Effective date: July 15, 2021
Who are we (data controller)?
We are HCL Avitas Private Ltd., having its registered office at 806, Siddharth, 96, Nehru Place, New Delhi, 110019, India and its corporate office A-5 , near Coast Guard office, Sector 24, Noida, Uttar Pradesh – 201301 , India, and including its subsidiaries and affiliated entities(hereinafter “HCL HEALTHCARE”, “we” or “us”).
What does this Privacy Statement cover?
Our websites and offerings are directed to people in their business or professional capacities. They are not intended for children under 13 years of age. We do not knowingly solicit information online from, or market online to, children under 13 years of age.
Please note, for purpose of this Online Privacy Statement, personal information means data or set of data that can identify an individual, such as name, address, telephone number, and email address.
What personal data do we collect and how do we intend to use it?
a. Type of data : IP address and related information such as location and internet provider, browser and content type, version and settings, viewed content and activities.
b. Purpose : maintaining our websites, general statistics and measurement of effectiveness of our websites and marketing techniques, marketing.
c. Legal basis: the legal basis may differ depending on local laws as applicable, but generally we consider that our legitimate interests justify the processing unless you specifically consent to some type of processing; we find such interests to be justified considering that the data is limited to browsing activities related to what is considered business or professional related (our website does not offer any content directed to individual consumers as well as any content which might be used for any inferences about your private life habits or interests), we provide easy opt-out and limit the retention of data before it is anonymized or deleted, data is also aggregated or pseudonymized unless for activities linked to submitting any webforms which might be linked to your identity submitted through such
f. Requirement to provide data and consequences of not providing : you are not required to provide any data yourself.
g. Your rights : your rights may differ depending on local laws applicable, but generally (as far as applicable laws provide you with such rights) you would be entitled to: withdraw your consent at any time (which shall not affect the lawfulness of processing based on consent before its withdrawal), object to the processing of personal data, access your data and have inaccurate data corrected, obtain a copy of personal data (in some cases in portable format), ask us about any relevant details of processing, ask for erasure or restriction of processing, and to lodge complaints with relevant authorities (in particular in the country where you live, work or where the alleged infringement took place).
You will also not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
2. Data collected through webforms and when you contact us directly:
a. Type of data : depending on the webform and content of your communication to us, this includes business contact details, content of your communication, information you have received and about interactions with us, as well as information about how you use our website, interests in our products and services, and any publicly available information relevant from a b2b perspective (such as public information about the company you represent and your official position).
b. Purpose : to provide you with requested information and respond to your queries as well as for direct marketing of our services and products.
c. Legal basis : the legal basis may differ depending on local laws as applicable, but generally we consider that our legitimate interests justify the processing unless and until you ask us to provide specific services or products, in which case existing or intended contract provides a legal basis; we find such interests to be justified considering that the data is limited to what is usually shared by the people acting in their business or professional capacities and we provide easy opt-out (we will only refuse deleting your data if we have a compelling legal justification to keep them).
d. Retention time : 2 years since the last interaction, unless the existing contract, legal claim or legal requirement justifies further processing of which you will be informed (data will be reviewed annually and data which is not relevant will be deleted).
e. Source of data : the data is provided by you directly, through interactions with our company and websites, and from publicly available sources of business-related information.
f. Requirement to provide data and consequences of not providing : some fields are marked necessary in our webforms in order to submit such forms, not providing such data will result in no ability to submit a form and to obtain required information; in case some data is necessary because of requested services or products or to enter into contracts, you will receive such information separately.
g. Your rights :
- your rights may differ depending on local laws applicable, but generally (as far as applicable laws provide you with such rights) you would be entitled to: object to the processing of personal data, access your data and have inaccurate data corrected, obtain a copy of personal data (in some cases in portable format), ask us about any relevant details of processing, ask for erasure or restriction of processing, and to lodge complaints with relevant authorities (in particular in the country where you live, work or where the alleged infringement took place).
- Please note you can always unsubscribe to marketing communication through clicking unsubscribe links available in the marketing communication(s) you receive. In addition to that, irrespective of applicable laws, you can opt-out from processing (object to processing) and request us to delete your personal data by submitting your request through our Data Subject Request Portal and we will work with you to delete your personal information.
- You will not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. Limited profiling and business
classification might be used, as for type and size of business, number of employees, business role, interests etc.
h. Data recipients and transfers : HCL HEALTHCARE employees from the relevant teams, companies processing the data on our behalf (including for technical, software and marketing support), independent third parties when this is necessary (auditors, lawyers, inspection agencies) or based on your choices and actions (as when you ask us to send you a shipment or letter using a third-party provider). Depending on applicable local laws you may obtain from us further information about specific entities having access to the data.
In certain situations, HCL HEALTHCARE may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security requirements as well as instances requiring cooperation with law enforcement agencies where mandated by law.
As further required by Law (including mergers, acquisitions, divestitures, or asset sales, but only if the acquiring organization agrees to this Privacy Statement’s protections), we may also disclose your personal information as required by law, such as to comply with a subpoena or other legal process, when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.
How do we safeguard your personal data?
We use a range of security measures to protect your personal information. Please be aware, however, that HCL HEALTHCARE cannot guarantee that third parties will safeguard your personal data in a similar manner. Unencrypted information – including information sent via E-mail – may also be able to be read by third parties. As a user of our services, you are responsible for protecting the information you provide, including user name and passwords, from misuse, by encryption or other means. If you have any questions about the security of your personal data, you can contact us at email@example.com.
How to contact us if you have any questions:
If you have any questions about this Privacy Statement, then you can contact the Global Privacy Office online via firstname.lastname@example.org. Additionally, the contact information for the Grievance Officer for India is Prashant Yadav, Global Privacy Office; e-mail address – email@example.com
How will we update this Privacy Statement?
We may amend this Privacy Statement from time to time:
If we materially change our Privacy Statement, we will take steps to inform you of the change. We may do this through email, SMS, notices on our websites or other means (or a combination of these means) in line with the permission you have given us to contact you.
The “Effective Date” at the top of this Privacy Statement shows when it was last updated.