which if applicable, includes the following rights:
- If the processing of Personal Data is based on your consent, you have a right to withdraw consent at any time for future processing;
- You have a right to request us to rectify your Personal Data;
- You have a right to access your Personal Data;
- You have a right to request us that your Personal Data be erased, subject to certain exceptions;
- You have a right to object to the processing of your Personal Data; and
- You have a right to lodge a complaint with a data protection authority.
- V) Information retention & accuracy
We take reasonable steps to ensure that PII we receive, process, or maintain is accurate, complete, and reliable for its intended use. We rely on the accuracy of the information provided directly to us but accept responsibility for the management and confidentiality of the PII collected.
In general, we keep PII only as long as we need it to provide you the services you requested. We may also process data on behalf of third parties who have engaged us. We keep PII processed on behalf of third parties for as long as needed to provide services to third party in question. However, we reserve the right to retain PII for any period required by law or to comply with our legal obligations, resolve disputes, and enforce our agreements.
- VI) Data Minimization
We take every reasonable step to ensure that your PII that we process is limited to the purposes set out in this policy or as required to provide you services or access to the services.
- VII) Sharing of Personal Information and Accountability for Onward Transfer
- a) Information associated with your name is shared in accordance with the procedures stated as follows:
- With your consent.
- We use affiliated and unaffiliated service providers all over the world that help us deliver our service and run our business subject to confidentiality agreements.
- We will disclose data as required by law including to meet national security requirements or to protect you, other users, us or third parties from harm, including fraud, data security breaches or where someone’s physical safety seems at risk.
When Sooryen does share your Personal Information with third party service providers and/or sub-processors, Sooryen will:
- transfer such data only for limited and specified purposes;
- ascertain that the sub-processor is obligated to provide at least the same level of privacy protection as is required by these Principles;
- take reasonable and appropriate steps to ensure that the sub-processor effectively processes the Personal Information transferred in a manner consistent with the organization’s obligations under these Principles;
- require the sub-processor to notify Sooryen if it makes a determination that it can no longer meet its obligation to provide the same level of protection as is required by these Principles;
- upon notice, including under;
- take reasonable and appropriate steps to stop and remediate unauthorized processing; &
- provide a summary or a representative copy of the relevant privacy provisions of its contract with that sub-processor to the Department of Commerce upon request.
- b) International transfers
If you are visiting this website from a country other than the country in which our servers are located, your communications with us will result in the transfer of information across international boundaries. By visiting this website and communicating electronically with us, you consent to such cross-border transfers.
- VIII) Security of Personal Data
Sooryen is committed to protecting the security of your Personal Data. We use a variety of security technologies and procedures to help protect your Personal Data from unauthorized access, use or disclosure.
- IX) Protection of Personal Data
Sooryen uses reasonable security measures in an effort to prevent loss, misuse and alteration of information under our control. However, we cannot guarantee the security of information on or transmitted via the Internet. We rely on various security procedures and systems to ensure the secure storage and transmission of data, including encryption and authentication technology licensed from third parties, to effect secure transmission of confidential information. Additionally, we have absolutely no control over the security of other sites you might visit, interact with or do business with.
If we learn of a security systems breach, then we may attempt to notify you electronically so that you can take appropriate protective steps. Sooryen may post a notice on the Sooryen Site if a security breach occurs. We may also send an email to you at the email address you have provided to us in these circumstances. Depending on where you live, you may have a legal right to receive notice of a security breach in writing. To receive a free written notice of a security breach (or to withdraw your consent from receiving electronic notice) you should notify us.
- X) Limits to Your Privacy
- XI) Choice Regarding Collection, Use & Distribution of Personal Information
You can choose to opt-out whenever your Personal Information is (i) to be disclosed to a third party or (ii) to be used for a purpose that is materially different from the purpose(s) for which it was originally collected or subsequently authorized by the individuals.
If you choose to opt-out, please contact us via email email@example.com. In such an event, you will be only able to access public areas of the Sites and may be limited in the use of Sooryen’s WebSites. In certain cases, limiting the use and disclosure of your personal data may impact functionality or prevent the use of Sooryen products or services.
- XIII) How to contact us
If you have any comments, questions or concerns about any of the information in this Policy, or any other issues relating to the processing of user information carried out by us, or on our behalf, please contact us at firstname.lastname@example.org.