• Purpose: This Notice describes how we collect and use personal data about you, during and after your working relationship with us, in accordance with the General Data Protection Regulation (GDPR).
• Applicability: It is applicable to all current and former customers. This Notice does not form part of any contract to provide services. We may update this Notice at any time, subsequent to which, a copy of the updated Notice will be furnished to every customer at the earliest.
• Relationship: We are the “Data Controller” as specified under the GDPR. This means that we are responsible for deciding how we process your personal data. As a service provider, we need to keep and process data about you for sales and marketing, financial, operational activities, administration of information systems, meeting legal obligations and compliance requirements, and for other legal and customary business purposes. Processing will include collection, recording, organisation, structuring, storage, adaptation, alteration, retrieval, consultation, and use, disclosure by transmission, erasure or destruction of your personal data. The data we hold and process will be used for management, operational and administrative purposes only. We will keep and use it to enable us to run the business and manage our relationship with you effectively, lawfully and appropriately, whilst you are associated with us, at the time when your association ends and after you have left us. This includes using data to enable us to comply with the service requirements and pursue our legitimate interests, protect our workforce and stakeholders against injury, theft, legal liability, fraud, abuse and protect our legal position in the event of legal proceedings and compliance including compliance with government authority requests for information, liens and management compliances. If you do not provide this data or request for the deletion of data we may be unable in some circumstances to comply with our legal obligations and we will tell you about the implications of that decision.

• Your Personal Data That We Will Process

  We will process the following categories of personal data about you:

  • Personal details including but not limited to name, title, addresses, post code, telephone numbers, mobile number, personal/corporate email addresses, date and place of birth, gender, age, occupation, signatures etc.
  • Financial information including bank account holder’s name, bank account number, bank name and address, bank sort code, claims settlement amount, etc.
  • Other details including interests and preferences, etc.

• How Is Your Personal Data Collected?

  We collect personal data about customers through application, website forms and calls directly from the customers or sometimes indirectly from third parties. We may sometimes collect additional personal data throughout the period you are associated with us. All data including any additional data collected during our course of association will be used and stored for rendering service as well as for complying with our legal obligations or legitimate interests.

• How Will We Use Personal Data About You?

  We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  • Where we need to perform the service that we have agreed to provide you.
  • Where we need to comply with a legal obligation.
  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
  • Where we need to protect your interests (or someone else's interests).
  • Where it is needed in the public interest (or for official purposes).
  • Where we have sought your explicit consent.

• If You Fail To Provide Personal Data

  If you fail to provide certain data when requested for the purposes of business, we may not be able to render the required services to you, or we may be prevented from complying with our legal obligations.

• Change of Purpose

  We will only use your personal data for the purposes for which we collected it. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so without undue delay. Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

• Data Sharing

  We will share your personal/special categories of data with the following recipients:

  • Third parties with whom we have a contractual relationship, including but not limited to law firms, sales and marketing vendors, cold calling vendors, data shredding agency, etc. We require third parties to respect the security of your data and to treat it in accordance with our instructions and as per the law.
  • Our other entities for performance of service contract. We may transfer your personal data outside the EU for processing in accordance with the Standard Contractual Clauses executed between us and our L&T Technology Services Limited, India.
  • Internal departments, including with sales and marketing teams, accounts team, finance team, events team, etc.

• Transferring Personal Data Outside the EU

  We will transfer the personal data we collect about you to India which is outside the EU in order to perform our contract with you. There does not exist an adequacy decision by the European Commission in respect of this/ these country/ countries.

  However, to ensure that your personal data does receive an adequate level of protection we have executed Standard Contractual Clauses with our L&T Technology Services Limited, India to ensure that your personal data is treated by those third parties in a way that is consistent with and which respects the EU and regional laws on data protection.

• Data Security

  We have put in place measures to protect the security of your data.

  Third parties will only process your personal data on our instructions and where they have agreed to treat the data confidentially and to keep it secure. We do enter into specific agreements with such third parties to ensure compliance.

  We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

• Data Retention

  We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means and the applicable legal requirements.

  In some circumstances, we may anonymise your personal data so that it can no longer be associated with you, in which case we may use such data without further Notice to you. Once you are no longer a customer of the company we will retain and securely destroy your personal data in accordance with our Data Retention Policy as uploaded on the website of the Company

• Data Protection Officer

  We have appointed a data protection officer (DPO) to oversee compliance with this Notice. If you have any questions about this Notice or how we handle your personal data, please contact the [DPO OR data privacy manager] at DPO@lnttechservices.com. You have the right to make a complaint at any time to the regional supervisory authority for data protection issues.

• Your Duty To Inform Us Of Changes

  It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your working relationship with us.

• Rights Available to you

  Your rights in connection with personal data: Under certain circumstances, by law, you have the:

  • Right of Access to your personal data (commonly known as a "data subject access request"). This enables you to receive a copy of the personal data we hold about you.

  • Right to Rectification of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected.

  • Right to be Informed about the collection and use of personal data.

  • Right to be Forgotten will enable you to ask us to delete or remove personal data which we process about you subject to limited circumstances in accordance with the GDPR requirements.

  • Right to Object to Processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal data for direct marketing purposes.

  • Request the Restriction of Processing of your personal data. This enables you to ask us to suspend the processing of personal data about you, for example if you want us to establish its accuracy or the reason for processing it.

  • Right of Data Portability/Transfer to another party.  

  • Right to Withdraw Consent for processing of personal data where explicit consent has been sought. In the limited circumstances, where you may have provided your consent to the collection, processing and transfer of your personal data for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please contact Data Protection Officer at DPO@lnttechservices.com. Once we have received notification that you have withdrawn your consent, we will no longer process your data for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.

  • Right Related to Automated Decision Making Including Profiling. You will have a right not to be subjected to a decision based solely on automated processing including profiling. Such decisions can be made only if, they are necessary for the entry into or performance of a contract or authorized by the Union or Member State law applicable to us or based on your explicit consent.

  All the above-mentioned rights can be exercised by contacting the Data Protection Officer at DPO@lnttechservices.com

• No Fee Usually Required

  You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.

• Changes to this Notice

  We reserve the right to update this notice at any time, and we will provide you with a new Notice when we make any substantial updates. We may also notify you in other ways from time to time about the processing of your personal data.

If you have any questions about this Notice, please contact Data Protection Officer at DPO@lnttechservices.com