India Factoring

Privacy Policy

1.0 Privacy Policy

India Factoring and Finance Solutions Private Limited (Company) is committed to protecting the privacy of our online visitors, employees, and job applicants (collectively, Data Subjects), and the security of the information provided to us by them. We will not collect any personal information about Data Subjects unless they provide it voluntarily. This privacy policy (Privacy Policy) governs the collection and use of personal information and sensitive personal data or information of the Data Subjects by the Company. It has been prepared under the provisions of the Information Technology Act, 2000 (IT Act) and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (Data Protection Rules) framed thereunder, and sets out the practices and policies for the protection of personal information (including sensitive personal data or information) collected, received, possessed, stored, dealt with or handled by us.

2. Information Collected

2.1 Online Visitors

The information collected on/about you, as an online visitor of the Company's website, subject to your own voluntary inputs of data, may include only the following types: your contact information; your feedback information; and web page download information.

(a) Contact or Feedback When you fill the form on the "CONTACT US”, we use the personal information submitted in the form only to respond to your message. This personal information will not be kept longer than necessary and will be deleted once the feedback requirement is met.

(b) Download Information If you read or download information from our site, we automatically collect and store the following non-personal information:

The requested web page or download;

Whether the request was successful or not;

The date and time when you accessed the site;

The internet address of the web site or the domain name of the computer from which you accessed the site;

The operating system of the machine running your web browser and the type and version of your web browser.

Please note that this information is strictly for the sole use of the Company and is not shared, leased, or sold in any manner to any other organization. We use the information we collect automatically for legitimate business interests, to facilitate your use of our sites, to analyse usage by online visitors, to improve user experience, and to deliver better service.  

Our site has a number of links to other local and international organizations and agencies. In some cases, for the benefit of the online visitor, it may be required that we link to other web sites of other organizations after permission is obtained from them respectively. It is important for you to note that upon linking to another site, you are no longer on our site and you become subject to the privacy policy of the new site.

2.2 Employees and Job Applicants

We may collect sensitive personal data or information from our employees and job applicants. Personal information shall mean all information that relates to a natural person, which, either directly or indirectly, in combination with other information available or likely to be available with us, is capable of identifying such person. Sensitive personal information shall mean personal information of an individual which consists of information relating to any of the following:

• passwords;

• financial information such as bank account or credit card or debit card or other payment instrument details;

• physical, physiological and mental health condition;

• sexual orientation;

• medical records and history;

• biometric information.

3. Collection and Storage of Information

We shall not collect sensitive personal information from a Data Subject unless the collection of such sensitive personal data or information is considered necessary for the purpose for which it is being collected. The Company shall obtain your consent specifically prior to collection, processing and handling of sensitive personal information. Any sensitive personal data or information collected by us may be stored on our global servers and restricted access may be given to individuals from our group companies strictly on a need-to-know basis and for the purposes or usage as set out below under Section 5. For the purposes of this Privacy Policy, group companies would include the Company, its subsidiaries or holding companies and any subsidiary of any holding company that may be formed from time to time. 

4. Access to your Information

You may request us at any time what information is effectively held on you if any, at that particular time. You have the right to have any inaccuracies corrected and where applicable erased, if they are not already deleted.

5. Use of Information

Personal information, including sensitive personal information, shall be used only for the purpose of handling the Data Subjects' employment or for our legitimate business interests, including but not limited to the following:

• Recruitment related activities;

• Administering and maintaining personal records;

• Paying and reviewing salary and other remuneration and benefits;

• Providing and administering benefits;

• Undertaking performance appraisals and reviews;

• Maintaining sickness, holiday and other absence records;

• Taking decisions regarding the fitness for work of the employees;

• Carrying out disciplinary and grievances hearings and investigations;

• Exercising any other duties and obligations arising from the employment contract which we have entered into;

• Complying with a legal obligation;

• Where processing is necessary for us to establish, exercise and protect our legal rights or any other legitimate or vital interests of ours, including in instances of life or death situations; or

• Providing references and information to future employers, and if necessary government bodies for social security purposes, as required under the applicable law.

6. Transfer of Sensitive Personal Information

As mandated by the IT Act and the Data Protection Rules, we shall not transfer the sensitive personal information to any third party without the prior consent of the Data Subjects, unless such transfer is necessary for performance of a contract between the us (or any entity on our behalf) and the Data Subject or for the purposes/usage as listed above in Section 5.

The sensitive personal information shall be transferred only to a third party that ensures the same level of data protection that is mandated under the IT Act and the Data Protection Rules.

7. Data Retention

The sensitive personal data or information collected by the Company shall not be retained for longer than is required for the purpose for which the information may lawfully be used or is otherwise required under any other law for the time being in force.

8. Mandatory Disclosures

In accordance with the IT Act and the Data Protection Rules, we shall not disclose the sensitive personal information of a Data Subject to any third party without the prior consent of the Data Subject, unless such disclosure is necessary for compliance of a legal obligation, or such consent has been previously obtained from the Data Subject.

However, sensitive personal data or information may be disclosed, without obtaining any prior consent from the Data Subject, to Government agencies mandated under the law to obtain information including sensitive personal data or information for the purposes of verification of identity, or for prevention, detection, or investigation of crime (including cyber incidents), for prosecution, or for punishment of offences. India Factoring may disclose any employee related information available with it to any governmental authority or self-regulatory organizations, or required to be made to third parties pursuant to any law, regulation or order of a court or regulatory agency or authority of competent jurisdiction.

9. Security and Confidentiality

We adhere to the industry security compliance standards to protect the confidentiality and security of your sensitive personal information.  

10. Grievance Officer

We have appointed a Grievance Officer in relation to the compliance of this Privacy Policy on data privacy. The following shall be reported/directed to the Grievance Officer:

• requests for access to sensitive personal information;

• any grievances in relation to sensitive personal information;

• any security breach in relation to sensitive personal information;

The contact details of the Grievance Officer are as follows: Ravi Valecha, Acting CEO
Tel: (+91) 22 4412 5555   DDI: (+91) 022-40465641  

11. Changes to this Privacy Policy

If there are any changes to this privacy policy, we will replace this page with an updated version. It is therefore in your own interest to check the "Privacy Policy" page any time you access our web site so as to be aware of any changes which may occur from time to time.

On the 25th May 2018 the European Union introduced a new regulation on data privacy, known as the General Data Protection Regulation (GDPR). The GDPR imposes further obligations on entities that process any information relating to the relevant identified or identifiable natural persons. In conformity with the GDPR, where applicable, we undertake to process all personal data in accordance with the GDPR, providing the relevant data subjects with additional protection, transparency and stronger rights regarding your personal data being processed.

12 Policy Review  

This policy to be reviewed once in 2 years.