PERSONAL DATA PRIVACY POLICY

1. BACKGROUND AND PRINCIPLES

This Personal Data Privacy Policy (“Privacy Policy”) is applicable to Sesa Care Private Limited (collectively, Sesa Care, we, us and our) and sets out measures to safeguard any information that relates to a natural person which, either directly or indirectly, in combination with other information available or likely to be available with Sesa Care, is capable of identifying such person (“Personal Information” ), and which is provided to us or which we obtain relating to an individual (“Data Subject or you”),including, without limitation:

  • (a) partners, directors, officers, employees and other representatives of Sesa Care;
  • (b) individuals applying for or enquiry about employment with us;
  • (c) visitors to our websites and users of any products we provide.

We respect the privacy of individuals. We will comply with applicable data protection law which says that the Personal Information we hold about you must be:

  • (i) used lawfully, fairly and in a transparent way;
  • (ii) collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes;
  • (iii) relevant to the purposes we have told you about and limited only to those purposes;
  • (iv) accurate and to the extent appropriate, kept up to date;
  • (v) kept only as long as necessary for the purposes we have told you about;
  • (vi) disclosed to third parties after providing notice and seeking informed consent from you for such disclosure; and
  • (vii) kept securely.

This Privacy Policy describes how we collect, use, store, process, disclose and transfer information that we may collect from individuals.

We reserve the right to update this Privacy Policy at any time. If we make any changes to this Privacy Policy, the last modified Privacy Policy shall be applicable to you. We may also notify you in other ways from time to time about the processing of your Personal Information.

2. PURPOSE FOR DATA COLLECTION

We use your Personal Information for a variety of reasonable and legitimate business purposes, i.e.:

  • (i) Complying with legal or regulatory obligations, such as our obligations regarding know-your-client;
  • (ii) Performing a contract with your employer or to take steps at the request of your employer before entering into or performing a contract with them;
  • (iii) Other legitimate purposes , such as:
    • a) to send you a welcome e-mail and to verify ownership of the e-mail address provided when your user account was created;
    • b) to identify you as a user in Sesa Care system;
    • c) to provide access to website;
    • c) to provide access to website;
    • e) to provide improved administration of website;
    • f) to notify you about updates to website;
    • g) to improve and customize the quality of experience when you interact with the website;
    • h) to send you administrative e-mail notifications, such as security or support and maintenance advices;
    • i) to engage with or contact inactive users of the website;
    • j) to direct certain content and advertisements to you so that you are more likely to see content and advertisements that are relevant to you;
    • k) to analyze the data submitted by you;
    • l) to send offers and promotional materials related to the website and those of third parties for marketing and other purposes.
    • m) to Communicate with you;
    • n) to create, improve and develop our products and services;
    • o) to conduct market research, surveys, and similar inquiries to help us understand trends, client and website visitor’s needs;
    • p) to process payments to us or credits to you;
    • q) to monitor and audit compliance with internal policies and procedures, legal obligations and to meet requirements and orders of regulatory authorities;
    • r) to process and consider applications for employment, including evaluating and confirming your suitability for the position and accuracy of any information submitted;
    • s) to arrange emergency medical treatment; and
    • t) to provide employee benefits.

We may also use and share aggregated or de-identified information for any purpose and in any manner. This aggregated or de-identified data that Sesa Care shares may include non-personally identifiable data that Sesa Care creates using your personal information by excluding information that makes the data personally identifiable.

If you are uncertain of Sesa Care’s need for information that we request from you, please contact the Sesa Care representative asking for the information or contact us (see section 10 below) with your query.

3. DATA COLLECTION

We receive Personal Information in various ways, including:

  • (a) Directly from the Data Subject e.g., when you voluntarily submit information to our website, or send us an email, other written correspondence or buy product from us. The following are the information we may collect:
    • (i) Name, email address, postal address;
    • (ii) Username;
    • (iii) Phone number or mobile number;
    • (iv) Photo identity proof;
    • (v) Date of birth;
    • (vi) Payment instrument details (such as a credit card information, credit history);
    • (vii) Other information about you and your related party such as gender or product use preferences.
  • (b) Indirectly from other sources e.g., from public records or from a counterparty in possession of the data, such as:
    • (i) If you access or create an account by logging in with your credentials from your third party account with certain social networking sites (such as Twitter, LinkedIn, Google+ or Facebook), we may receive information about you from such social networking sites, in accordance with the terms of use and privacy policy of that social networking site. We work with such social networking site’s application protocol interface (API) in a way that allows you to authorize us to access your account on that social networking site on your behalf;
    • (ii) Our employees may also give us emergency contact information as part of our emergency scenario planning and may give us details of their dependents and of other people in relation to their employee benefits arrangements;
    • (iii) Your employer may provide your Personal Information to us in connection with a service they provide to us or in connection with services that we provide to our clients;
    • (iv) Your devices (depending on their settings) may also transmit location information to us.
    • (v) We may receive information from past employers and others concerning your employment history where you apply for a job with us;
    • (vi) We sometimes collect information from third party data providers or publicly available sources for, background checking and similar purposes, and to protect our business and comply with our legal and regulatory obligations. We may add this information to the information we have already collected from you in order to improve the products and/or services we provides and/or its website and you agree that such information will be treated in the same way as the information shared by you by using the services of the website.
    • (vii) We may record details of emails, telephone conversations or other electronic communications you have exchanged with our employees and other staff members on our information technology systems; and
    • (viii) We may maintain closed circuit TV records if you visit our premises, for security and safety purposes.
  • (c) Using Automatic Collection Tools. In addition, we automatically collect certain data from Data Subjects who visit our website. To this end, we use data collection tools (“Cookies”) on our website to record certain usage information, such as the number and frequency of visitors to the website. This information may include the websites that you access immediately before and after your visit to our website, and which Internet browser you are using. You can set your browser to not accept Cookies, but this may limit your ability to use the website. We may ask our other partners to serve ads or services to your computer systems or other devices, which may use cookies or similar technologies placed by us or the third party. We does not control use of such technologies used by advertisers and partners and it expressly disclaims responsibility for information collected through them.Please see our Cookie Policy for further details on the usage of cookies on our website.

4. OTHER PEOPLE’S INFORMATION WHICH YOU PROVIDE TO US

If you provide, or an organization you represent provides, Personal Information to us about someone else (such as your directors or employees or someone with whom you have dealings) you or your organization must ensure that you are entitled to disclose that information to us and that, without us taking any further steps required by privacy laws, we may collect, use and disclose such information for the purposes described above. For example, you should take reasonable steps to ensure the individual concerned is aware of the various matters detailed in this Privacy Policy and any additional statement provided to you, as those matters relate to that individual, including our identity, how to contact us, our purposes of collection, our information use and disclosure practices, the individual's right to obtain access to and correct their information and to make a complaint, how we will deal with these and, where relevant, the consequences for the individual if the information is not provided.

5. CONSENT

By visiting our offices and/ or contacting us through our website, or otherwise engaging with us and submitting your Personal Information to us, you consent to:

  • (i) us collecting, using and transferring your Personal Information as set out in this Privacy Policy.
  • (ii) the transfer, storage and processing of your Personal Information in accordance with this Privacy Policy, including by third parties who may receive and process your Personal Information.
  • (iii) When the Personal Information is pertaining to individuals under the age of 18, prior consent will be sought from the guardians of such an individual before such Personal Information is processed.
  • (iv) If you do not provide some or all of the information requested, we may not be able either to provide you with an appropriate level of service or to fulfil another applicable purpose of collection.

6. SENSITIVE PERSONAL INFORMATION

Sensitive Personal Information is Personal Information which consists of information relating to: (i) password; (ii) financial information such as bank account or credit card or debit card or other payment instrument details; (iii) physical, physiological and mental health condition; (iv) sexual orientation; (v) medical records and history; (vi) biometric information; (vii) any detail relating to the above as provided to us for providing service; and (viii) any of the aforementioned information received by us for processing or stored or processed under lawful contract or otherwise.

If you provide us with Sensitive Personal Information, the provision of this information is entirely voluntary and subject to your express consent. However, we may be unable to carry out some activities without this information - for example, we may be unable to process application forms or similar requests. We will use any Sensitive Personal Information in accordance with the consent you give pursuant to section 5 and, where necessary, we may also process such information in the establishment, exercise or defense of legal claims.

Where we do receive Sensitive Personal Information, we will only keep such information for as long as strictly necessary in order to comply with our obligations under the law or contract.

7. DISCLOSURE AND/OR TRANSFER OF PERSONAL INFORMATION

Sesa Care will take reasonable steps to protect your Personal Information against unauthorized disclosure. Subject to the provisions of any applicable law, your Personal Information may be disclosed to the parties listed below (whether located in India or overseas) for in connection with processing such Personal Information for the purposes listed in section 2 to:

  • (i) entities within Sesa Care;
  • (ii) insurance companies and brokers in connection with staff insurance;
  • (iii) agents, contractors or third party service providers who provide operational services to Sesa Care , such as courier services, telecommunications, information technology, advertising, payment, payroll, processing, training, market research, storage, archival, customer support, investigation services or other services to Sesa Care ;
  • (iv) we may also share certain information such as cookie data with third-party advertising partners. This information would allow third-party ad networks to, among other things, deliver targeted advertisements that they believe will be of most interest to you.
  • (v) we may also disclose personal information to enforce its policies, respond to claims that a posting or other content violates others’ rights, or protects anyone’s rights, property or safety.
  • (vi) any business partner, assignee or transferee (actual or prospective) and their advisors to facilitate business or asset sale transactions (which may extend to mergers, acquisitions and debt or asset sale);
  • (vii) local and overseas financial institutions and their respective service providers;
  • (viii) our professional advisers such as our consultants, auditors and lawyers;
  • (ix) business and charity partners in relation to events planning;
  • (x) relevant government regulators, government ministries, statutory boards, embassies, or authorities and/or law enforcement agencies, whether local or overseas, to comply with any directions, laws, regulations, rules, codes of practice or guidelines, or schemes issued or administered by any of them;
  • (xi) any other party to whom you authorize us to disclose your Personal Information; and
  • (xii) any person to whom we are required by law to disclose your Personal Information.

We may also disclose your Personal Information to third parties in the event that we sell or buy any business or assets, in which case we may disclose your Personal Information to the prospective seller or buyer of such business or assets.

Stewardship of your data is critical to us and a responsibility that we embraces. We believe that our users’ data should receive the same legal protections regardless of whether it’s stored on our servers or on your home computer systems or devices. We will abide by the following principles when receiving, scrutinizing and responding to government requests for our users’ data:

  • (i) Be transparent,
  • (ii) Fight blanket requests,
  • (iii) Protect all users, and
  • (iv) Provide trusted services.

8. DATA RETENTION

In general, we will process and store your Personal Information for at least as long as it is necessary in order to fulfil our contractual, regulatory and statutory obligations. Subject to those qualifications, our goal is to keep such data for no longer than necessary in relation to the purposes for which we collect and use the Personal Information. However, you are responsible for, and we kindly request that you inform us of, any changes to Personal Information. If you have any specific questions in this respect, please feel free to contact us.

9. SECURITY OF YOUR PERSONAL INFORMATION

We take technical and organizational measures to protect the Personal Information that we hold from misuse and loss and from unauthorized access, modification and disclosure.

Your Personal Information may be stored either in hard copy documents or as electronic data in Sesa Care 's

We maintain physical security over our paper and electronic data stores and premises, such as locks and security systems. We also maintain computer and network security; for example, we use firewalls (security measures for the Internet) and other security systems such as user identifiers and passwords to control access to our computer system.

Whilst Sesa Care takes appropriate technical and organizational measures to safeguard the Personal Information that you provide, no transmission over the Internet can ever be guaranteed secure. Consequently, please note that the security of any Personal Information that you transfer over the Internet to Sesa Care cannot be guaranteed. Users should also take care with how they handle and disclose their Personal Information and should avoid sending Personal Information through insecure email.

In case of a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Information transmitted, stored or otherwise processed, we will notify details of such breach to relevant regulators and you, as required by law, and take measures to address such breach and mitigate its adverse effects.

10. RIGHT TO WITHDRAW CONSENT, REQUEST ACCESS TO, AND CORRECTION OF PERSONAL INFORMATION

You have the right to withdraw consent, request access to, and correction of Personal Information that Sesa Care holds about you in accordance with applicable laws by sending Sesa Care an e-mail at Consumer.care@sesacare.com

If you withdraw your consent to any or all use of your Personal Information, depending on the nature of your request, Sesa Care may not be in a position to administer or comply with the relevant contractual agreement or arrangement in place. This may also adversely impact and affect your relationship or other agreements or arrangements with Sesa Care. Sesa Care’s legal rights and remedies in such event are expressly reserved.

You will ordinarily not have to pay a fee to access your Personal Information or to exercise any of the other rights under this Privacy Policy. However, we may, where the relevant law permits, charge a reasonable fee if your request for access is clearly unfounded or excessive .

11. AUTOMATED DECISION MAKING

We respect your legal rights not to be subject to decisions that are based solely on automated processing of your Personal Information, including profiling, especially where such processing has legal or other significant effects on you. In establishing and carrying out a business relationship, we generally do not use any automated decision making in relation to Personal Information. However, we may process some of your Personal Information automatically, with the goal of assessing certain personal aspects, such as to comply with legal or regulatory obligations.

12. LINK TO THIRD PARTY WEBSITES

The Sesa Care website contains links to third-party websites whose data protection and privacy practices may differ from ours. We are not responsible for the content and privacy practices of these other websites and encourage you to consult the privacy notices of those websites. Any data shared with third-party platforms will be governed by such third-party social media platforms’ privacy policy.

13. GOVERNING LAW

This Privacy Policy shall be governed in all respects by the laws of India.

14. CONTACT

Questions, comments, complaints and requests regarding your Personal Information or this Privacy Policy should be addressed to our Chief DigitalOfficer at:
Chief Digital Officer
Sesa Care,
Rocklines House, Ground Floor 9/2,
Museum Road,
Bangalore – 560001