This policy ("Privacy Policy") is applicable to Smartping and all its subsidiaries and/or branch offices in India. It provides the practices and policies applicable to Smartping (including its employees, interns, contractors, consultants, clients, customers or any other party directly or indirectly engaged for the purpose of business or otherwise) for handling of or dealing in Personal Information, including Sensitive Personal Data or Information (as defined below) that is lawfully collected by Smartping, hereby referred to as Smartping. We collect personal data of our employees, potential employees, clients, suppliers, business contacts, shareholders and website users or any other individual or entities wherever required for business purposes or otherwise.

Smartping attaches great importance to your right to privacy and the protection of your personal data. We want you to feel secure that when you deal with Smartping, your personal data are in good hands.

Smartping protects your personal data in accordance with applicable laws and our data privacy policies. In addition, Smartping maintains the appropriate technical and organizational measures to protect your personal data against unauthorized or unlawful processing and/or against accidental loss, alteration, disclosure or access, or accidental or unlawful destruction of or damage thereto.

General Definitions

  • Reference to you or your in this Privacy Policy refers to any natural person (including the employees of Smartping) who provides to Smartping any information referred in Appendix 1 of this document.
  • Act shall mean the Information Technology Act, 2000 and Rules thereunder as amended from time to time.
  • Information shall mean and include Personal Information and Sensitive Personal Data and Information as may be collected by Smartping.
  • Personal Information (PI) shall have the same meaning as under Rule 2 (i) of the Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011 as amended from time to time. For ease of reference Rule 2 (i) of the Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011 is re-produced under Appendix 1.
  • Rules shall mean the Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011 as amended from time to time.
  • Registered User shall mean such user whose registration is accepted by Smartping.
  • Sensitive Personal Data and Information (SPDI) shall mean and include information under Rule 3 of the Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011 as amended from time to time. For ease of reference Rule 3 of the Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011 is re-produced under Schedule 1.

All words and expressions used and not defined in this document but defined in the Act or the Rules shall have the meanings respectively assigned to them in the Act or the Rules.

Smartping is fully committed to respecting your privacy and shall ensure that your Information is safe. This privacy policy sets out the practices adopted in respect of Information, including the types of Information that is collected, how the Information is collected, how the Information is used, how long the Information is retained and with whom it is shared (Privacy Policy). This Privacy Policy is published in compliance with the provisions of the Act and the Rules made thereunder that require publishing the privacy policy on Smartpings website.

Collection of Information:

You may use Smartpings website to access Information, learn about its products and services, read publications and check career opportunities etc. without providing any PI/SPDI. Smartping may collect and process PI/ SPDI provided by you in the following forms:

  1. Should you opt to access such services of Smartping, which are available only to Registered Users, information is required to be provided by you at registration (refer Appendix 1).
  2. Information that you provide directly to Smartping via email or electronic communication.
  3. Information that you provide to Smartping over telephone. Smartping may make and keep a record of such information shared by you.
  4. Information that you provide to Smartping in physical form whether sent through post or courier or handed over to a Smartping representative in person.
  5. PI/SPDI collected by Smartping from its employees (refer Appendix 2), suppliers, clients, prospects or onsite consultants or by lead generation for the purpose of employment, availing/providing services etc.

You will at all times have the option of not providing Smartping with PI/SPDI that Smartping seeks to collect. Even after you have provided Smartping with any PI/SPDI, you will have the option to access, modify, rectify or withdraw the consent given earlier by contacting Smartping at info@smartping.in or contact us on www.smartping.in. In such cases, Smartping will have the right to not provide or discontinue the provision of any service that is linked with such PI/SPDI.

Use of Information Collected:

Any information, if collected will be used in connection with the relevant purpose as communicated by Smartping to you via verbal or written method of any sort. The provider of information availing any Services from Smartping shall be deemed to have consented to Smartping for the use of such information as under this policy. Employees, suppliers, clients, prospects or consultants of Smartping shall be duly advised about the purpose for which any Information is being collected at the time of such collection. We will not use your personal data for purposes that are incompatible with the purposes of which you have been informed, unless it is required or authorized by law, or it is in your own vital interest (e.g. in case of a medical emergency) to do so.

Sharing of Information:

Where PI/SPDI is required to be shared, arising out of any contractual obligation, Smartping shall part with such PI/SPDI only in accordance with your consent for the same. To the extent necessary to provide you the requested Services or to the extent required under applicable law, we may transfer personal data with individuals or following third parties in connection with a (potential) corporate or commercial transaction. Before we do so, we shall take the necessary steps to ensure that your personal data will be given adequate protection as required by relevant data privacy laws and Smartpings internal policies. Smartping may also transfer your personal data to any of its global affiliates/partners in furtherance of any visits to our Smartping locations:

  1. Employees or Consultants (including auditors, authorized vendors) on a 'need to know' basis under a Non-Disclosure Agreement.
  2. Governmental authorities, in such manner as permitted or required by applicable law; and
  3. Legal proceedings: In the event, Smartping is required to respond to subpoenas, court orders or other legal process, your PI/SPDI may be disclosed pursuant to such subpoena, court order or legal process, which may be without notice to you.

Security of Information:

Smartping strives to ensure the security, integrity and privacy of your PI/SPDI and adequacy of protection of your Information against unauthorized access, alteration, disclosure or destruction. Stringent security measures (physical, electronic and managerial) are in place to protect against the loss, misuse, and alteration of the PI/SPDI under our control. Smartpings servers are accessible only to authorized personnel and your Information is shared with employees and authorized personnel strictly on a 'need to know' basis. Smartping periodically assesses, audits and updates its information security protocols and policies to achieve the highest standards on a continuous and ongoing basis. You may review the Information you have provided to Smartping at any time. On your request, Smartping will ensure that any PI/SPDI notified to be inaccurate or deficient, shall be corrected or amended. However, Smartping shall not be responsible for the authenticity of the PI/ SPDI.

Notwithstanding anything contained in this Privacy Policy or elsewhere, Smartping shall not be held responsible for any loss, damage or misuse of your PI/SPDI, if such loss, damage or misuse is attributable to a Force Majeure Event.

Employees/Relevant Individuals Obligations Consequences of Violations:

Every Smartping Employee/Relevant Individual, who deals with or comes into contact with Personal Data regardless of its origin, shall have a responsibility to comply with the applicable law concerning data privacy and specific privacy practices. The Employee/Relevant Individual should seek advice in the event of any ambiguity while dealing with Personal Data or in understanding this Policy. The Employee/Relevant Individual shall be diligent and extend caution while dealing with Personal Data of others, in the course of performance of his/her duties and shall also, at all times:

  1. Prevent any un-authorized person from having access to any computer systems processing Personal Data, and especially:
  2. un-authorized reading, copying, alteration, deletion or removal of data
  3. un-authorized data input, disclosure, uploading, transmission/transfer of Personal Data
  4. Abide by Smartping internal logical and physical security policies and procedures.
  5. Ensure that authorized users of a data-processing system can access only the Personal Data to which their access right refers.
  6. Keep a record of which personal data have been communicated, when and to whom.
  7. Not provide any Personal Data to any third party without first consulting with his/her Manager or the Human Resources Department.
  8. Ensure that Personal Data processed on behalf of a third party (client) can be processed only in the manner prescribed by such third party.
  9. Ensure that, during communication of Personal Data and transfer of storage media, the data cannot be read, copied or erased without authorization.
  10. Immediately, on becoming aware report and notify any vulnerabilities and privacy related breach/security breaches (including potential risks).
  11. Attend trainings on security and data privacy

Failure to comply with the Policy and applicable laws may have serious consequences and can expose both Smartping and the Employee/Relevant Individual to damages, criminal fines and penalties. It is important to note that any non-compliance with this Policy is taken very seriously by Smartping and may lead to initiation of appropriate disciplinary actions including but not limited to Employee dismissal or Relevant Individual termination.

Retention and Revocation of Information:

It is Smartpings policy to retain certain Personal Data of the relevant individuals when they cease to be employed/ engaged by Smartping. This Personal Data may be required for Smartpings legal and business purposes, including any residual activities relating to the employment/engagement, including for example, provision of references, processing of applications for re-employment/re-engagement, matters relating to retirement benefits (if applicable) and allowing Smartping to fulfil any of its contractual or statutory obligations.

We will retain your personal data only for as long as is necessary. We maintain specific records management and retention policies and procedures, so that personal data is deleted after a reasonable time according to the following retention criteria:

  • We retain your data as long as we have an ongoing relationship with you (in particular, if you have an account with us)
  • We will only keep the data while your account is active or for as long as needed to provide services to you
  • We retain your data for as long as needed in order to comply with our global legal and contractual obligations

Once Smartping no longer requires the Personal Data, it is destroyed appropriately and securely or anonymized in accordance with the law. Services transactional data is retained for three years.

Inquiries/Notification of Changes for Employees

You are entitled (in the circumstances and under the conditions, and subject to the exceptions, set out in applicable law) to:

  • Request access to the personal data we process about you: this right entitles you to know whether we hold personal data about you and, if we do, to obtain information on and a copy of that personal data
  • Request a rectification of your personal data: this right entitles you to have your personal data be corrected if it is inaccurate or incomplete
  • Object to the processing of your personal data: this right entitles you to request that Smartping no longer processes your personal data
  • Request the erasure of your personal data: this right entitles you to request the erasure of your personal data, including where such personal data would no longer be necessary to achieve the purposes
  • Request the restriction of the processing of your personal data: this right entitles you to request that Smartping only processes your personal data in limited circumstances, including with your consent
  • Request portability of your personal data: this right entitles you to receive a copy (in a structured, commonly used and machine-readable format) of personal data that you have provided to Smartping, or request Smartping to transmit such personal data to another data controller

You may contact Smartping at info@smartping.in

Appendix 1

  • Rule 2 (i)
    Personal information" means any information that relates to a natural person, which, either directly or indirectly, in combination with other information available or likely to be available with a body corporate, is capable of identifying such person.
  • Rule 3
    Sensitive personal data or information of a person means such personal information which consists of information relating to:-
  • password;
  • financial information such as Bank account or credit card or debit card or other payment instrument details ;
  • physical, physiological and mental health condition;
  • sexual orientation;
  • medical records and history;
  • Biometric information;
  • any detail relating to the above clauses as provided to body corporate for providing service; and
  • any of the information received under above clauses by body corporate for processing, stored or processed under lawful contract or otherwise:
    provided that, any information that is freely available or accessible in public domain or furnished under the Right to Information Act, 2005 or any other law for the time being in force shall not be regarded as sensitive personal data or information for the purposes of these rules.
  • Information collected from Registered Users:
    Sensitive personal data or information of a person means such personal information which consists of information relating to:-
  • Name
  • Date of Birth
  • Address
  • Email ID
  • Gender
  • Phone number
  • Transaction details like mobile number, email, message text.

Appendix 2

Information stored for the purpose of employment/potential employment:

Last Name Middle NameFirst NameDOBPlace of BirthPresent residential addressPermanent residential addressMarital statusPerson to notify in case of emergencyPersonal Contact DetailsEmail IDDate of joining SmartpingFathers/ Husbands namePan Card numberPassport numberLast NamePassport – Date of issuePassport – Place of issuePassport – Date of expiry

Reference 1:Reporting ManagerReference 2: HRDetails of visits abroadPrevious Employer NameTotal Year(s) of experienceBlood groupSpouse NameDOB Of SpouseName of 1st Child DOBName of 2nd Child DOBMention your HobbiesGenderDriving LicenseNationalityAll Education attained till dateAll Professional Qualifications

Employment HistoryCompany NameAddressLine Managers Name DesignationLast Position / Designation HeldDates of EmploymentSummary of Responsibilities:Reason for Leaving:Last Remuneration Package in LocalStatus

Employment ParticularsHave you ever been a temporary, contractual, volunteer or an outsourced employee?Have you ever been deputed to work at a company while being on the roles of a different company?

Personal ParticularsHave you ever been refused entry to a foreign country?Have you ever been arrested or convicted in a court of law?Have you ever been declared bankrupt?Have you ever been suspended or dismissed by an employer?Do you have any relatives currently employed at the Firm?Have you ever been disqualified from acting as a Director?

ReferencesFull NameDesignation / Job Title Company NameContact NumberNature of RelationshipYears knownResumeSigned Employee intellectual agreementSigned Compliance FormsDOB proofBank DetailsSigned Employment Documents