Privacy Statement
Foreword:
This document is intended to convey management intent and commitment towards ensuring that the privacy rights of individuals are respected and upheld.
Individuals are requested to read this document as it outlines the way the company handles their personal data.
This document has been posted, in public domain, at relevant locations across our user interface points.
We follow privacy protection practices which are aligned to/ certified against global practices, guidance and applicable regulatory/ legislative mandates like ISO 27001:2013 and General Data Protection Regulation (GDPR). We make attempts to stay abreast with any new mandate/ guidelines, and, implement relevant controls to the best of our ability.
In case any user requires any further or specific clarifications or guidance or request, they are free to connect with us at the specified contact co-ordinates as mentioned in this document.
We wish all individuals who use our systems a knowledge enriching, safe and secure association.
Regards,
Data Protection Officer
Contact: dpo@spectrumtek.com
Note:
- This Privacy Statement document (also referred to as “Data Privacy Statement and Policy Document” or “privacy notice”) is applicable for Spectrum Technologies LLC and Spectrumtek Software Pvt. Ltd., (Collectively or individually referred to as “Spectrum” or “SpectrumTek” or “SpectrumTek LLC” or “company” or “we” or “us”)
- Management intends and attempts to keep this document updated to reflect any changes in the way we handle your personal data or any changes in applicable laws.
- This document entails the essence of commitment of our management towards ensuring that sensitivities associated with personal data of individuals are managed within appropriate risk and regulatory framework like GDPR.
- This page, its sub-pages and linked/ referred documents tell you everything you need to know about how SpectrumTek protects the personal data (“your personal data” or “your data” or “personal identifiable information” or “personal sensitive information”) we have access to or process and control relating to you and which rights you have in relation to the processing of your personal data.
- This document is intended to convey the management intent specific to data privacy aspects and is a part of the overall Information Security Management System (ISMS) and Data Privacy Framework (DPF). In case any further details or clarifications or requests or reporting or escalation are required, user can get in touch with the Data Protection Officer (DPO) at dpo@spectrumtek.com.
- This document has been prepared in line with the recently updated laws and regulations including General Data Protection Regulation (GDPR) and other regulations. Management attempts to ensure that this document is kept updated to the best of their knowledge and ability.
- SpectrumTek is committed to maintaining the privacy rights of individuals supported by clear management and implementation of appropriate controls. Spectrumtek maintains high levels of transparency and corporate-socio transparency and compliance and is committed to co-operating with individuals and authorities for the same, as the case maybe.
- Sections in this document have been defined in a manner that addresses the individual reading the same and thus address the individual as “you” and “your”.
- In case anyone has any concern regarding the intent, content, depiction, interpretation, adequacy, representation, paraphrase, summarization, opinion, advice, suggestions, recommendations, completeness, accurately, appropriately referenced or interpreted or mentioned, people are suggested to get in contact with our DPO for further guidance or clarifications prior to proceeding with utilization of the systems provided.
Contents
1.0 Management Commitment towards Data privacy
SpectrumTek management is committed to protect the privacy rights of individuals as an integral part of the business strategy and governance statutes.
The Board members and Chief Executive Officer (CEO) support the overall data privacy initiative @ Spectrum, the essence of which is conveyed through the privacy policy statements as defined below:
“The management is committed to uphold the legal rights of users whose personal data would be shared with our employees or internal functions through any management provided interface or process as required by applicable legislatures and regulations including GDPR”
&
“The management intends to maintain a data privacy compliance posture wherein privacy is:
(1) part of the operating culture of the organization,
(2) controls and practices are embedded by default at the design stage itself to ensure scalability, reproducibility and reliability,
(3) due transparency is maintained when dealing with individuals,
(4) stringent controls are implemented, and
(4) corporate ethics and compliances are suitable managed to uphold the privacy rights of individuals”.
2.0 How does SpectrumTek protect your personal data?
SpectrumTek protects your personal data (“your personal sensitive data” or “your data” or “personal identifiable information” or “personal sensitive information” or “your information”) in accordance with applicable laws and our data privacy policies. In addition, SpectrumTek maintains the appropriate strategic oversight and sponsorship; employee awareness levels level; technical and organizational measures to protect your personal data against unwarranted or unauthorized or unlawful processing and/or against accidental loss, alteration, disclosure, or access, or accidental or unlawful destruction of or damage thereto.
SpectrumTek attaches great importance to protecting the confidentiality and privacy of information entrusted to it.
As part of this fundamental obligation, SpectrumTek is committed to the appropriate protection and use of personal data that has been collected online.
Our intent, generally, is to collect only the personal data that is provided voluntarily by online visitors so that we can offer information and/ or services to those individuals or offer information about employment opportunities or ensure optimal services. Please review this document to learn more about how we collect, use, share and protect the personal data that we have obtained.
This document, serves as a Public Notice, officially released by company management. It is aligned to the business strategy of the organization and intended to attain the following objectives of the Governance, Risk, Compliance (GRC) and Infosec:
- Demonstrate compliance to GDPR.
- Maintain transparency with all interested parties (including web site visitors) on how their personal data would be managed.
- Facilitate the process of upholding the privacy rights of people.
- Build confidence in all interested parties.
- Contribute towards an accountable, responsible, ethical and law-abiding corporate environment globally.
3.0 What data we collect
We would be collecting, storing, and/ or using the following information about you (“users” or “online visitor” or “subscriber” or “general browser”), depending on the nature of association:
- Information you give us through SpectrumTek website via a form, application, contact request, or other request for information1.
- Information you may have posted on any blogs, forums, and any other social media applications that we provide.
- Information you provided to a third party to attend a conference, training course, or demonstration that we sponsor.
- Information you provided directly to us at a third party to attend a conference, training course, or demonstration that we sponsor.
- Information that you share during interactions on company provided technical channels/ platforms/ utilities/ tools.
- Information provided through using cookies on our company website, including your location data and your activity on our website. More information on how we use cookies and other tracking technologies can be found in our cookies notice.
The personal data we collect typically includes the following: full name, email address, work address, phone number, job title, employer, location of employment, and your activity on blogs and social media that we provide.2
4.0 How we collect data
We collect personal information about you in several ways.
- We collect the information you give us via the company website or by phone and email.
- We may collect your information through your attendance of or participation in events that we sponsor or co-sponsor or participate, such as conferences, online trainings, webinars, surveys, and demonstrations of our professional services.
- We may collect your information from other companies who sell us or share with us your information.
- We may collect information from places that are publicly available, such as blogs, social media, and networking sites.
- IP address of the connecting machine.
- Email campaigns.3
- We may collect information using cookies and other tracking technologies through our company website.
5.0 How we use the data
SpectrumTek generally collects only the personal information necessary to fulfill your request. Where additional, optional information is sought, you will be notified of this at the point of collection.
We can process personal information, so long as we have a ground under the law to do so. It also requires us to tell you what those grounds are. As a result, when we process your personal information, we will rely on select conditions including:
- To contact you about products and services.
- Performance of a contract: this is when the processing of your personal information is necessary in order to perform our obligations under a contract.
- Surveys and analysis.
- Legal obligation: this is when we are required to process your personal information in order to comply with a legal obligation, such as keeping records for tax purposes or providing information to a public body or law enforcement agency.
- Where it is necessary for legitimate interests pursued by us or a third party and your interests and fundamental rights do not override those interests.
- Legitimate interests4: we will process information about you where it is in our legitimate interest in running a lawful business to do so in order to further that business, so long as it doesn’t outweigh your interests.
- Your consent: in some cases, we will ask you for specific permission to process some of your personal information, and we will only process your personal information in this way if you agree to us doing so. You may withdraw and/or modify your consent at any time by contacting at dpo@spectrumtek.com.
6.0 Cookie Policy
A cookie is a small text file that a website or app sends to a user’s device. Once you agree to accept cookies, the file is added, and the cookie analyzes your web traffic on that site. Cookies allow web applications to respond to you as an individual and store helpful information to enhance your experience with a web interface like a site. The web application can tailor its settings/ operations to your needs, likes and dislikes by gathering and remembering information about your preferences, such as your preferred language, device settings, browsing activities and other useful information. A cookie does not allow us access to your computer or any information about you, other than the data you choose to share with us. Most browsers automatically accept cookies, but you can modify your browser settings to decline cookies.5
Cookies we use
- Essential Cookies
- These cookies track your activity on our website and are used to provide essential security measures and affect the functioning of this website. These cookies are not stored by SpectrumTek after you close your browser.
- Analytics Cookies
- SpectrumTek utilizes Google Analytics. Google Analytics’ cookies track activity about how visitors use this website. These cookies collect information about a user’s website activity and aggregate it to give us a better understanding of how our website is being used. For more information on how Google Analytics uses cookies visit www.google.com/policies/privacy/partners/.
- Marketing Cookies
- SpectrumTek utilizes HubSpot. HubSpot uses cookies to recognize and track activity on this website and connect it to the personal information you may provide to us via an online form. These cookies also allow us to understand which services and offerings may most appeal to you and send you the most relevant marketing material.
- Third Party Cookies
- You may encounter embedded content on the website, such as links to event details and trainings, third party blogs, and partners websites. These linked websites will use their own cookies. SpectrumTek does not control these websites or their owner’s use of cookies, even if you are directed to them from our website.
7.0 Data Security
We hold an ISO 27001:2013 certification6 provided by compliance auditor Ziksan Consulting Services (https://www.ziksan.org), which indicates that we adhere to the highest and strictest information security standards.7 We have measures in place to protect your personal information from being accidentally lost, used, or accessed in an unauthorized way, altered or disclosed. Access to your personal information is limited to those employees, agents, contractors and other third parties who have a business need to know. Third parties will only process your personal information on our instructions, and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
8.0 Data Retention
We will retain your personal information for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
In some circumstances we may anonymize your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you.
9.0 Rights of access, correction, erasure, and restriction
Under certain circumstances, by law you have the right to:
- Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
- Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
- Request erasure (Right to be Forgotten) of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see point below).
- Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
- Right to Data Portability of obtaining your personal information in a structured, commonly used and machine-readable format.
- Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
- Request the transfer of your personal information to another party, the timeline for doing the same will be in line with applicable legislative/ regulatory guidance or mandates.
In order to make a request for any of the above or other aspects related to your personal data please contact dpo@spectrumtek.com.
Requisites for making a request
Any person who is excising their right(s) and contacting SpectrumTek for the same should ensure that the request complies with following minimum components/ data/ details8:
- Name
- Relationship with data subject (myself or requesting on behalf)
- Date (in case of manual/ hard copy letter)
- Contact/ correspondence details
- Type of personal data related to the request
- Nature of request
- Concern/ complaint
- Legal/ logical/ other justification(s) for the request
- Additional details on the action requested (if any)
The request should be sent to either
- Our email ID: dpo@spectrumtek.com or
- Our email ID: isg@spectrumtek.com
- Our office address (as mentioned on our website www.spectrumtek.com )