Amal Ltd (hereinafter referred to as the Company) is committed to respect privacy of every person, including its employees, business partners | associates, vendors, dealers, customers and all others who share their sensitive personal data or information (sensitive personal information) with the Company.
The purpose of this Policy, as amended from time to time, is to give the information providers an understanding on how the Company intends to collect, receive, possess, store, transfer, handle, deal with and use the sensitive personal information provided to the Company.
Sensitive personal information of the information providers may be required to be collected, maintained and transferred for business and official purposes. Such sensitive personal information may have to be shared with other group companies or third party(ies), within and outside the country, as per lawful business requirements of the Company.
The Company will ensure confidentiality of such sensitive personal information and grievances, if any, related to such matters will be resolved by the grievance officer appointed by the Company for this purpose (grievance officer).
By executing a consent letter provided by the Company, the information providers will consent to the collection, storage, usage, disclosure, processing and transfer of their sensitive personal information provided to the Company for the purposes mentioned in this Policy.
The information providers have the option of not providing their sensitive personal information sought to be collected if they do not agree with this Policy. Further, the information providers also have the option to withdraw their consent given earlier, provided such withdrawal of consent is intimated in writing.
What information the Company may collect?
The Company may collect the following types of sensitive personal information, including but not limited to:
- name, contact details, details of past employment (in the case of employees, wherever relevant)
- financial details such as bank account, pan card, salary, provident fund details
- password used for the systems, websites | web pages provided by the Company
- physical, physiological and mental health details
- medical records and history
- biometric information
Purpose of collection:
The Company may collect, use, receive, possess store, disclose, process and transfer the sensitive personal information for various purposes, including but not limited to, the following:
- functioning of the business of the Company
- employment or engagement of employees, including but not limited to, general HR administration; organisation planning and management
- compliance with the code of conduct, internal regulations and policies of the Company
- business mergers, acquisitions, transfers and reorganisation
- compliance with legal, judicial, governmental and regulatory statutes | requirements
- tax administration and compliance
- compliance with applicable foreign laws and rules of foreign regulators related to operations of the Company and its subsidiary and associate companies
- administration and management of IT services
- administration or otherwise carry out obligations in relation to any agreement the Information Providers have with the Company and
- investigation, prevention, or taking action regarding illegal activities, suspected fraud, violations of the law or as otherwise required by law
The information providers consent that the collection, usage, storage, disclosure, processing and transfer of any sensitive personal information or any other information as disclosed under this Policy will not cause any loss or wrongful gain to the information providers if the same is used for the above-mentioned lawful purposes.
Sharing and transferring of sensitive personal information:
The Company may need to share the sensitive personal information with group companies, business partners | associates, vendors, dealers, customers and or third parties within and outside India for lawful purposes, as mentioned above.
The information providers authorises the Company to exchange, disclose, transfer, share, part with the sensitive personal information and or any information provided, within or outside India for the above purposes.
The Company has adopted reasonable security practices and procedure to ensure that the sensitive personal information is collected and preserved in a secured manner. In case the information providers wish to know more details about the adopted security practices and procedures, they may contact the designated person for the same.
While the Company will endeavour to take all reasonable and appropriate steps to keep the collected sensitive personal information secured and prevent its unauthorised access, the information providers agree and acknowledge that the Company cannot provide any absolute assurance regarding the security of the sensitive personal information. The Company disclaims any liability, to the fullest extent permissible under applicable laws, in relation to any breach of security or loss or disclosure of information in relation to the sensitive personal information.
If the information provider needs to access update or correct the sensitive personal information, he | she may contact the designated person.
It is the policy of the Company to retain sensitive personal information of the information providers as long as the Company believes it to be necessary for the purposes for which such sensitive personal information was collected, subject to any legal requirements for the information to be retained for longer period, if any.
Please note: Use of the website | intranet of the Company following any such revisions will be deemed as acceptance by the information providers of such revisions.
The Company has nominated Mr Ankit Mankodi as the Grievance Officer of the Company. The information providers may approach the grievance officer if they have any grievance, questions or concerns with respect to the processing and use of their sensitive personal information. The grievance officer can be contacted by e-mail at firstname.lastname@example.org