Photon Privacy Statement

1. Purpose

Photon commits itself as part of its social responsibility to national and international compliance with the Data protection law.

Photon has a firm policy of protecting the confidentiality and security of information that we collect from our clients. We do not share your non‐public personal information with unaffiliated third parties. Information is only shared with your consent except for the specific purposes below, in accordance with all applicable laws. It gives you important information about how we handle your personal information.

Photon reserves the right to change this policy at any time.

2. What is the personal information we collect and process and how do we use it?

2.1 What is the Personal Information we collect and process?

Personal Information is any data which relates to an individual who may be identified from that data, or from a combination of a set of data, and other information which is in possession of Photon.

In general, you may browse our website without providing any Personal Information about yourself. However, we collect certain information such as:

  • Information that you provide via our website, including information you provide when you register on our website e.g. name, email address, designation, company, country and telephone number
  • Information about your computer and about your visits to and use of this Site, such as your Internet Protocol (IP) address, demographics, your computers’ operating system, and browser type and information collected via cookies
  • Cookie related details are provided in the cookie policy.

2.2 Disclosure

We do not disclose any kind of non‐public personal information about our clients or former clients to anyone, except when we believe it necessary for the conduct of our business, or where disclosure is required by law. Except in those specific, limited situations, without your consent, we will not make any disclosures of non‐public personal information to other clients who may want to sell their products or services to you.

2.3 How do you use your Personal Information?

We use your Personal Information for the following purposes:

  • To provide better usability, troubleshooting and site maintenance
  • To understand which parts of the website are visited and how frequently
  • To create your user ID
  • To identify you once you register on our website
  • To contact you and respond to your questions or requests
  • To provide access to desirable content based on your preferences
  • To process job application related requests

2.4 What is legal basis of the processing?

Photon uses your personal data only when it is absolutely necessary for a specific purpose. Here we are explaining all the purposes where we might process your personal information.

 
Purpose Legal Basis
Managing our contractual and/or employment relationship with you Necessary for the performance of a contract to which you are a party
Recruitment Justified on the basis of our legitimate interests for ensuring that we recruit the appropriate employees
Facilitating communication with you (including in case of emergencies, and to provide you with requested information) Justified on the basis of our legitimate interests for ensuring proper communication and emergency handling within the organization
Operating and managing our business operations Justified on the basis of our legitimate interests for ensuring the proper functioning of our business operations
Complying with legal requirements Necessary for the compliance with a legal obligation to which we are subject
Monitoring your use of our systems (including monitoring the use of our website and any apps and tools you use) Justified on the basis of our legitimate interests of avoiding non-compliance and protecting our reputation
Improving the security and functioning of our website, networks and information Justified on the basis of our legitimate interests for ensuring that you receive an excellent user experience and our networks and information are secure
Undertaking data analytics, i.e. applying analytics to business operations and data to describe, predict and improve business performance and/or to provide a better user experience Justified on the basis of our legitimate interests for ensuring the proper functioning of our business operations
Marketing our products and services to you (unless you objected against such processing) Justified on the basis of our legitimate interests for ensuring that we can conduct and increase our business
 

There might be other purposes where we might collect and process your personal information with prior information if not listed above.

3. What happens when you chose not to share your personal information, as required?

If you choose not to provide your Personal Information that is mandatory to process your request, we may not be able to provide the corresponding service in the matter it is expected.

4. Who are the data recipients?

Photon does not share your Personal Information with third parties for marketing purposes without seeking your prior permission.

We share your Personal Information within:

  • Photon or with any of its subsidiaries
  • Business partners
  • Service vendors
  • Authorized third-party agents
  • Contractors

5. How is personal data managed as per specific local regulations?

Photon is the data controller processing your Personal Information. The following applies only where the data controller processing your Personal Information is domiciled in the European Economic Area (“EEA”) as prescribed in EU Regulation 2016/679, also known as the EU General Data Protection Regulation (“GDPR”), the Swiss Federal Data Protection Act and the UK Data Protection Act. We transfer Personal Information to countries outside the EEA to third parties, including to countries which have different data protection standards to those which apply in the EEA. The locations of Photon group companies are available under contact section of our website. Our service providers are primarily located in US, India and UK. Where service providers’ process your Personal Information in countries deemed adequate by the European Commission, we rely on the European Commission's decision to protect your Personal Information.

For transfers to Photon group companies and service providers outside the EEA, we use standard contractual clauses or rely on a service provider's Privacy Shield certification or a service provider's (EU data protection authority approved) corporate rules that are in place to protect your Personal Information. When required, Photon discloses Personal Information to external law enforcement bodies or regulatory authorities, in order to comply with legal obligations.

As per CCPA Act w.e.f. from 24th July 2020, California residents who provide personal information in obtaining products or services for personal, family, or household use are entitled to request and obtain from us once a calendar year information about the customer information we shared with third parties for their own direct marketing purposes, including the categories of information and the names and addresses of those businesses with which we have shared such information. As discussed elsewhere in this Privacy Policy, we do not currently share the personal information of California residents with third parties for their own direct marketing purposes. However, if you have further questions about our privacy practices and compliance with California law, please contact us at privacy@photon.com

6. Personyze

We use Personyze in order to better understand our users’ needs and to optimize our service and customer experience. Personyze is a technology service that helps us better understand our users’ experience (e.g. how much time they spend on which pages, which links they choose to click, what users do and don’t like, etc.), and this enables us to build and maintain our service with user feedback. Personyze uses cookies and other technologies to collect data on our users’ behavior and their devices (in particular, devices’ IP addresses, captured and stored only in anonymized form), device screen size, device type (unique device identifiers), browser information, geographic location (country only), and preferred language used to display our website. Personyze stores this information in a pseudonymized user profile. Neither Personyze nor we will ever use this information to identify individual users or to match it with further data on any individual user.

7. What about data security?

We maintain organizational, physical and technical security arrangements for all the personal data we hold. We have protocols, controls and relevant policies, procedures and guidance to maintain these arrangements taking into account the risks associated with the categories of personal data and the processing we undertake.

We adopt market leading security measures to protect your personal data. This includes (But not limited to):

  • We hold an ISO27001 certification, which indicates that we adhere to the highest and strictest information security standards. This is a security standard awarded by the British Standards Institution (“BSI”) that serves as international certification that Photon adheres to the highest and strictest standards. This certification is the only auditable international standard that defines the requirements for an Information Security Management System (“ISMS”), and confirms that Photon’s processes and security controls provide an effective framework for protecting our clients’ and our own information.
  • We have a Customer Data Confidentiality program in place which governs the stewardship of client information and systems entrusted to us.
  • We have regular penetration testing performed by a third-party provider, which continues to show the strength of our technical defenses.
  • Using best in industry encryption and pseudonymization (as applicable) to control any data breach.
  • Photon employs best in industry event monitoring and issue management solution to track all events and monitor potential data breaches. Regarding your use of our websites, you should understand that the open nature of the internet is such that information and personal data flows over networks connecting you to our systems without security measures and may be accessed and used by people other than those for whom the data are intended.

8. Which rights do you have with respect to the processing of your personal data?

You are entitled (in the circumstances and under the conditions, and subject to the exceptions, set out in applicable law) to:

  • Request access to the personal data we process about you: this right entitles you to know whether we hold personal data about you and, if we do, to obtain information on and a copy of that personal data.
  • Request a rectification of your personal data: this right entitles you to have your personal data be corrected if it is inaccurate or incomplete.
  • Object to the processing of your personal data: this right entitles you to request that Photon no longer processes your personal data.
  • Request the erasure of your personal data: this right entitles you to request the erasure of your personal data, including where such personal data would no longer be necessary to achieve the purposes.
  • Request the restriction of the processing of your personal data: this right entitles you to request that Photon only processes your personal data in limited circumstances, including with your consent.
  • Request portability of your personal data: this right entitles you to receive a copy (in a structured, commonly used and machine-readable format) of personal data that you have provided to Photon, or request us to transmit such personal data to another data controller.

You can assert your rights in the corresponding sections where such information was provided or by contacting us at privacy@photon.com

9. How long the data will be retained by us?

We will retain your personal data only for as long as is necessary. We maintain specific records management and retention policies and procedures, so that personal data are deleted after a reasonable time according to the following retention criteria:

  • We retain your data as long as we have an ongoing relationship with you (in particular, if you have an account with us).
  • We will only keep the data while your account is active or for as long as needed to provide services to you.
  • We retain your data for as long as needed in order to comply with our global legal and contractual obligations.

10. Third party websites

Our privacy practices regarding Personal Information that we collect and store about you through our portals such as Taleo for Recruitment and HubSpot will be as per the privacy policy of those portals.

Photon website may contain links to enable you to visit other third-party websites and services of interest easily. However, once you have used these links to leave our site, you should note that we do not have any control over that other third-party website. Therefore, Photon cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.

11. Do Not Track

Do Not Track (DNT) is a privacy preference that users can set in some web browsers, allowing users to opt out of tracking by websites and online services. Our online resources do not currently alter their practices when they receive Do Not Track signals.

12. How to reach us

If you have any questions regarding our privacy practices or this privacy statement, please contact us at:

Data Privacy Officer.

Contact address:

Corporate Compliance Office, Photon Interactive,

DLF IT SEZ, Mount Poonamalle Road, Manapakkam, Chennai 600086, India

Phone: +91 44 30618000

Email: privacy@photon.com

13. Updates to this privacy statements

Photon may change the data privacy practices and update this privacy statement as and when the need arises, the same will be made available on the website and you should check this privacy policy periodically. But our commitment to protect the privacy of website users will continue to remain.