Last Updated: [•], 2022
This Policy incorporates the requirements under the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011.
Collections of Personal Information
With respect to Site visitors, when you use or register with the Site, we may ask for certain Personal Information.
We may also obtain Personal Information directly from you or your browsing activities on the Site. For such activities, we collect the following categories of Personal Information from you:
- Internet activity, such as your browsing activity on the Site, IP address, cookies, and geolocation data
- Identifiers if you utilize the Preference Center to let us know your areas of interest, your industry, or the types of whitepapers or newsletters you subscribe to in which case you will need to provide your first and last name, email address, and your country
- Professional information if you download certain whitepapers, reports, or newsletters, in which case you will need to provide your areas of interest, your industry, and the types of newsletters to which you wish to subscribe
- Professional information such as email address, country, industry, company name, and role/title when you use tools such as the Business Resilience Navigator
With respect to job applicants, we collect the following categories of Personal Information from you:
- Identifiers, such as your name and contact information such as your email and mailing address, phone number, and any login ID/email address and password created by you
- Professional or employment-related information and education information, such as your job search criteria and preferences, your availability to work, your employment experience, current job title, educational history, your skills, reference information, background check information, pay/compensation expectations, ability to work in India, whether you now or in the future require sponsorship to continue work authorization, languages spoken, and other information contained in your resume. If we run a background check on you, we may also collect some of this information from our background check provider although we would first obtain your written consent before proceeding with a check
- Internet activity, such as your browsing activity on the Site, IP address, cookies, and geolocation data
- Characteristics of protected classifications under applicable law when you apply for a job with us such as gender (optional), ethnicity (optional), and whether you are a veteran (optional)
With respect to subscribers of KnowledgeLeader, we collect the following categories of Personal Information from you:
- Identifiers if you sign up for KnowledgeLeader. You will be asked to provide your name, email address, country, city, state, and zip code.
- Professional or employment-related information such as your job title, position/role, company, and industry
Uses of Personal Information
We specify below the business and commercial purposes for which we use Personal Information. We use Personal Information within the categories of identifiers, characteristics of protected classifications, professional or employment-related, and education information to track your preferences, learn about what professional interests you have, to provide you with information regarding employment opportunities and career-related information, to market to you, and to provide you with requested information or services. We may from time to time use your Personal Information within the categories of identifiers and internet or other electronic activity information to send you automated email messages, text messages (message and data rates may apply), or marketing materials regarding our services. We may also use Personal Information such as geolocation data for our business purposes, such as data analysis, audits, and improving our services.
We may also from time to time use your Personal Information to send you automated email messages or marketing materials regarding our services. These email messages may contain web beacons and other features that help us make sure that you received and were able to open the message. You may opt-out of receiving such marketing email messages at any time by sending a message with "unsubscribe" in the subject line to email@example.com, or by following the instructions in any marketing communication.
Subject to applicable law, by providing your mobile phone number to us, you opt-in and consent to receive text messages from us, which includes but is not limited to text messages sent through an automatic telephone dialing system. Consent to receive marketing text messages is not required. If you do not wish to receive marketing text messages, do not provide us with your mobile phone number. Consent once provided, may later be withdrawn by contacting our Grievance Officer (whose details are provided below).
In addition to the above purposes, we use your information as described in the section below titled "Disclosures of Personal Information for Business and Commercial Purposes".
Disclosures of Personal Information for Business and Commercial Purposes
For business and commercial purposes, Protiviti may disclose to third parties the following categories of Personal Information to assist Protiviti with a variety of business and commercial functions:
- Identifiers such as your name and email address
- Characteristics of protected classifications under applicable law such as gender, ethnicity, or whether you are a veteran
- Internet or other electronic activity information such as network activity information, browsing history on the Site, search history on the Site, and your interaction with an advertisement
- Geolocation data
- Professional or employment-related information
- Education information
Such functions may include hosting our Web servers, analyzing data, counting ad impressions to unique visitors, detecting security incidents, protecting against malicious, deceptive, fraudulent, and illegal activity, providing legal, accounting and marketing services, customer relationship management services, processing payments, and providing other support services.
Protiviti may disclose such Personal Information to the following categories of third parties:
- Service Providers. We may share Personal Information with our third-party service providers who perform business functions and services on our behalf such as the provider of Protiviti’s customer relationship management solution and other third parties who host our Web servers, analyze data, and provide legal, accounting, marketing, and support services.
- As required or appropriate by law. We may disclose Personal Information to regulatory authorities, government authorities or courts to comply with applicable laws, the service of legal process, or if we reasonably believe that such action is necessary to (a) comply with the law requiring such disclosure; (b) protect the rights or property of Protiviti or its affiliated companies; (c) prevent a crime or protect national security; or (d) protect the personal safety of the users or the public.
- Affiliates: We may disclose Personal Information to our associate companies, business partners, agents or third parties for the purposes stated above or any other marketing and promotional activity is undertaken by or on behalf of us.
- Business transfers. We also may disclose or transfer information to a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings).
Collection and Use of Other Information
“Other Information” is any information that generally does not reveal your specific identity or does not directly relate to an identifiable individual. We may collect Other Information in a variety of ways, including:
- Through your browser or device: Certain information is collected by most browsers or automatically through your device, such as your Media Access Control (MAC) address, computer type (Windows or Macintosh), screen resolution, operating system name and version, device manufacturer and model, language, and Internet browser type and version. We use this information to ensure that the Site functions properly.
- Using pixel tags and other similar technologies: Pixel tags (also known as web beacons and clear GIFs) may be used to, among other things, track the actions of Site users and email recipients, market our services to you, measure the success of our marketing campaigns and compile statistics about Site usage and response rates.
- IP Address: Your IP Address is a number that is automatically assigned to your computer by your Internet Service Provider. An IP Address may be identified and logged automatically in our server log files whenever a user accesses the Site, along with the time of the visit and the pages visited. We use IP Addresses for purposes such as calculating usage levels, diagnosing server problems, and administering the Site. We may also derive your approximate location from your IP Address.
We may use third-party advertising companies to serve ads regarding our services when you access and use other websites, based on information relating to your use of the Site. To do so, these companies may place or recognize a unique cookie on your browser (including through the use of pixel tags). By utilizing the Site, you consent to the use of a cookie or other tracking technologies to serve you retargeted advertising.
If you would like more information about opting out of this advertising in desktop and mobile browsers on the particular device on which you are accessing this Policy or this type of advertising, please visit here and optout.aboutads.info.
This Policy does not address, and we are not responsible for, the privacy, information or other practices of any third parties, including any third party operating any site or service to which the Site links.
Personal Data Security and Confidentiality
We use reasonable organizational, technical and administrative measures designed to protect Personal Information within our organization against accidental or unlawful destruction or loss, alteration, unauthorized disclosures or access, and any other unlawful forms of processing of the data in its possession (“Security Practices”). All information provided by You is stored and retained on a secure server located in the United States.
Such Security Practices include, but are not limited to, encryption, firewalls, password protection, limitation of access to specified personnel on a need to know basis, and other physical security measures to guard against unauthorized access to the server and systems and information residing on such server and systems and are commensurate with the information assets being protected and with the nature of the business. By providing information to us, you accept that the Security Practices and procedures mentioned above, which are designed to protect the information provided by you, are reasonable.
Information including Sensitive Personal Data or Information (other than such data that is subject to data localization due to statutory or regulatory obligations) may be transferred to third parties located and/or may be stored at worldwide destinations, outside India or the location from which your information has been collected which ensure a similar level of protection and security adhered to by us under applicable Indian laws. However, we do not guarantee that Personal Information cannot be accessed, disclosed, altered, or destroyed by breach of any of the abovementioned safeguards. We take all steps reasonably necessary, including providing notice of breach to users, where required under applicable law, to ensure that Personal Information is treated securely and in accordance with this Policy. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure, please immediately notify us in accordance with the “Contact Us” section below.
Revisions to the Policy
If we change this Policy, we will post any updates here for your review. We will also take other steps as necessary depending on the nature of the changes, including obtaining your consent where required by local data protection laws, or providing you with the opportunity to delete your Personal Information.
Data Retention and User Rights
We may retain the Information for as long as is necessary to fulfil the purposes for which it was collected or as needed, even after you have discontinued or deleted any account, if retention of such Personal Information is reasonably necessary to comply with legal obligations, meet regulatory requirements, resolve disputes between users, prevent fraud, or any other use. Subsequent to such a term, we will delete or anonymize your Personal Information once the purpose has been fulfilled.
We will use Your Personal Information only for so long as is necessary:
- to achieve the purposes that have been specifically identified in this Policy or such purposes as having been identified in any agreement entered into with you;
- as required by applicable laws and regulations, or as may be required for evidentiary purposes;
- as deemed necessary for tax, fraud control, or mitigation, and to conduct a defence in relation to any disputes or claims whether potential or actual (taking into account statute of limitations under applicable laws).
You can review, modify, and delete the information you have provided to us at any time and/or withdraw your consent from allowing us to collect, process or transfer your information by contacting our Grievance Officer. Please note that if you withdraw your consent, we may be constrained to withdraw those features, functionalities, services etc. which cannot be provided, without the information you seek to withdraw consent for, or delete from our records. Please note that your requests with respect to your data shall not be complied with if it adversely affects another user, or prejudices such user’s rights.
Your right to withdraw consent relates to any further collection or processing, of your Sensitive Personal Information, however such withdrawal of consent shall not: (i) be retrospective or require the deletion of records required for statutory purposes; or (ii) operate where required for the discharge of ongoing contractual obligations unless the contract under which the Sensitive Personal Information is required to be collected is also terminated with the request for withdrawal of consent to collect such Sensitive Information.
Your data will be erased/deleted when it has served the purpose for which it was being collected and is no longer necessary, where consent has been withdrawn, or where retention of such data is contrary to or prohibited by applicable law.
In case of any queries regarding our data processing activities or to exercise your rights with respect to your Personal Information or for revoking your consent and requesting deletion of your Personal Information held with us, please contact the Grievance Officer at HRIndia@protiviti.co.in. We will respond to your request as soon as possible, and in any event within 30 days or in accordance with the timeframe permitted under applicable law. and delete your Personal Information, except such information required by law to be retained.
If you have any questions about our website privacy policies, please contact us at:
15th Floor, Tower A
Building No. 5, DLF Cyber City, Phase III
Haryana 122002 India